Paper 2015/127

Adaptive key recovery attacks on NTRU-based somewhat homomorphic encryption schemes

Ricardo Dahab, Steven Galbraith, and Eduardo Morais

Abstract

In this paper we present adaptive key recovery attacks on NTRU-based somewhat homomorphic encryption schemes. Among such schemes, we study the proposal by Bos et al [BLLN13] in 2013. Given access to a decryption oracle, the attack allows us to compute the private key for all parameter choices. Such attacks show that one must be very careful about the use of homomorphic encryption in practice. The existence of a key recovery attack means that the scheme is not CCA1-secure. Indeed, almost every somewhat homomorphic construction proposed till now in the literature is vulnerable to an attack of this type. Hence our result adds to a body of literature that shows that building CCA1-secure homomorphic schemes is not trivial.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Accepted to the conference ICITS 2015
Keywords
NTRU-based homomorphic encryptionadaptive key recovery attack
Contact author(s)
eduardo morais @ gmail com
History
2015-02-26: received
Short URL
https://ia.cr/2015/127
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/127,
      author = {Ricardo Dahab and Steven Galbraith and Eduardo Morais},
      title = {Adaptive key recovery attacks on NTRU-based somewhat homomorphic encryption schemes},
      howpublished = {Cryptology ePrint Archive, Paper 2015/127},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/127}},
      url = {https://eprint.iacr.org/2015/127}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.