Communication Complexity in Algebraic Two-Party Protocols

In cryptography, there has been tremendous success in building various two-party protocols with small communication complexity out of homomorphic semantically-secure encryption schemes, using their homomorphic properties in a black-box way. A few notable examples of such primitives include items like single database Private Information Retrieval (PIR) schemes (introduced in [15]) and private database update with small communication (introduced in [5]). In this paper, we illustrate a general methodology for determining what types of protocols can and cannot be implemented with small communication by using homomorphic encryption in a black-box way. We hope that this work will provide a simple "litmus test" of feasibility for black-box use of known homomorphic encryption schemes by other cryptographic researchers attempting to develop new protocols with low communication. Additionally, a precise mathematical language for reasoning about such problems is developed in this work, which may be of independent interest. We stress that the class of algebraic structures for which we prove communication complexity lower bounds is large, and covers practically all known semantically-secure homomorphic cryptosystems (including those based upon bilinear maps). Finally, we show the following equivalence which relates group homomorphic encryption and a major open question of designing a so-called fully-homomorphic cryptosystem: a fully homomorphic encryption scheme (over a non-zero ring) exists if and only if there exists homomorphic encryption over any finite non-abelian simple group. This result somewhat generalizes results of Barrington [1] (to any group containing a finite non-abelian simple subgroup) and of Maurer and Rhodes [18], and in fact gives a constructiveproof of the 1974 result Werner [28]. (This also answers an open question posed by Rappe in [23], who in 2004 proved a special case of this result.)

[1]  Dima Grigoriev,et al.  Homomorphic public-key cryptosystems over groups and rings , 2003, ArXiv.

[2]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[3]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[4]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[5]  Rafail Ostrovsky,et al.  A Survey of Single Database PIR: Techniques and Applications , 2007, IACR Cryptol. ePrint Arch..

[6]  Ueli Maurer,et al.  Lower Bounds on Generic Algorithms in Groups , 1998, EUROCRYPT.

[7]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[8]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[9]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[10]  Moti Yung,et al.  Non-interactive cryptocomputing for NC/sup 1/ , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[11]  Rafail Ostrovsky,et al.  A Survey of Single-Database Private Information Retrieval: Techniques and Applications , 2007, Public Key Cryptography.

[12]  Richard J. Lipton,et al.  Foundations of Secure Computation , 1978 .

[13]  Rafail Ostrovsky,et al.  Private Searching on Streaming Data , 2005, Journal of Cryptology.

[14]  Rafail Ostrovsky,et al.  Public Key Encryption That Allows PIR Queries , 2007, CRYPTO.

[15]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[16]  W. D. Maurer,et al.  A property of finite simple non-abelian groups , 1965 .

[17]  R. Tennant Algebra , 1941, Nature.

[18]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[19]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[20]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[21]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[22]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[23]  A. J. Menezes,et al.  Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007, Proceedings , 2007, CRYPTO.

[24]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[25]  David A. Mix Barrington,et al.  Bounded-Width Polynomial-Size Branching Programs Recognize Exactly Those Languages in NC¹ , 1989, J. Comput. Syst. Sci..

[26]  Yuval Ishai,et al.  Sufficient Conditions for Collision-Resistant Hashing , 2005, TCC.

[27]  David A. Mix Barrington,et al.  Bounded-width polynomial-size branching programs recognize exactly those languages in NC1 , 1986, STOC '86.

[28]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[29]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[30]  Doerte K. Rappe Homomorphic cryptosystems and their applications , 2005, IACR Cryptol. ePrint Arch..

[31]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[32]  Aggelos Kiayias,et al.  Advances in Cryptology - EUROCRYPT 2004 , 2004 .

[33]  Richard J. Lipton,et al.  Algorithms for Black-Box Fields and their Application to Cryptography (Extended Abstract) , 1996, CRYPTO.

[34]  Yan-Cheng Chang,et al.  Single Database Private Information Retrieval with Logarithmic Communication , 2004, ACISP.

[35]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[36]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[37]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[38]  H. O. Foulkes Abstract Algebra , 1967, Nature.

[39]  Rafail Ostrovsky,et al.  Algebraic Lower Bounds for Computing on Encrypted Data , 2007, Electron. Colloquium Comput. Complex..

[40]  Richard J. Lipton,et al.  Searching for Elements in Black Box Fields and Applications , 1996, CRYPTO 1996.