2,003 research outputs found
Bounded Fully Homomorphic Signature Schemes
Homomorphic signatures enable anyone to publicly perform computations on signed data and produce a compact tag to authenticate the results.
In this paper, we construct two bounded fully homomorphic signature schemes, as follows.
\begin{itemize}
\item For any two polynomials , where is the security parameter.
Our first scheme is able to evaluate any circuit on the signatures, as long as the depth and size of the circuit are bounded by and , respectively.
The construction relies on indistinguishability obfuscation and injective (or polynomially bounded pre-image size) one-way functions.
\medskip
\item The second scheme, removing the restriction on the size of the circuits, is an extension of the first one,
with succinct verification and evaluation keys.
More specifically, for an a-prior polynomial , the scheme allows to evaluate any circuit on the signatures, as long as the depth of the circuit is bounded by .
This scheme is based on differing-inputs obfuscation and collision-resistant hash functions and
relies on a technique called recording hash of circuits.
\end{itemize}
Both schemes enjoy the composition property.
Namely, outputs of previously derived signatures can be re-used as inputs for new computations.
The length of derived signatures in both schemes is independent of the size of the data set.
Moreover, both constructions satisfy a strong privacy notion, we call {\em semi-strong context hiding}, which requires that
the derived signatures of evaluating any circuit on the signatures of two data sets are {\em identical} as long as the evaluations of the circuit on these two data sets are the same
Fully leakage-resilient signatures revisited: Graceful degradation, noisy leakage, and construction in the bounded-retrieval model
We construct new leakage-resilient signature schemes. Our schemes remain unforgeable against an adversary leaking arbitrary (yet bounded) information on the entire state of the signer (sometimes known as fully leakage resilience), including the random coin tosses of the signing algorithm. The main feature of our constructions is that they offer a graceful degradation of security in situations where standard existential unforgeability is impossible
Ring Learning With Errors: A crossroads between postquantum cryptography, machine learning and number theory
The present survey reports on the state of the art of the different
cryptographic functionalities built upon the ring learning with errors problem
and its interplay with several classical problems in algebraic number theory.
The survey is based to a certain extent on an invited course given by the
author at the Basque Center for Applied Mathematics in September 2018.Comment: arXiv admin note: text overlap with arXiv:1508.01375 by other
authors/ comment of the author: quotation has been added to Theorem 5.
General Impossibility of Group Homomorphic Encryption in the Quantum World
Group homomorphic encryption represents one of the most important building
blocks in modern cryptography. It forms the basis of widely-used, more
sophisticated primitives, such as CCA2-secure encryption or secure multiparty
computation. Unfortunately, recent advances in quantum computation show that
many of the existing schemes completely break down once quantum computers reach
maturity (mainly due to Shor's algorithm). This leads to the challenge of
constructing quantum-resistant group homomorphic cryptosystems.
In this work, we prove the general impossibility of (abelian) group
homomorphic encryption in the presence of quantum adversaries, when assuming
the IND-CPA security notion as the minimal security requirement. To this end,
we prove a new result on the probability of sampling generating sets of finite
(sub-)groups if sampling is done with respect to an arbitrary, unknown
distribution. Finally, we provide a sufficient condition on homomorphic
encryption schemes for our quantum attack to work and discuss its
satisfiability in non-group homomorphic cases. The impact of our results on
recent fully homomorphic encryption schemes poses itself as an open question.Comment: 20 pages, 2 figures, conferenc
Secure and Private Implementation of Dynamic Controllers Using Semi-Homomorphic Encryption
This paper presents a secure and private implementation of linear
time-invariant dynamic controllers using Paillier's encryption, a
semi-homomorphic encryption method. To avoid overflow or underflow within the
encryption domain, the state of the controller is reset periodically. A control
design approach is presented to ensure stability and optimize performance of
the closed-loop system with encrypted controller.Comment: Improved numerical exampl
- …