Cryptology ePrint Archive: Report 2013/344

Limits of provable security for homomorphic encryption

Andrej Bogdanov and Chin Ho Lee

Abstract: We show that public-key bit encryption schemes which support weak (i.e., compact) homomorphic evaluation of any sufficiently "sensitive" collection of functions cannot be proved message indistinguishable beyond AM intersect coAM via general (adaptive) reductions, and beyond statistical zero-knowledge via reductions of constant query complexity. Examples of sensitive collections include parities, majorities, and the class consisting of all AND and OR functions.

Our techniques also give a method for converting a strong (i.e., distribution-preserving) homomorphic evaluator for essentially any boolean function (except the trivial ones, the NOT function, and the AND and OR functions) into a rerandomization algorithm: This is a procedure that converts a ciphertext into another ciphertext which is statistically close to being independent and identically distributed with the original one. Our transformation preserves negligible statistical error.

Category / Keywords: foundations / proofs of security, homomorphic encryption, rerandomization

Publication Info: This is a long version of a CRYPTO 2013 paper

Date: received 4 Jun 2013

Contact author: andrejb at cse cuhk edu hk

Available format(s): PDF | BibTeX Citation

Note: Also posted as ECCC report TR12-156

Version: 20130609:193217 (All versions of this report)

Short URL: ia.cr/2013/344

Discussion forum: Show discussion | Start new discussion