Cryptology ePrint Archive: Report 2017/956
Threshold Cryptosystems From Threshold Fully Homomorphic Encryption
Dan Boneh and Rosario Gennaro and Steven Goldfeder and Aayush Jain and Sam Kim and Peter M. R. Rasmussen and Amit Sahai
Abstract: We develop a general approach to adding a threshold functionality to a large class of (non- threshold) cryptographic schemes. A threshold functionality enables a secret key to be split into a number of shares, so that only a threshold of parties can use the key, without reconstructing the key. We begin by constructing a threshold fully-homomorphic encryption scheme (TFHE) from the learning with errors (LWE) problem. We next introduce a new concept, called a universal thresholdizer, from which many threshold systems are possible. We show how to construct a universal thresholdizer from our TFHE. A universal thresholdizer can be used to add threshold functionality to many systems, such as CCA-secure public key encryption (PKE), signature schemes, pseudorandom functions, and others primitives. In particular, by applying this paradigm to a (non-threshold) lattice signature system, we obtain the first single-round threshold signature scheme from LWE.
Category / Keywords: cryptographic protocols / fully homomorphic encryption, threshold cryptography, lattices, threshold signatures
Date: received 28 Sep 2017
Contact author: skim13 at cs stanford edu
Available format(s): PDF | BibTeX Citation
Note: This is a merged version of Eprint 2017/251 and 2017/257, with additional results.
Version: 20170929:122339 (All versions of this report)
Short URL: ia.cr/2017/956
[ Cryptology ePrint archive ]