A New Additive Homomorphic Encryption based on the co-ACD Problem

We propose an efficient additive homomorphic encryption scheme. In our scheme, an encryption of a message is simply its noisy modular reduction by several different moduli. The security of our scheme relies on the hardness of a new problem, the co-Approximate Common Divisor problem. We analyze its hardness by applying all known attacks and devising dedicated attacks. These analyses are not complete, but give sufficiently plausible evidence for the hardness of this new problem. Our scheme has an advantage in the performance since both of encryption and decryption consist of only several modular multiplications where a modulus is a hard-to-factor integer N or its prime factor, whereas the previous require more expensive modular exponentiations. In fact, our rudimentary implementation demonstrates that our public-key encryption scheme requires about 0.72ms, 4.00μs and 0.40μs for encryption, decryption and an addition of ciphertexts, respectively. It also takes about 40μs to compute an encryption of the mean of 1000 integers of 128-bit from their ciphertexts. To the best of our knowledge, our encryption scheme is the most efficient of those that support an additive homomorphic property. As an application of additive homomorphic encryption, we present how to efficiently evaluate a symmetric polynomial by additionally providing ciphertexts of some powers of messages. We also present a threshold version of our encryption scheme for smooth adoption of our scheme to advanced applications such as private set operations.

[1]  Jonathan Katz,et al.  Constant-Round Multi-party Private Set Union Using Reversed Laurent Series , 2012, Public Key Cryptography.

[2]  Nadia Heninger,et al.  Approximate common divisors via lattices , 2011, IACR Cryptol. ePrint Arch..

[3]  Jung Hee Cheon,et al.  Invertible Polynomial Representation for Private Set Operations , 2013, ICISC.

[4]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[5]  Jan Camenisch,et al.  Group signature schemes and payment systems based on the discrete logarithm problem , 1998 .

[6]  Christopher Umans,et al.  Fast polynomial factorization and modular composition in small characteristic , 2008, STOC.

[7]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[8]  Marc Joye,et al.  Efficient Cryptosystems From 2k-th Power Residue Symbols , 2013, IACR Cryptol. ePrint Arch..

[9]  Nigel P. Smart,et al.  Estimating Key Sizes for High Dimensional Lattice-Based Systems , 2013, IMACC.

[10]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[11]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[12]  Xiaomin Liu,et al.  Efficient Oblivious Pseudorandom Function with Applications to Adaptive OT and Secure Computation of Set Intersection , 2009, TCC.

[13]  Josh Benaloh Verifiable secret-ballot elections , 1987 .

[14]  Ivan Damgård,et al.  Universally Composable Efficient Multiparty Computation from Threshold Homomorphic Encryption , 2003, CRYPTO.

[15]  Keith B. Frikken Privacy-Preserving Set Union , 2007, ACNS.

[16]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[17]  Elaine B. Barker,et al.  Recommendation for key management: , 2019 .

[18]  Jean-Sébastien Coron,et al.  Fully Homomorphic Encryption over the Integers with Shorter Public Keys , 2011, IACR Cryptol. ePrint Arch..

[19]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[20]  Ivan Damgård,et al.  Perfect Hiding and Perfect Binding Universally Composable Commitment Schemes with Constant Expansion Factor , 2001, CRYPTO.

[21]  Jan Camenisch,et al.  A Group Signature Scheme with Improved Efficiency , 1998, ASIACRYPT.

[22]  Craig Gentry,et al.  A Simple BGN-Type Cryptosystem from LWE , 2010, EUROCRYPT.

[23]  Jacques Stern,et al.  A new public key cryptosystem based on higher residues , 1998, CCS '98.

[24]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[25]  Ivan Damgård,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000, EUROCRYPT.

[26]  Jung Hee Cheon,et al.  Batch Fully Homomorphic Encryption over the Integers , 2013, EUROCRYPT.

[27]  M. Hellman The Mathematics of Public-Key Cryptography , 1979 .

[28]  Jacques Stern,et al.  Sharing Decryption in the Context of Voting or Lotteries , 2000, Financial Cryptography.

[29]  I. Damgård,et al.  A Generalisation, a Simplification and some Applications of Paillier’s Probabilistic Public-Key System , 2000 .

[30]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[31]  Ivan Damgård,et al.  A generalization of Paillier’s public-key system with applications to electronic voting , 2010, International Journal of Information Security.

[32]  Ron Rothblum,et al.  Homomorphic Encryption: from Private-Key to Public-Key , 2011, Electron. Colloquium Comput. Complex..

[33]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[34]  Vitaly Shmatikov,et al.  Efficient Two-Party Secure Computation on Committed Inputs , 2007, EUROCRYPT.

[35]  Javier Herranz,et al.  Additively Homomorphic Encryption with d-Operand Multiplications , 2010, IACR Cryptol. ePrint Arch..

[36]  Don Coppersmith,et al.  Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities , 1997, Journal of Cryptology.

[37]  Alexander May,et al.  Solving Linear Equations Modulo Divisors: On Factoring Given Any Bits , 2008, ASIACRYPT.

[38]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[39]  Tatsuaki Okamoto,et al.  A New Public-Key Cryptosystem as Secure as Factoring , 1998, EUROCRYPT.

[40]  Nick Howgrave-Graham,et al.  Approximate Integer Common Divisors , 2001, CaLC.

[41]  Adi Shamir On the generation of multivariate polynomials which are hard to factor , 1993, STOC '93.

[42]  Jean-Sébastien Coron,et al.  Practical Multilinear Maps over the Integers , 2013, CRYPTO.

[43]  Rafail Ostrovsky,et al.  A Survey of Single-Database Private Information Retrieval: Techniques and Applications , 2007, Public Key Cryptography.

[44]  Phong Q. Nguyen,et al.  Faster Algorithms for Approximate Common Divisors: Breaking Fully-Homomorphic-Encryption Challenges over the Integers , 2012, IACR Cryptol. ePrint Arch..

[45]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[46]  Phong Q. Nguyen The Two Faces of Lattices in Cryptology , 2001, Selected Areas in Cryptography.

[47]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[48]  Jean-Sébastien Coron,et al.  Public Key Compression and Modulus Switching for Fully Homomorphic Encryption over the Integers , 2012, EUROCRYPT.