Afficher la notice abrégée

Threshold Linearly Homomorphic Encryption on $\mathbf{Z}/2^k\mathbf{Z}$

hal.structure.identifierLithe and fast algorithmic number theory [LFANT]
dc.contributor.authorCASTAGNOS, Guilhem
hal.structure.identifierExact Computing [LIRMM | ECO]
dc.contributor.authorLAGUILLAUMIE, Fabien
hal.structure.identifierInstitute IMDEA Software [Madrid]
dc.contributor.authorTUCKER, Ida
dc.date.accessioned2024-04-04T02:36:17Z
dc.date.available2024-04-04T02:36:17Z
dc.date.created2022
dc.date.issued2022
dc.date.conference2022-12-05
dc.identifier.urihttps://oskar-bordeaux.fr/handle/20.500.12278/190710
dc.description.abstractEnA threshold public key encryption protocol is a public key system where the private key is distributed among n different servers. It offers high security since no single server is entrusted to perform the decryption in its entirety. It is the core component of many multiparty computation protocols which involves mutually distrusting parties with common goals. It is even more useful when it is homomorphic, which means that public operations on ciphertexts translate to operations on the underlying plaintexts. In particular, Cramer, Damgård and Nielsen at Eurocrypt 2001 provided a new approach to multiparty computation from linearly homomorphic threshold encryption schemes. On the other hand, there has been recent interest in developing multiparty computations modulo $2^k$ for a certain integer k, that closely match data manipulated by a CPU. Multiparty computation would therefore benefit from an encryption scheme with such a message space that would support a distributed decryption. In this work, we provide the first threshold linearly homomorphic encryption whose message space is $\mathbf{Z}/2^k\mathbf{Z}$ for any $k$. It is inspired by Castagnos and Laguillaumie's encryption scheme from RSA 2015, but works with a class group of discriminant whose factorisation is unknown. Its natural structure à la Elgamal makes it possible to distribute the decryption among servers using linear integer secret sharing, allowing any access structure for the decryption policy. Furthermore its efficiency and its flexibility on the choice of the message space make it a good candidate for applications to multiparty computation.
dc.description.sponsorshipCalcul réparti sécurisé : Cryptographie, Combinatoire, Calcul Formel - ANR-21-CE39-0006
dc.description.sponsorshipSecure computations - ANR-22-PECY-0003
dc.language.isoen
dc.publisherSpringer Nature Switzerland
dc.publisher.locationCham
dc.source.titleAdvances in Cryptology – ASIACRYPT 2022
dc.subject.enClass groups of quadratic fields
dc.subject.enLinearly homomorphic encryption
dc.subject.enThreshold cryptography
dc.title.enThreshold Linearly Homomorphic Encryption on $\mathbf{Z}/2^k\mathbf{Z}$
dc.typeCommunication dans un congrès
dc.identifier.doi10.1007/978-3-031-22966-4_4
dc.subject.halInformatique [cs]/Cryptographie et sécurité [cs.CR]
dc.description.sponsorshipEuropeCryptography for Privacy and Integrity of Computation on Untrusted Machines
bordeaux.page99-129
bordeaux.volume13792
bordeaux.hal.laboratoriesInstitut de Mathématiques de Bordeaux (IMB) - UMR 5251*
bordeaux.institutionUniversité de Bordeaux
bordeaux.institutionBordeaux INP
bordeaux.institutionCNRS
bordeaux.conference.titleASIACRYPT 2022 - International Conference on the Theory and Application of Cryptology and Information Security
bordeaux.countryTW
bordeaux.title.proceedingAdvances in Cryptology – ASIACRYPT 2022
bordeaux.conference.cityTaipei
bordeaux.peerReviewedoui
hal.identifierhal-03936038
hal.version1
hal.invitednon
hal.proceedingsoui
hal.conference.end2022-12-09
hal.popularnon
hal.audienceInternationale
hal.origin.linkhttps://hal.archives-ouvertes.fr//hal-03936038v1
bordeaux.COinSctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.btitle=Advances%20in%20Cryptology%20%E2%80%93%20ASIACRYPT%202022&rft.date=2022&rft.volume=13792&rft.spage=99-129&rft.epage=99-129&rft.au=CASTAGNOS,%20Guilhem&LAGUILLAUMIE,%20Fabien&TUCKER,%20Ida&rft.genre=unknown


Fichier(s) constituant ce document

FichiersTailleFormatVue

Il n'y a pas de fichiers associés à ce document.

Ce document figure dans la(les) collection(s) suivante(s)

Afficher la notice abrégée