Skip to main content
SpringerLink
Log in

An Efficient Somewhat Homomorphic Encryption Scheme Based on Factorization

  • Conference paper
  • First Online:
Book cover Cryptology and Network Security (CANS 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10052))

Included in the following conference series:

Abstract

Surprisingly, most of existing provably secure FHE or SWHE schemes are lattice-based constructions. It is legitimate to question whether there is a mysterious link between homomorphic encryptions and lattices. This paper can be seen as a first (partial) negative answer to this question. We propose a very simple private-key (partially) homomorphic encryption scheme whose security relies on factorization. This encryption scheme deals with a secret multivariate rational function \(\phi _D\) defined over \(\mathbb {Z}_n\), n being an RSA-modulus. An encryption of x is simply a vector c such that \(\phi _D(c)=x+\textsf {noise}\). To get homomorphic properties, nonlinear operators are specifically developed. We first prove IND-CPA security in the generic ring model assuming the hardness of factoring. We then extend this model in order to integrate lattice-based cryptanalysis and we reduce the security of our scheme (in this extended model) to an algebraic condition. This condition is extensively discussed for several choices of parameters. Some of these choices lead to competitive performance with respect to other existing homomorphic encryptions. While quantum computers are not only dreams anymore, designing factorization-based cryptographic schemes might appear as irrelevant. But, it is important to notice that, in our scheme, the factorization of n is not required to decrypt. The factoring assumption simply ensures that solving nonlinear equations or finding non-null polynomials with many roots is difficult. Consequently, the ideas behind our construction could be re-used in rings satisfying these properties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    \({\varvec{s}}\cdot {\varvec{c}}\) denoting the scalar product between \({\varvec{s}}\) and \({\varvec{c}}\).

  2. 2.

    It comes from the fact that \(J_n(x)\mod p\) (resp. \(J_n(x)\mod q\)) is not a function of \(x\mod p\) (resp. \(x\mod q\)).

  3. 3.

    with non-negligible probability (the coin toss being the choice of n and the internal randomness of \(\mathcal {A}\)).

  4. 4.

    built without knowing the factorization of n.

  5. 5.

    with overwhelming probability.

  6. 6.

    which is not a polynomial but a rational function.

  7. 7.

    ensuring that its factorization was forgotten just after its generation.

  8. 8.

    \(\alpha _i\) can be seen as a \(\{+,-,\times \}\)-circuit C (independent of n) with \(|\theta _n|\) inputs.

  9. 9.

    it means that \(\alpha _i(s_{1},s_2,r_1\overline{x}_1,r_1\ldots ,r_t\overline{x}_t,r_t,s_{3},s_4,r_1',r_1''\ldots ,r_t',r_t'' )=\alpha _i(s_{3},s_4,r_1',r_1''\ldots ,r_t',r_t'' ,s_{1},s_2,r_1\overline{x}_1,r_1\ldots ,r_t\overline{x}_t,r_t)\). It should be noticed that \(\det S\) is a \(\kappa \)-symmetric polynomial defined over \(\theta _n\).

  10. 10.

    built in polynomial-time under the factoring assumption.

  11. 11.

    as explained for \(J_n\) in the introduction, there does not exist a rational function equal to the decryption function with non-negligible probability.

  12. 12.

    Ideally \(p(\overline{x})=\overline{x}.\).

  13. 13.

    with non-negligible probability, the coin toss being the internal randomness of \(\mathcal {A}\) and the choice of n.

  14. 14.

    with non-negligible, the toss coin being the internal randomness of \(\mathcal {A}\) and the choice of n.

  15. 15.

    Theorem 2 ensures that \(a_1(\theta _n),\ldots ,a_t(\theta _n)\) cannot be generically derived from \(\alpha _n\).

  16. 16.

    with overwhelming probability.

  17. 17.

    with overwhelming probability over the choice of n.

References

  1. Aggarwal, D., Maurer, U.: Breaking RSA generically is equivalent to factoring. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 36–53. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  2. Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. In: Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, FOCS 2011, pp. 97–106. IEEE Computer Society, Washington, DC (2011)

    Google Scholar 

  3. Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. Cryptology ePrint Archive, Report 2011/344 (2011). http://eprint.iacr.org/

  4. Coron, J.-S., Naccache, D., Tibouchi, M.: Public key compression and modulus switching for fully homomorphic encryption over the integers. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 446–464. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  5. Gavin, G.: An efficient somewhat homomorphic encryption scheme based on factorization. Cryptology ePrint Archive, Report 2016/897 (2016). http://eprint.iacr.org/2016/897

  6. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)

    Google Scholar 

  7. Gentry, C., Halevi, S., Smart, N.P.: Fully homomorphic encryption with polylog overhead. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 465–482. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  8. Gentry, C., Halevi, S., Smart, N.P.: Homomorphic evaluation of the AES circuit. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 850–867. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  9. Gentry, C., Sahai, A., Waters, B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 75–92. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  10. Jager, T., Schwenk, J.: On the analysis of cryptographic assumptions in the generic ring model. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 399–416. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  11. Kipnis, A., Hibshoosh, E.: Efficient methods for practical fully homomorphic symmetric-key encrypton, randomization and verification. Cryptology ePrint Archive, Report 2012/637 (2012). http://eprint.iacr.org/

  12. Lauter, K., Naehrig, M., Vaikuntanathan, V.: Can homomorphic encryption be practical? IACR Cryptology ePrint Archive 2011, p. 405 (2011)

    Google Scholar 

  13. Patarin, J.: Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996). doi:10.1007/3-540-68339-9_4

    Chapter  Google Scholar 

  14. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the 37th Annual ACM Symposium on Theory of Computing, Baltimore, MD, USA, pp. 84–93, 22–24 May 2005

    Google Scholar 

  15. Rothblum, R.: Homomorphic encryption: from private-key to public-key. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 219–234. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19571-6_14

    Chapter  Google Scholar 

  16. Stehlé, D., Steinfeld, R.: Faster Fully Homomorphic Encryption. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 377–394. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  17. van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully Homomorphic Encryption over the Integers. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 24–43. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  18. Xiao, L., Bastani, O., Yen, I-L.: An efficient homomorphic encryption protocol for multi-user systems. IACR Cryptology ePrint Archive 2012, p. 193 (2012)

    Google Scholar 

Download references

Acknowledgment

The authors thank the reviewers for their helpful remarks.

Author information

Authors and Affiliations

  1. ERIC - Université de Lyon, 5 av. Mendés France, 69676, Bron, France

    Gérald Gavin

Authors
  1. Gérald Gavin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gérald Gavin .

Editor information

Editors and Affiliations

  1. Università degli Studi di Milano, Crema, Italy

    Sara Foresti

  2. Università degli Studi di Salerno, Fisciano, Italy

    Giuseppe Persiano

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Gavin, G. (2016). An Efficient Somewhat Homomorphic Encryption Scheme Based on Factorization. In: Foresti, S., Persiano, G. (eds) Cryptology and Network Security. CANS 2016. Lecture Notes in Computer Science(), vol 10052. Springer, Cham. https://doi.org/10.1007/978-3-319-48965-0_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-48965-0_27

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-48964-3

  • Online ISBN: 978-3-319-48965-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation