Ecole Polytechnique Federale de Lausanne
Following both theoretical and practical arguments, the authors construct UC-secure bit-commitment protocols that place their strength on the sender's side and are built using tamper-evident devices, e.g., a type of distinguishable, sealed envelopes. They show that by using a second formalization of tamper-evident distinguishable envelopes they can attain better security guarantees, i.e., EUC-security. They show the relations between several flavours of weak bit-commitments, bit-commitments and distinguishable tamper-evident envelopes. They focus, at all points, on the lightweight nature of the underlying mechanisms and on the end-to-end human verifiability.