128 research outputs found
Conditionals in Homomorphic Encryption and Machine Learning Applications
Homomorphic encryption aims at allowing computations on encrypted data
without decryption other than that of the final result. This could provide an
elegant solution to the issue of privacy preservation in data-based
applications, such as those using machine learning, but several open issues
hamper this plan. In this work we assess the possibility for homomorphic
encryption to fully implement its program without relying on other techniques,
such as multiparty computation (SMPC), which may be impossible in many use
cases (for instance due to the high level of communication required). We
proceed in two steps: i) on the basis of the structured program theorem
(Bohm-Jacopini theorem) we identify the relevant minimal set of operations
homomorphic encryption must be able to perform to implement any algorithm; and
ii) we analyse the possibility to solve -- and propose an implementation for --
the most fundamentally relevant issue as it emerges from our analysis, that is,
the implementation of conditionals (requiring comparison and selection/jump
operations). We show how this issue clashes with the fundamental requirements
of homomorphic encryption and could represent a drawback for its use as a
complete solution for privacy preservation in data-based applications, in
particular machine learning ones. Our approach for comparisons is novel and
entirely embedded in homomorphic encryption, while previous studies relied on
other techniques, such as SMPC, demanding high level of communication among
parties, and decryption of intermediate results from data-owners. Our protocol
is also provably safe (sharing the same safety as the homomorphic encryption
schemes), differently from other techniques such as
Order-Preserving/Revealing-Encryption (OPE/ORE).Comment: 14 pages, 1 figure, corrected typos, added introductory pedagogical
section on polynomial approximatio
Publicly-Verifiable Deletion via Target-Collapsing Functions
We build quantum cryptosystems that support publicly-verifiable deletion from
standard cryptographic assumptions. We introduce target-collapsing as a
weakening of collapsing for hash functions, analogous to how second preimage
resistance weakens collision resistance; that is, target-collapsing requires
indistinguishability between superpositions and mixtures of preimages of an
honestly sampled image.
We show that target-collapsing hashes enable publicly-verifiable deletion
(PVD), proving conjectures from [Poremba, ITCS'23] and demonstrating that the
Dual-Regev encryption (and corresponding fully homomorphic encryption) schemes
support PVD under the LWE assumption. We further build on this framework to
obtain a variety of primitives supporting publicly-verifiable deletion from
weak cryptographic assumptions, including:
- Commitments with PVD assuming the existence of injective one-way functions,
or more generally, almost-regular one-way functions. Along the way, we
demonstrate that (variants of) target-collapsing hashes can be built from
almost-regular one-way functions.
- Public-key encryption with PVD assuming trapdoored variants of injective
(or almost-regular) one-way functions. We also demonstrate that the encryption
scheme of [Hhan, Morimae, and Yamakawa, Eurocrypt'23] based on pseudorandom
group actions has PVD.
- with PVD for attribute-based encryption, quantum
fully-homomorphic encryption, witness encryption, time-revocable
encryption, assuming and trapdoored variants of injective (or
almost-regular) one-way functions.Comment: 52 page
Study of Fully Homomorphic Encryption over Integers
Fully homomorphic encryption has long been regarded as an open problem of cryptography. The method of constructing first fully homomorphic encryption scheme by Gentry is complicate so that it has been considered difficult to understand. This paper explains the idea of constructing fully homomorphic encryption and presents a general framework from various scheme of fully homomorphic encryption. Specially, this general framework can show some possible ways to construct fully homomorphic encryption. We then analyze the procedure how to obtaining fully homomorphic encryption over the integers. The analysis of recrypt procedure show the growth of noise, and the bound of noise in recrypt procedure is given. Finally, we describe the steps of implementation.
Publicly-Verifiable Deletion via Target-Collapsing Functions
We build quantum cryptosystems that support publicly-verifiable deletion from standard cryptographic assumptions. We introduce target-collapsing as a weakening of collapsing for hash functions, analogous to how second preimage resistance weakens collision resistance; that is, target-collapsing requires indistinguishability between superpositions and mixtures of preimages of an honestly sampled image.
We show that target-collapsing hashes enable publicly-verifiable deletion (PVD), proving conjectures from [Poremba, ITCS\u2723] and demonstrating that the Dual-Regev encryption (and corresponding fully homomorphic encryption) schemes support PVD under the LWE assumption. We further build on this framework to obtain a variety of primitives supporting publicly-verifiable deletion from weak cryptographic assumptions, including:
- Commitments with PVD assuming the existence of injective one-way functions, or more generally, almost-regular one-way functions. Along the way, we demonstrate that (variants of) target-collapsing hashes can be built from almost-regular one-way functions.
- Public-key encryption with PVD assuming trapdoored variants of injective (or almost-regular) one-way functions. We also demonstrate that the encryption scheme of [Hhan, Morimae, and Yamakawa, Eurocrypt\u2723] based on pseudorandom group actions has PVD.
- with PVD for attribute-based encryption, quantum fully-homomorphic encryption, witness encryption, time-revocable encryption, assuming and trapdoored variants of injective (or almost-regular) one-way functions
An efficient framework for privacy-preserving computations on encrypted IoT data
There are two fundamental expectations from Cloud-IoT applications using sensitive and personal data: data utility and user privacy. With the complex nature of cloud-IoT ecosystem, there is a growing concern about data utility at the cost of privacy. While the current state-of-the-art encryption schemes protect usersβ privacy, they preclude meaningful computations on encrypted data. Thus, the question remains βhow to help IoT device users benefit from cloud computing without compromising data confidentiality and user privacyβ? Cloud service providers (CSP) can leverage Fully homomorphic encryption (FHE) schemes to deliver privacy-preserving services. However, there are limitations in directly adopting FHE-based solutions for real-world Cloud-IoT applications. Thus, to foster real-world adoption of FHE-based solutions, we propose a framework called Proxy re-ciphering as a service. It leverages existing schemes such as distributed proxy servers, threshold secret sharing, chameleon hash function and FHE to tailor a practical solution that enables long-term privacy-preserving cloud computations for IoT ecosystem. We also encourage CSPs to store minimal yet adequate information from processing the raw IoT device data. Furthermore, we explore a way for IoT devices to refresh their device keys after a key-compromise. To evaluate the framework, we first develop a testbed and measure the latencies with real-world ECG records from TELE ECG Database. We observe that i) although the distributed framework introduces computation and communication latencies, the security gains outweighs the latencies, ii) the throughput of the servers providing re-ciphering service can be greatly increased with pre-processing iii) with a key refresh scheme we can limit the upper bound on the attack window post a key-compromise. Finally, we analyze the security properties against major threats faced by Cloud-IoT ecosystem. We infer that Proxy re-ciphering as a service is a practical, secure, scalable and an easy-to-adopt framework for long-term privacy-preserving cloud computations for encrypted IoT data
Parallel, scalable and bandwidth-optimized computational private information retrieval
With the current increase of interest in cloud computing, the security of user data stored in remote servers has become an important concern. Hiding access patterns of clients can be crucial in particular applications such as stock market or patent databases. Private Information Retrieval (PIR) is proposed to enable a client to retrieve a file stored in a cloud server without revealing the queried file to the server. In this work, we offer improvements to BddCpir, which is a PIR protocol proposed by Lipmaa. The original BddCpir uses Binary Decision Diagrams (BDD) as the data structure, where data items are stored at the sink nodes of the tree. First of all, we offer the usage of quadratic and octal trees instead, where every non-sink node has four and eight child nodes, respectively, to reduce the depth of the tree. By adopting more shallow trees, we obtain an improved server implementation which is an order of magnitude faster than the original scheme, without changing the asymptotic complexity. Secondly, we suggest a non-trivial parallelization method that takes advantage of the shared-memory multi-core architectures to further decrease server computation latencies. Finally, we show how to scale the PIR scheme for larger database sizes with only a small overhead in bandwidth complexity, with the utilization of shared-memory many-core processors. Consequently, we show how our scheme is bandwidth-efficient in terms of the data being exchanged in a run of the CPIR protocol, in proportion to the database size
Fully Homomorphic Encryption on large integers
At the core of fully homomorphic encryption lies a procedure to refresh the ciphertexts whose noise component has grown too big. The efficiency of the so-called bootstrap is of paramount importance as it is usually regarded as the main bottleneck towards a real-life deployment of fully homomorphic crypto-systems. In two of the fastest implementations so far, the space of messages is limited to binary integers. If the message space is extended to the discretized torus or equivalently to with values of large as compared to the dimension of the quotient ring in which the operations are realised, the bootstrap delivers incorrect results with far too high probability. As a consequence, the use of a residue numeral system to address large integers modulo would be of limited interest in practical situations without the following remedy: rather than increasing the polynomial degree and thus the computational cost, we introduce here a novel and simple technique (hereafter referred to as ``collapsing ) which, by grouping the components of the mask, attenuates both rounding errors and computational costs, and greatly helps to sharpen the correctness of the bootstrap. We then rigorously estimate the probability of success as well as the output error and determine practical parameters to reach a given correctness threshold
μμ μ»΄ν¨ν°μ λν μνΈνμ μκ³ λ¦¬μ¦
νμλ
Όλ¬Έ(λ°μ¬) -- μμΈλνκ΅λνμ : μμ°κ³Όνλν μ리과νλΆ, 2022. 8. μ΄νν¬.The advent of a quantum mechanical computer presents a clear threat to existing cryptography. On the other hand, the quantum computer also suggests the possibility of a new cryptographic protocol through the properties of quantum mechanics. These two perspectives, respectively, gave rise to a new field called post-quantum cryptography as a countermeasure against quantum attacks and quantum cryptography as a new cryptographic technology using quantum mechanics, which are the subject of this thesis.
In this thesis, we reconsider the security of the current post-quantum cryptography through a new quantum attack, model, and security proof. We present the fine-grained quantum security of hash functions as cryptographic primitives against preprocessing adversaries. We also bring recent quantum information theoretic research into cryptography, creating new quantum public key encryption and quantum commitment. Along the way, we resolve various open problems such as limitations of quantum algorithms with preprocessing computation, oracle separation problems in quantum complexity theory, and public key encryption using group action.μμμνμ μ΄μ©ν μ»΄ν¨ν°μ λ±μ₯μ μΌμ΄μ μκ³ λ¦¬μ¦ λ±μ ν΅ν΄ κΈ°μ‘΄ μνΈνμ λͺ
λ°±ν μνμ μ μνλ©°, μμμνμ μ±μ§μ ν΅ν μλ‘μ΄ μνΈνλ‘ν μ½μ κ°λ₯μ± λν μ μνλ€. μ΄λ¬ν λ κ°μ§ κ΄μ μ κ°κ° μ΄ νμ λ
Όλ¬Έμ μ£Όμ κ° λλ μμ곡격μ λν λμμ±
μΌλ‘μ¨μ λμμμνΈμ μμμνμ μ΄μ©ν μνΈκΈ°μ μΈ μμμνΈλΌκ³ λΆλ¦¬λ μλ‘μ΄ λΆμΌλ₯Ό λ°μμμΌ°λ€.
μ΄ νμ λ
Όλ¬Έμμλ νμ¬ λμμμνΈμ μμ μ±μ μλ‘μ΄ μμμνΈ κ³΅κ²© μκ³ λ¦¬μ¦κ³Ό λͺ¨λΈ, μμ μ± μ¦λͺ
μ ν΅ν΄ μ¬κ³ νλ€. νΉν μνΈνμ ν΄μ¬ν¨μμ μΌλ°©ν₯ν¨μ, μνΈνμ μμ¬λμμμ±κΈ°λ‘μμ λμμ μνΈ μμ μ±μ ꡬ체μ μΈ νκ°λ₯Ό μ μνλ€. λν μ΅κ·Ό μμμνμ μ°κ΅¬λ₯Ό μμμνΈμ λμ
ν¨μΌλ‘μ¨ μλ‘μ΄ μμ 곡κ°ν€μνΈμ μμ 컀λ°λ¨ΌνΈ λ±μ μλ‘μ΄ λ°κ²¬μ μ μνλ€. μ΄ κ³Όμ μμ μ μ²λ¦¬ κ³μ°μ ν¬ν¨ν μμμκ³ λ¦¬μ¦μ νκ³, μμ 볡μ‘κ³λ€μ μ€λΌν΄λΆλ¦¬ λ¬Έμ , κ΅°μ μμ©μ μ΄μ©ν 곡κ°ν€ μνΈ λ±μ μ¬λ¬ μ΄λ¦°λ¬Έμ λ€μ ν΄κ²°μ μ μνλ€.1 Introduction 1
1.1 Contributions 3
1.2 Related Works 11
1.3 Research Papers 13
2 Preliminaries 14
2.1 Quantum Computations 15
2.2 Quantum Algorithms 20
2.3 Cryptographic Primitives 21
I Post-Quantum Cryptography: Attacks, New Models, and Proofs 24
3 Quantum Cryptanalysis 25
3.1 Introduction 25
3.2 QROM-AI Algorithm for Function Inversion 26
3.3 Quantum Multiple Discrete Logarithm Problem 34
3.4 Discussion and Open problems 39
4 Quantum Random Oracle Model with Classical Advice 42
4.1 Quantum ROM with Auxiliary Input 44
4.2 Function Inversion 46
4.3 Pseudorandom Generators 56
4.4 Post-quantum Primitives 58
4.5 Discussion and Open Problems 59
5 Quantum Random Permutations with Quantum Advice 62
5.1 Bound for Inverting Random Permutations 64
5.2 Preparation 64
5.3 Proof of Theorem 68
5.4 Implication in Complexity Theory 74
5.5 Discussion and Open Problems 77
II Quantum Cryptography: Public-key Encryptions and Bit Commitments 79
6 Equivalence Theorem 80
6.1 Equivalence Theorem 81
6.2 Non-uniform Equivalence Theorem 83
6.3 Proof of Equivalence Theorem 86
7 Quantum Public Key Encryption 89
7.1 Swap-trapdoor Function Pairs 90
7.2 Quantum-Ciphertext Public Key Encryption 94
7.3 Group Action based Construction 99
7.4 Lattice based Construction 107
7.5 Discussion and Open Problems 113
7.6 Deferred Proof 114
8 Quantum Bit Commitment 119
8.1 Quantum Commitments 120
8.2 Efficient Conversion 123
8.3 Applications of Conversion 126
8.4 Discussion and Open Problems 137λ°
Theory and Practice of Cryptography and Network Security Protocols and Technologies
In an age of explosive worldwide growth of electronic data storage and communications, effective protection of information has become a critical requirement. When used in coordination with other tools for ensuring information security, cryptography in all of its applications, including data confidentiality, data integrity, and user authentication, is a most powerful tool for protecting information. This book presents a collection of research work in the field of cryptography. It discusses some of the critical challenges that are being faced by the current computing world and also describes some mechanisms to defend against these challenges. It is a valuable source of knowledge for researchers, engineers, graduate and doctoral students working in the field of cryptography. It will also be useful for faculty members of graduate schools and universities
- β¦