Cited By
View all- Fauzi PHovd MRaddum H(2021)A Practical Adaptive Key Recovery Attack on the LGM (GSW-like) CryptosystemPost-Quantum Cryptography10.1007/978-3-030-81293-5_25(483-498)Online publication date: 20-Jul-2021
Preventing Adaptive Key Recovery Attacks onźthe GSW Levelled Homomorphic EncryptionźScheme
Pages 373 - 383
Abstract
A major open problem is to protect levelled homomorphic encryption from adaptive attacks that allow an adversary to learn the private key. The only positive results in this area are by Loftus, May, Smart and Vercauteren. They use a notion of "valid ciphertexts" and obtain an IND-CCA1 scheme under a strong knowledge assumption, but they also show their scheme is not secure under a natural adaptive attack based on a "ciphertext validity oracle".
The main contribution of this paper is to explore a new approach to achieve security against adaptive attacks, which does not rely on a notion of "valid ciphertexts". Instead, our idea is to generate a "one-time" private key every time the decryption algorithm is run, so that even if an attacker can learn some bits of the one-time private key from each decryption query, this does not allow them to compute a valid private key. We demonstrate how this idea can be implemented with the Gentry-Sahai-Waters levelled homomorphic encryption scheme, and we give an informal explanation of why the known attacks no longer break the system.
References
[1]
Bleichenbacher, D.: Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1. In: Krawczyk, H. ed. CRYPTO 1998. LNCS, vol. 1462, pp. 1---12. Springer, Heidelberg 1998.
[2]
Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from standard lwe. In: Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, pp. 97---106. IEEE Computer Society 2011
[3]
Chenal, M., Tang, Q.: On key recovery attacks against existing somewhat homomorphic encryption schemes. In: Aranha, D.F., Menezes, A. eds. LATINCRYPT 2014. LNCS, vol. 8895, pp. 239---258. Springer, Heidelberg 2015.
[4]
Chenal, M., Tang, Q.: Key recovery attacks against NTRU-based somewhat homomorphic encryption schemes. In: Lopez, J., Mitchell, C.J. eds. ISC 2015. LNCS, vol. 9290, pp. 397---418. Springer, Heidelberg 2015.
[5]
Dahab, R., Galbraith, S., Morais, E.: Adaptive key recovery attacks on NTRU-based somewhat homomorphic encryption schemes. In: Lehmann, A., Wolf, S. eds. ICITS 2015. LNCS, vol. 9063, pp. 283---296. Springer, Heidelberg 2015.
[6]
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, pp. 169---169. ACM Press 2009
[7]
Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, pp. 197---206. ACM 2008
[8]
Gentry, C., Sahai, A., Waters, B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti, R., Garay, J.A. eds. CRYPTO 2013. LNCS, vol. 8042, pp. 75---92. Springer, Heidelberg 2013.
[9]
Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions. In: Proceedings of the Twenty-First Annual ACM Symposium on Theory of Computing, pp. 12---24. ACM 1989
[10]
Loftus, J., May, A., Smart, N.P., Vercauteren, F.: On CCA-secure somewhat homomorphic encryption. In: Miri, A., Vaudenay, S. eds. SAC 2011. LNCS, vol. 7118, pp. 55---72. Springer, Heidelberg 2012.
[11]
Micciancio, D., Regev, O.: Lattice-based cryptography. In: Bernstein, D.J., Buchmann, J., Dahmen, E. eds. Post-Quantum Cryptography, pp. 147---191. Springer, Heidelberg 2009
[12]
Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem. In: Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, pp. 333---342. ACM 2009
[13]
Peikert, C., et al.: Decade of Lattice Cryptography. World Scientific 2016
[14]
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the Thirty-Seventh Annual ACM Symposium on Theory of Computing, pp. 84---93. ACM 2005
[15]
Smart, N.P., Vercauteren, F.: Fully homomorphic encryption with relatively small key and ciphertext sizes. In: Nguyen, P.Q., Pointcheval, D. eds. PKC 2010. LNCS, vol. 6056, pp. 420---443. Springer, Heidelberg 2010.
[16]
Zhang, Z., Plantard, T., Susilo, W.: On the CCA-1 security of somewhat homomorphic encryption over the integers. In: Ryan, M.D., Smyth, B., Wang, G. eds. ISPEC 2012. LNCS, vol. 7232, pp. 353---368. Springer, Heidelberg 2012.
- Preventing Adaptive Key Recovery Attacks onźthe GSW Levelled Homomorphic EncryptionźScheme
Recommendations
A Public Key Encryption Scheme Secure against Key Dependent Chosen Plaintext and Adaptive Chosen Ciphertext Attacks
Proceedings of the 28th Annual International Conference on Advances in Cryptology - EUROCRYPT 2009 - Volume 5479Recently, at Crypto 2008, Boneh, Halevi, Hamburg, and Ostrovsky BHHO solved the long-standing open problem of "circular encryption," by presenting a public key encryption scheme and proving that it is semantically secure against key dependent chosen ...
Multi-bit Leveled Homomorphic Encryption of Message Matrices
ICCSP 2018: Proceedings of the 2nd International Conference on Cryptography, Security and PrivacyFully homomorphic encryption (FHE) makes it easier for cloud computing to be consistent with privacy. But the efficiency of existing FHE schemes is still far from the actual needs. The main cause is that most of existing FHE schemes are single-bit ...
Chosen ciphertext secure keyed-homomorphic public-key cryptosystems
In homomorphic encryption schemes, anyone can perform homomorphic operations, and therefore, it is difficult to manage when, where and by whom they are performed. In addition, the property that anyone can "freely" perform the operation inevitably means ...
Comments
Information & Contributors
Information
Published In
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 10 November 2016
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 08 Feb 2025
Other Metrics
Citations
Cited By
View all- Fauzi PHovd MRaddum H(2021)A Practical Adaptive Key Recovery Attack on the LGM (GSW-like) CryptosystemPost-Quantum Cryptography10.1007/978-3-030-81293-5_25(483-498)Online publication date: 20-Jul-2021