Distributed Shuffling in Adversarial Environments

Authors Kasper Green Larsen , Maciej Obremski , Mark Simkin

Thumbnail PDF


  • Filesize: 0.77 MB
  • 15 pages

Document Identifiers

Author Details

Kasper Green Larsen
  • Aarhus University, Denmark
Maciej Obremski
  • National University of Singapore, Singapore
Mark Simkin
  • Ethereum Foundation, Aarhus, Denmark

Cite AsGet BibTex

Kasper Green Larsen, Maciej Obremski, and Mark Simkin. Distributed Shuffling in Adversarial Environments. In 4th Conference on Information-Theoretic Cryptography (ITC 2023). Leibniz International Proceedings in Informatics (LIPIcs), Volume 267, pp. 10:1-10:15, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2023)


We study mix-nets in the context of cryptocurrencies. Here we have many computationally weak shufflers that speak one after another and want to joinlty shuffle a list of ciphertexts (c₁, … , c_n). Each shuffler can only permute k << n ciphertexts at a time. An adversary A can track some of the ciphertexts and adaptively corrupt some of the shufflers. We present a simple protocol for shuffling the list of ciphertexts efficiently. The main technical contribution of this work is to prove that our simple shuffling strategy does indeed provide good anonymity guarantees and at the same time terminates quickly. Our shuffling algorithm provides a strict improvement over the current shuffling strategy in Ethereum’s block proposer elections. Our algorithm is secure against a stronger adversary, provides provable security guarantees, and is comparably in efficiency to the current approach.

Subject Classification

ACM Subject Classification
  • Theory of computation → Distributed algorithms
  • Distributed Computing
  • Shuffling


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. Dave Bayer and Persi Diaconis. Trailing the dovetail shuffle to its lair. The Annals of Applied Probability, pages 294-313, 1992. Google Scholar
  2. Stephanie Bayer and Jens Groth. Efficient zero-knowledge argument for correctness of a shuffle. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 263-280. Springer, 2012. Google Scholar
  3. Mihir Bellare, Alexandra Boldyreva, Anand Desai, and David Pointcheval. Key-privacy in public-key encryption. In International Conference on the Theory and Application of Cryptology and Information Security, pages 566-582. Springer, 2001. Google Scholar
  4. Dan Boneh, Saba Eskandarian, Lucjan Hanzlik, and Nicola Greco. Single secret leader election. In Proceedings of the 2nd ACM Conference on Advances in Financial Technologies, pages 12-24, 2020. Google Scholar
  5. Dan Boneh, Rosario Gennaro, Steven Goldfeder, Aayush Jain, Sam Kim, Peter MR Rasmussen, and Amit Sahai. Threshold cryptosystems from threshold fully homomorphic encryption. In Annual International Cryptology Conference, pages 565-596. Springer, 2018. Google Scholar
  6. Joseph Bonneau, Arvind Narayanan, Andrew Miller, Jeremy Clark, Joshua A Kroll, and Edward W Felten. Mixcoin: Anonymity for bitcoin with accountable mixes. In International Conference on Financial Cryptography and Data Security, pages 486-504. Springer, 2014. Google Scholar
  7. Benedikt Bünz, Jonathan Bootle, Dan Boneh, Andrew Poelstra, Pieter Wuille, and Greg Maxwell. Bulletproofs: Short proofs for confidential transactions and more. In 2018 IEEE Symposium on Security and Privacy (SP), pages 315-334. IEEE, 2018. Google Scholar
  8. Ran Canetti. Universally composable security: A new paradigm for cryptographic protocols. In Proceedings 42nd IEEE Symposium on Foundations of Computer Science, pages 136-145. IEEE, 2001. Google Scholar
  9. Dario Catalano, Dario Fiore, and Emanuele Giunta. Efficient and universally composable single secret leader election from pairings. Cryptology ePrint Archive, Paper 2021/344, 2021. URL: https://eprint.iacr.org/2021/344.
  10. Dario Catalano, Dario Fiore, and Emanuele Giunta. Adaptively secure single secret leader election from ddh. In Proceedings of the 2022 ACM Symposium on Principles of Distributed Computing, 2022. Google Scholar
  11. David L Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84-90, 1981. Google Scholar
  12. Persi Diaconis and Mehrdad Shahshahani. Generating a random permutation with random transpositions. Zeitschrift für Wahrscheinlichkeitstheorie und verwandte Gebiete, 57(2):159-179, 1981. Google Scholar
  13. Taher ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE transactions on information theory, 31(4):469-472, 1985. Google Scholar
  14. Ethereum. Whisk: A practical shuffle-based ssle protocol for ethereum. Accessed 09/09/2022, 2022. Google Scholar
  15. Jun Furukawa and Kazue Sako. An efficient scheme for proving a shuffle. In Annual International Cryptology Conference, pages 368-387. Springer, 2001. Google Scholar
  16. Sanjam Garg, Craig Gentry, Shai Halevi, Mariana Raykova, Amit Sahai, and Brent Waters. Candidate indistinguishability obfuscation and functional encryption for all circuits. In Proceedings of the 2013 IEEE 54th Annual Symposium on Foundations of Computer Science, pages 40-49, 2013. Google Scholar
  17. Johan Håstad. The square lattice shuffle. Random Structures and Algorithms, 29(4):466-474, 2006. Google Scholar
  18. Johan Håstad. The square lattice shuffle, correction. Random Structures and Algorithms, 48(1):213, 2016. Google Scholar
  19. Max Hoffmann, Michael Klooß, and Andy Rupp. Efficient zero-knowledge arguments in the discrete log setting, revisited. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pages 2093-2110, 2019. Google Scholar
  20. Markus Jakobsson, Ari Juels, and Ronald L Rivest. Making mix nets robust for electronic voting by randomized partial checking. In 11th USENIX Security Symposium (USENIX Security 02), 2002. Google Scholar
  21. Gregory Maxwell. Coinjoin: Bitcoin privacy for the real world. Accessed 09/09/2022, 2013. Google Scholar
  22. Ben Morris and Phillip Rogaway. Sometimes-recurse shuffle. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 311-326. Springer, 2014. Google Scholar
  23. C Andrew Neff. A verifiable secret shuffle and its application to e-voting. In Proceedings of the 8th ACM conference on Computer and Communications Security, pages 116-125, 2001. Google Scholar
  24. Torben Pryds Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Annual international cryptology conference, pages 129-140. Springer, 1991. Google Scholar
  25. Thomas Ristenpart and Scott Yilek. The mix-and-cut shuffle: small-domain encryption secure against n queries. In Annual Cryptology Conference, pages 392-409. Springer, 2013. Google Scholar
  26. Kazue Sako and Joe Kilian. Receipt-free mix-type voting scheme. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 393-403. Springer, 1995. Google Scholar
  27. Edward O Thorp. Nonrandom shuffling with applications to the game of faro. Journal of the American Statistical Association, 68(344):842-847, 1973. Google Scholar
Questions / Remarks / Feedback

Feedback for Dagstuhl Publishing

Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail