ABSTRACT
Multiparty fully homomorphic encryption (MFHE) schemes enable multiple parties to efficiently compute functions on their sensitive data while retaining confidentiality. However, existing MFHE schemes guarantee data confidentiality and the correctness of the computation result only against honest-but-curious adversaries. In this work, we provide the first practical construction that enables the verification of MFHE operations in zero-knowledge, protecting MFHE from malicious adversaries. Our solution relies on a combination of lattice-based commitment schemes and proof systems which we adapt to support both modern FHE schemes and their implementation optimizations. We implement our construction in PELTA. Our experimental evaluation shows that PELTA is one to two orders of magnitude faster than existing techniques in the literature.
- C. Aguilar-Melchor, J. Barrier, S. Guelton, A. Guinet, M.-O. Killijian, and T. Lepoint, "NFLlib: NTT-based fast lattice library," in Topics in Cryptology - CT-RSA, 2016.Google Scholar
- M. Ajtai, "Generating hard instances of lattice problems," in Annual ACM Symposium on Theory of Computing (STOC), 1996.Google Scholar
- M. Albrecht, M. Chase, H. Chen, J. Ding, S. Goldwasser, S. Gorbunov, S. Halevi, J. Hoffstein, K. Laine, K. Lauter, S. Lokam, D. Micciancio, D. Moody, T. Morrison, A. Sahai, and V. Vaikuntanathan, "Homomorphic encryption security standard," HomomorphicEncryption.org, Toronto, Canada, Tech. Rep., November 2018.Google Scholar
- A. B. Alexandru, A. Tsiamis, and G. J. Pappas, "Encrypted distributed lasso for sparse data predictive control," in IEEE Conference on Decision and Control (CDC), 2021.Google Scholar
- A. Aloufi and P. Hu, "Collaborative homomorphic computation on data encrypted under multiple keys," International Workshop on Privacy Engineering (IWPE'19), 2019.Google Scholar
- A. Aloufi, P. Hu, H. W. Wong, and S. S. Chow, "Blindfolded evaluation of random forests with multi-key homomorphic encryption," IEEE Transactions on Dependable and Secure Computing (TDSC), 2019.Google Scholar
- G. Asharov, A. Jain, A. López-Alt, E. Tromer, V. Vaikuntanathan, and D. Wichs, "Multiparty computation with low communication, computation and interaction via threshold FHE," in Advances in Cryptology - EUROCRYPT, 2012.Google Scholar
- T. Attema, V. Lyubashevsky, and G. Seiler, "Practical product proofs for lattice commitments," in Advances in Cryptology - CRYPTO, 2020.Google Scholar
- M. Backes, M. Barbosa, D. Fiore, and R. M. Reischuk, "ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data," in IEEE Symposium on Security and Privacy (S&P), 2015.Google Scholar
- J.-C. Bajard, J. Eynard, M. A. Hasan, and V. Zucca, "A full RNS variant of FV like somewhat homomorphic encryption schemes," in Selected Areas in Cryptography - SAC, 2017.Google Scholar
- C. Baum, J. Bootle, A. Cerulli, R. d. Pino, J. Groth, and V. Lyubashevsky, "Sub-linear lattice-based zero-knowledge arguments for arithmetic circuits," in Advances in Cryptology - CRYPTO, 2018.Google Scholar
- C. Baum, I. Damgård, V. Lyubashevsky, S. Oechsner, and C. Peikert, "More efficient commitments from structured lattice assumptions," in Security and Cryptography for Networks (SCN), 2018.Google Scholar
- C. Baum and V. Lyubashevsky, "Simple amortized proofs of shortness for linear relations over polynomial rings," Cryptology ePrint Archive, 2017.Google Scholar
- C. Baum and A. Nof, "Concretely-efficient zero-knowledge arguments for arith-metic circuits and their application to lattice-based cryptography," in Public-Key Cryptography - PKC, 2020.Google Scholar
- E. Ben-Sasson, I. Bentov, Y. Horesh, and M. Riabzev, "Fast reed-solomon inter-active oracle proofs of proximity," in International Colloquium on Automata, Languages, and Programming (ICALP), 2018.Google Scholar
- E. Ben-Sasson, A. Chiesa, M. Riabzev, N. Spooner, M. Virza, and N. P. Ward, "Aurora: Transparent succinct arguments for R1CS," in Advances in Cryptology - EUROCRYPT, 2019.Google Scholar
- J. C. Benaloh, "Secret sharing homomorphisms: Keeping shares of a secret secret," in Advances in Cryptolog - CRYPTO, 1986.Google Scholar
- F. Benhamouda, S. Krenn, V. Lyubashevsky, and K. Pietrzak, "Efficient zero-knowledge proofs for commitments from learning with errors over rings," in Computer Security - ESORICS, 2016.Google Scholar
- W. Beullens, "Sigma protocols for MQ, PKP and SIS, and fishy signature schemes," in Advances in Cryptology - EUROCRYPT, 2020.Google Scholar
- B. Biggio, B. Nelson, and P. Laskov, "Poisoning attacks against support vector machines," in ICML, 2012.Google Scholar
- D. Bogdanov, M. Jõemets, S. Siim, and M. Vaht, "How the estonian tax and customs board evaluated a tax fraud detection system based on secure multi-party computation," in International Conference on Financial Cryptography and Data Security (FC), 2015.Google Scholar
- D. Bogdanov, R. Talviste, and J. Willemson, "Deploying secure multi-party computation for financial data analysis," in International Conference on Financial Cryptography and Data Security (FC), 2012.Google Scholar
- P. Bogetoft, D. L. Christensen, I. Damgård, M. Geisler, T. Jakobsen, M. Krøigaard, J. D. Nielsen, J. B. Nielsen, K. Nielsen, J. Pagter et al., "Secure multiparty computation goes live," in International Conference on Financial Cryptography and Data Security (FC), 2009.Google Scholar
- A. Bois, I. Cascudo, D. Fiore, and D. Kim, "Flexible and efficient verifiable com-putation on encrypted data," in Public-Key Cryptography - PKC, 2021.Google Scholar
- D. Boneh, R. Gennaro, S. Goldfeder, A. Jain, S. Kim, P. M. Rasmussen, and A. Sahai, "Threshold cryptosystems from threshold fully homomorphic encryption," in Advances in Cryptology - CRYPTO, 2018.Google Scholar
- J. Bootle, A. Cerulli, P. Chaidos, J. Groth, and C. Petit, "Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting," in Advances in Cryptology - EUROCRYPT, 2016.Google Scholar
- J. Bootle, A. Cerulli, E. Ghadafi, J. Groth, M. Hajiabadi, and S. K. Jakobsen, "Linear-time zero-knowledge proofs for arithmetic circuit satisfiability," in Advances in Cryptology - ASIACRYPT, 2017.Google Scholar
- J. Bootle, V. Lyubashevsky, N. K. Nguyen, and G. Seiler, "A non-PCP approach to succinct quantum-safe zero-knowledge," in Advances in Cryptology - CRYPTO, 2020.Google Scholar
- --, "More efficient amortization of exact zero-knowledge proofs for LWE," in Computer Security - ESORICS, 2021.Google Scholar
- J. Bootle, V. Lyubashevsky, and G. Seiler, "Algebraic techniques for short(er) exact lattice-based zero-knowledge proofs," in Advances in Cryptology - CRYPTO, 2019.Google Scholar
- C. Boschini, J. Camenisch, M. Ovsiankin, and N. Spooner, "Efficient post-quantum SNARKs for RSIS and RLWE and their applications to privacy," in International Conference on Post-Quantum Cryptography (PQCrypto), 2020.Google Scholar
- Z. Brakerski, C. Gentry, and V. Vaikuntanathan, "(leveled) fully homomorphic encryption without bootstrapping," ACM Transactions on Computation Theory (TOCT), 2014.Google Scholar
- Z. Brakerski and R. Perlman, "Lattice-based fully dynamic multi-key FHE with short ciphertexts," in Advances in Cryptology - CRYPTO, 2016.Google Scholar
- B. Bünz, J. Bootle, D. Boneh, A. Poelstra, P. Wuille, and G. Maxwell, "Bulletproofs: Short proofs for confidential transactions and more," in IEEE Symposium on Security and Privacy (S&P), 2018.Google Scholar
- B. Bünz, B. Fisch, and A. Szepieniec, "Transparent SNARKs from DARK compilers," in Advances in Cryptology - EUROCRYPT, 2020.Google Scholar
- D. Catalano, A. Marcedone, and O. Puglisi, "Authenticating computation on groups: New homomorphic primitives and applications," in Advances in Cryptology - ASIACRYPT, 2014.Google Scholar
- S. Chatel, C. Knabenhans, A. Pyrgelis, and J.-P. Hubaux, "Verifiable encodings for secure homomorphic analytics," arXiv preprint arXiv:2207.14071, 2022.Google Scholar
- S. Chatel, C. Mouchet, A. U. Sahin, A. Pyrgelis, C. Troncoso, and J.-P. Hubaux, "Pelta - shielding multiparty-FHE against malicious adversaries," in Cryptology ePrint Archive, Paper 2023/642, 2023, https://eprint.iacr.org/2023/642.Google Scholar
- S. Chatel, A. Pyrgelis, J. R. Troncoso-Pastoriza, and J.-P. Hubaux, "Privacy and integrity preserving computations with crisp." in USENIX Security Symposium, 2021, pp. 2111--2128.Google Scholar
- H. Chen, I. Chillotti, and Y. Song, "Multi-key homomorphic encryption from TFHE," in Advances in Cryptology - ASIACRYPT, 2019.Google Scholar
- H. Chen, W. Dai, M. Kim, and Y. Song, "Efficient multi-key homomorphic encryption with packed ciphertexts with application to oblivious neural network inference," in ACM SIGSAC Conference on Computer and Communications Security (CCS), 2019.Google Scholar
- J. Chen, M. Edupalli, B. Berger, and H. Cho, "Secure and federated linear mixed model association tests," bioRxiv, 2022.Google Scholar
- L. Chen, Z. Zhang, and X. Wang, "Batched multi-hop multi-key fhe from ring-LWE with compact ciphertext extension," in Theory of Cryptography (TCC), 2017.Google Scholar
- W. Chen, K. Sotiraki, I. Chang, M. Kantarcioglu, and R. A. Popa, "HOLMES: a platform for detecting malicious inputs in secure collaborative computation," Cryptology ePrint Archive, 2021.Google Scholar
- M. Chenal and Q. Tang, "On key recovery attacks against existing somewhat homomorphic encryption schemes," in Progress in Cryptology - LATINCRYPT, 2014.Google Scholar
- J. H. Cheon, K. Han, S.-M. Hong, H. J. Kim, J. Kim, S. Kim, H. Seo, H. Shim, and Y. Song, "Toward a secure drone system: Flying with real-time homomorphic authenticated encryption," IEEE access, 2018.Google Scholar
- J. H. Cheon, A. Kim, M. Kim, and Y. Song, "Homomorphic encryption for arithmetic of approximate numbers," in Advances in Cryptology - ASIACRYPT, 2017.Google Scholar
- I. Chillotti, N. Gama, and L. Goubin, "Attacking fhe-based applications by soft-ware fault injections," Cryptology ePrint Archive, 2016.Google Scholar
- H. Cho, D. Froelicher, J. Chen, M. Edupalli, A. Pyrgelis, J. R. Troncoso-Pastoriza, J.-P. Hubaux, and B. Berger, "Secure and federated genome-wide association studies for biobank-scale datasets," bioRxiv, 2022.Google Scholar
- S. Chowdhury, S. Sinha, A. Singh, S. Mishra, C. Chaudhary, S. Patranabis, P. Mukherjee, A. Chatterjee, and D. Mukhopadhyay, "Efficient threshold FHE with application to real-time systems," Cryptology ePrint Archive, Paper 2022/1625, 2022.Google Scholar
- G. Couteau, M. Klooß, H. Lin, and M. Reichle, "Efficient range proofs with trans-parent setup from bounded integer commitments," in Advances in Cryptology - EUROCRYPT, 2021.Google Scholar
- E. Crockett and C. Peikert, "Challenges for ring-LWE," Cryptology ePrint Archive, 2016.Google Scholar
- I. Damgård, V. Pastro, N. Smart, and S. Zakarias, "Multiparty computation from somewhat homomorphic encryption," in Advances in Cryptology - CRYPTO, 2012.Google Scholar
- R. Del Pino, V. Lyubashevsky, and G. Seiler, "Lattice-based group signatures and zero-knowledge proofs of automorphism stability," in ACM SIGSAC Conference on Computer and Communications Security (CCS), 2018.Google Scholar
- --, "Short discrete log proofs for FHE and ring-LWE ciphertexts," in Public-Key Cryptography - PKC, 2019.Google Scholar
- L. Ducas, E. Kiltz, T. Lepoint, V. Lyubashevsky, P. Schwabe, G. Seiler, and D. Stehlé, "Crystals-dilithium: A lattice-based digital signature scheme," IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018.Google Scholar
- EPFL, "PELTA's Implementation," 2023, https://github.com/ldsec/pelta.Google Scholar
- EPFL-LDS, "Lattigo v2.2.0," Online: http://github.com/ldsec/lattigo, Jul. 2021.Google Scholar
- M. F. Esgin, N. K. Nguyen, and G. Seiler, "Practical exact proofs from lattices: New techniques to exploit fully-splitting rings," in Advances in Cryptology - ASIACRYPT, 2020.Google Scholar
- M. F. Esgin, R. Steinfeld, J. K. Liu, and D. Liu, "Lattice-based zero-knowledge proofs: New techniques for shorter and faster constructions and applications," in Advances in Cryptology - CRYPTO, 2019.Google Scholar
- J. Fan and F. Vercauteren, "Somewhat practical fully homomorphic encryption." IACR Cryptol. ePrint Arch., 2012.Google Scholar
- S. Fei, Z. Yan, W. Ding, and H. Xie, "Security vulnerabilities of SGX and coun-termeasures: A survey," ACM Computing Surveys (CSUR), 2021.Google Scholar
- H. Fereidooni, S. Marchal, M. Miettinen, A. Mirhoseini, H. Möllering, T. D. Nguyen, P. Rieger, A.-R. Sadeghi, T. Schneider, H. Yalame et al., "SAFELearn: secure aggregation for private federated learning," in IEEE Security and Privacy Workshops (SPW), 2021.Google Scholar
- A. Fiat and A. Shamir, "How to prove yourself: Practical solutions to identifica-tion and signature problems," in Advances in Cryptology - CRYPTO, 1986.Google Scholar
- D. Fiore, R. Gennaro, and V. Pastro, "Efficiently verifiable computation on en-crypted data," in ACM SIGSAC Conference on Computer and Communications Security (CCS), 2014.Google Scholar
- D. Fiore, A. Nitulescu, and D. Pointcheval, "Boosting verifiable computation on encrypted data," in Public-Key Cryptography - PKC, 2020.Google Scholar
- D. Froelicher, J. R. Troncoso-Pastoriza, A. Pyrgelis, S. Sav, J. S. Sousa, J.-P. Bossuat, and J.-P. Hubaux, "Scalable privacy-preserving distributed learning," Proceedings on Privacy Enhancing Technologies, 2021.Google Scholar
- D. Froelicher, J. R. Troncoso-Pastoriza, J. L. Raisaro, M. A. Cuendet, J. S. Sousa, H. Cho, B. Berger, J. Fellay, and J.-P. Hubaux, "Truly privacy-preserving federated analytics for precision medicine with multiparty homomorphic encryption," Nature communications, 2021.Google Scholar
- C. Ganesh, A. Nitulescu, and E. Soria-Vazquez, "Rinocchio: Snarks for ring arithmetic," Cryptology ePrint Archive, Report 2021/322, 2021.Google Scholar
- N. Göttert, T. Feller, M. Schneider, J. Buchmann, and S. Huss, "On the design of hardware building blocks for modern lattice-based encryption schemes," in Cryptographic Hardware and Embedded Systems - CHES, 2012.Google Scholar
- J. Groth, "Efficient zero-knowledge arguments from two-tiered homomorphic commitments," in Advances in Cryptology - ASIACRYPT, 2011.Google Scholar
- S. Halevi, Y. Polyakov, and V. Shoup, "An improved RNS variant of the BFV homomorphic encryption scheme," in Topics in Cryptology--CT-RSA, 2019.Google Scholar
- IBM, "Helib v2.2.1," Online: https://github.com/homenc/HElib, Oct. 2021.Google Scholar
- K. A. Jagadeesh, D. J. Wu, J. A. Birgmeier, D. Boneh, and G. Bejerano, "Deriving genomic diagnoses without revealing patient genomes," Science, 2017.Google Scholar
- M. Jagielski, A. Oprea, B. Biggio, C. Liu, C. Nita-Rotaru, and B. Li, "Manipulat- ing machine learning: Poisoning attacks and countermeasures for regression learning," in IEEE Symposium on Security and Privacy (S&P), 2018.Google Scholar
- C. Joo and A. Yun, "Homomorphic authenticated encryption secure against chosen-ciphertext attack," in Advances in Cryptology - ASIACRYPT, 2014.Google Scholar
- A. Kate, G. M. Zaverucha, and I. Goldberg, "Constant-size commitments to polynomials and their applications," in Advances in Cryptology - ASIACRYPT, 2010.Google Scholar
- A. Kawachi, K. Tanaka, and K. Xagawa, "Concurrently secure identification schemes based on the worst-case hardness of lattice problems," in Advances in Cryptology - ASIACRYPT, 2008.Google Scholar
- A. Kim, M. Deryabin, J. Eom, R. Choi, Y. Lee, W. Ghang, and D. Yoo, "General bootstrapping approach for RLWE-based homomorphic encryption," Cryptology ePrint Archive, 2021.Google Scholar
- A. Kim, Y. Polyakov, and V. Zucca, "Revisiting homomorphic encryption schemes for finite fields," in Advances in Cryptology - ASIACRYPT, 2021.Google Scholar
- H. Kwak, D. Lee, Y. Song, and S. Wagh, "A unified framework of homomorphic encryption for multiple parties with non-interactive setup," Cryptology ePrint Archive, 2021.Google Scholar
- J. Lai, R. H. Deng, H. Pang, and J. Weng, "Verifiable computation on outsourced encrypted data," in Computer Security - ESORICS, 2014.Google Scholar
- A. Langlois and D. Stehlé, "Worst-case to average-case reductions for module lattices," Designs, Codes and Cryptography, 2015.Google Scholar
- N. Li, T. Zhou, X. Yang, Y. Han, W. Liu, and G. Tu, "Efficient multi-key FHE with short extended ciphertexts and directed decryption protocol," IEEE Access, 2019.Google Scholar
- S. Li, X. Wang, and R. Xue, "Toward both privacy and efficiency of homomorphic MACs for polynomial functions and its applications," The Computer Journal, 2022.Google Scholar
- S. Li, X. Wang, and R. Zhang, "Privacy-preserving homomorphic MACs with efficient verification," in Web Services-ICWS, 2018.Google Scholar
- B. Libert, S. Ling, K. Nguyen, and H. Wang, "Lattice-based zero-knowledge arguments for integer relations," in Advances in Cryptology - CRYPTO, 2018.Google Scholar
- B. Libert, T. Peters, M. Joye, and M. Yung, "Linearly homomorphic structure-preserving signatures and their applications," Advances in Cryptology - CRYPTO, 2013.Google Scholar
- S. Ling, K. Nguyen, D. Stehlé, and H. Wang, "Improved zero-knowledge proofs of knowledge for the ISIS problem, and applications," in Public-Key Cryptography - PKC. Proceedings 16, 2013.Google Scholar
- A. López-Alt, E. Tromer, and V. Vaikuntanathan, "On-the-fly multiparty com-putation on the cloud via multikey fully homomorphic encryption," in Annual ACM symposium on Theory of computing (STOC), 2012.Google Scholar
- V. Lyubashevsky, "Fiat-Shamir with aborts: Applications to lattice and factoring-based signatures," in Advances in Cryptology - ASIACRYPT, 2009.Google Scholar
- --, "Lattice signatures without trapdoors," in Advances in Cryptology - EUROCRYPT, 2012.Google Scholar
- V. Lyubashevsky and G. Neven, "One-shot verifiable encryption from lattices," in Advances in Cryptology - EUROCRYPT, 2017.Google Scholar
- V. Lyubashevsky, N. K. Nguyen, and M. Plançon, "Lattice-based zero-knowledge proofs and applications: Shorter, simpler, and more general," in Advances in Cryptology - CRYPTO, 2022.Google Scholar
- V. Lyubashevsky, N. K. Nguyen, and G. Seiler, "Practical lattice-based zero-knowledge proofs for integer relations," in ACM SIGSAC Conference on Computer and Communications Security (CCS), 2020.Google Scholar
- --, "Shorter lattice-based zero-knowledge proofs via one-time commitments," in Public-Key Cryptography - PKC, 2021.Google Scholar
- --, "SMILE: set membership from ideal lattices with applications to ring sig-natures and confidential transactions," in Advances in Cryptology - CRYPTO, 2021.Google Scholar
- C. Mouchet, E. Bertrand, and J.-P. Hubaux, "An efficient threshold access-structure for RLWE-based multiparty homomorphic encryption," Journal of Cryptology, 2023.Google Scholar
- C. Mouchet, J. Troncoso-Pastoriza, J.-P. Bossuat, and J.-P. Hubaux, "Multiparty homomorphic encryption from ring-learning-with-errors," Proceedings on Privacy Enhancing Technologies, 2021.Google Scholar
- P. Mukherjee and D. Wichs, "Two round multiparty computation via multi-key FHE," in Advances in Cryptology - EUROCRYPT, 2016.Google Scholar
- D. Natarajan, A. Loveless, W. Dai, and R. Dreslinski, "CHEX-MIX: Combining homomorphic encryption with trusted execution environments for two-party oblivious inference in the cloud," Cryptology ePrint Archive, 2021.Google Scholar
- J. Park, "Homomorphic encryption for multiple users with less communications," IEEE Access, 2021.Google Scholar
- B. Parno, J. Howell, C. Gentry, and M. Raykova, "Pinocchio: Nearly practical verifiable computation," in IEEE Symposium on Security and Privacy (S&P), 2013.Google Scholar
- C. Peikert and S. Shiehian, "Multi-key FHE from LWE, revisited," in Theory of Cryptography (TCC), 2016.Google Scholar
- Y. Polyakov, K. Rohloff, and G. W. Ryan, "Palisade lattice cryptography library user manual," Cybersecurity Research Center, New Jersey Institute of Technology (NJIT), Tech. Rep, 2017.Google Scholar
- A. Polychroniadou, G. Asharov, B. Diamond, T. Balch, H. Buehler, R. Hua, S. Gu, G. Gimler, and M. Veloso, "Prime Match: A privacy-preserving inventory matching system," Cryptology ePrint Archive, 2023.Google Scholar
- T. Pöppelmann and T. Güneysu, "Towards efficient arithmetic for lattice-based cryptography on reconfigurable hardware," in Progress in Cryptology - LATIN-CRYPT, 2012.Google Scholar
- J. L. Raisaro, J. Troncoso-Pastoriza, M. Misbach, J. S. Sousa, S. Pradervand, E. Missiaglia, O. Michielin, B. Ford, and J.-P. Hubaux, "MedCo: Enabling secure and privacy-preserving exploration of distributed clinical and genomic data," IEEE/ACM transactions on computational biology and bioinformatics, 2018.Google Scholar
- M. Rathee, C. Shen, S. Wagh, and R. A. Popa, "ELSA: Secure aggregation for federated learning with malicious actors," in IEEE Symposium on Security and Privacy (S&P), 2023.Google Scholar
- D. Rotaru, N. P. Smart, T. Tanguy, F. Vercauteren, and T. Wood, "Actively secure setup for SPDZ," Journal of Cryptology, 2022.Google Scholar
- S. Sav, J.-P. Bossuat, J. R. Troncoso-Pastoriza, M. Claassen, and J.-P. Hubaux, "Privacy-preserving federated neural network learning for disease-associated cell classification," Patterns, 2022.Google Scholar
- S. Sav, A. Pyrgelis, J. R. Troncoso-Pastoriza, D. Froelicher, J.-P. Bossuat, J. S. Sousa, and J.-P. Hubaux, "POSEIDON: Privacy-preserving federated neural network learning," Annual Network And Distributed System Security Symposium (NDSS), 2021.Google Scholar
- J. T. Schwartz, "Fast probabilistic algorithms for verification of polynomial identities," Journal of the ACM, 1980.Google Scholar
- "Microsoft SEAL (release 3.0)," http://sealcrypto.org, Oct. 2018.Google Scholar
- J. Stern, "A new identification scheme based on syndrome decoding," in Advances in Cryptology - CRYPTO, 1993.Google Scholar
- N. H. Tran, H. Pang, and R. H. Deng, "Efficient verifiable computation of linear and quadratic functions over encrypted data," in ACM on Asia Conference on Computer and Communications Security (Asia CCS), 2016.Google Scholar
- A. Viand, C. Knabenhans, and A. Hithnawi, "Verifiable fully homomorphic encryption," arXiv preprint arXiv:2301.07041, 2023.Google Scholar
- R. S. Wahby, I. Tzialla, A. Shelat, J. Thaler, and M. Walfish, "Doubly-efficient zkSNARKs without trusted setup," in IEEE Symposium on Security and Privacy (S&P), 2018.Google Scholar
- H. Wee and D. J. Wu, "Succinct vector, polynomial, and functional commitments from lattices," in Advances in Cryptology - EUROCRYPT, 2023, https://doi.org/ 10.1007/978-3-031-30620-4_13.Google ScholarDigital Library
- D. I. Wolinsky, H. Corrigan-Gibbs, B. Ford, and A. Johnson, "Scalable anonymous group communication in the anytrust model," in 5th European Workshop on System Security, 2012.Google Scholar
- G. Xu, X. Han, S. Xu, T. Zhang, H. Li, X. Huang, and R. H. Deng, "Hercules: Boosting the performance of privacy-preserving federated learning," IEEE Transactions on Dependable and Secure Computing, 2022.Google Scholar
- G. Xu, G. Li, S. Guo, T. Zhang, and H. Li, "Secure decentralized image classifica-tion with multiparty homomorphic encryption," IEEE Transactions on Circuits and Systems for Video Technology, 2023.Google Scholar
- M. Yang, C. Zhang, X. Wang, X. Liu, S. Li, J. Huang, Z. Feng, X. Sun, F. Chen, S. Yang et al., "TrustGWAS: A full-process workflow for encrypted GWAS using multi-key homomorphic encryption and pseudorandom number perturbation," Cell Systems, 2022.Google Scholar
- R. Yang, M. H. Au, Z. Zhang, Q. Xu, Z. Yu, and W. Whyte, "Efficient lattice-based zero-knowledge arguments with standard soundness: construction and applications," in Advances in Cryptology - CRYPTO, 2019.Google Scholar
- S. Yasuda, Y. Koseki, R. Hiromasa, and Y. Kawai, "Multi-key homomorphic proxy re-encryption," in International Conference on Information Security, 2018.Google Scholar
- M. Yuan, D. Wang, F. Zhang, S. Wang, S. Ji, and Y. Ren, "An examination of multi-key fully homomorphic encryption and its applications," Mathematics, 2022.Google Scholar
Index Terms
- PELTA - Shielding Multiparty-FHE against Malicious Adversaries
Recommendations
Protocols for Multiparty Coin Toss with a Dishonest Majority
Coin-tossing protocols are protocols that generate a random bit with uniform distribution, although some corrupted parties might try to bias the output. These protocols are used as a building block in many cryptographic protocols. Cleve (Proc. of the ...
Fast Large-Scale Honest-Majority MPC for Malicious Adversaries
AbstractProtocols for secure multiparty computation enable a set of parties to compute a function of their inputs without revealing anything but the output. The security properties of the protocol must be preserved in the presence of adversarial behavior. ...
Multiparty computation secure against continual memory leakage
STOC '12: Proceedings of the forty-fourth annual ACM symposium on Theory of computingWe construct a multiparty computation (MPC) protocol that is secure even if a malicious adversary, in addition to corrupting 1-ε fraction of all parties for an arbitrarily small constant ε >0, can leak information about the secret state of each honest ...
Comments