学术文献库

There are often situations where two remote users each have data, and wish to (i) verify the equality of their data, and (ii) whenever a discrepancy is found afterwards, determine which of the two modified his data. The most common example is where they want to authenticate messages they exchange. Another possible example is where they have a huge database and its mirror in remote places, and whenever a discrepancy is found between their data, they can determine which of the two users is to blame. Of course, if one is allowed to use computational assumptions, this function can be realized readily, e.g., by using digital signatures. However, if one needs information-theoretic security, there is no known method that realizes this function efficiently, i.e., with secret key, communication, and trusted third parties all being sufficiently small. In order to realize this function efficiently with information-theoretic security, we here define the ``equality-testing protocol with dispute resolution'' as a new framework. The most significant difference between our protocol and the previous methods with similar functions is that we allow the intervention of a trusted third party when checking the equality of the data. In this new framework, we also present an explicit protocol that is information-theoretically secure and efficient.