Achievable CCA2 Relaxation for Homomorphic Encryption

Adi Akavia, Craig Gentry, Shai Halevi, Margarita Vald

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Homomorphic encryption (HE) protects data in-use, but can be computationally expensive. To avoid the costly bootstrapping procedure that refreshes ciphertexts, some works have explored client-aided outsourcing protocols, where the client intermittently refreshes ciphertexts for a server that is performing homomorphic computations. But is this approach secure against malicious servers? We present a CPA-secure encryption scheme that is completely insecure in this setting. We define a new notion of security, called funcCPA, that we prove is sufficient. Additionally, we show: Homomorphic encryption schemes that have a certain type of circuit privacy – for example, schemes in which ciphertexts can be “sanitized" – are funcCPA-secure.In particular, assuming certain existing HE schemes are CPA-secure, they are also funcCPA-secure.For certain encryption schemes, like Brakerski-Vaikuntanathan, that have a property that we call oblivious secret key extraction, funcCPA-security implies circular security – i.e., that it is secure to provide an encryption of the secret key in a form usable for bootstrapping (to construct fully homomorphic encryption). Namely, funcCPA-security lies strictly between CPA-security and CCA2-security (under reasonable assumptions), and has an interesting relationship with circular security, though it is not known to be equivalent.

Original languageAmerican English
Title of host publicationTheory of Cryptography - 20th International Conference, TCC 2022, Proceedings
EditorsEike Kiltz, Vinod Vaikuntanathan
PublisherSpringer Science and Business Media Deutschland GmbH
Pages70-99
Number of pages30
ISBN (Print)9783031223648
DOIs
StatePublished - 2022
Event20th Theory of Cryptography Conference, TCC 2022 - Chicago, United States
Duration: 7 Nov 202210 Nov 2022

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume13748 LNCS

Conference

Conference20th Theory of Cryptography Conference, TCC 2022
Country/TerritoryUnited States
CityChicago
Period7/11/2210/11/22

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Achievable CCA2 Relaxation for Homomorphic Encryption'. Together they form a unique fingerprint.

Cite this