Cryptology ePrint Archive: Report 2018/026

Zero-Knowledge Proof of Decryption for FHE Ciphertexts

Christopher Carr and Anamaria Costache and Gareth T. Davies and Kristian Gjøsteen and Martin Strand

Abstract: Zero-knowledge proofs of knowledge and fully-homomorphic encryption are two areas that have seen considerable advances in recent years, and these two techniques are used in conjunction in the context of verifiable decryption. Existing solutions for verifiable decryption are aimed at the batch setting, however there are many applications in which there will only be one ciphertext that requires a proof of decryption. The purpose of this paper is to provide a zero-knowledge proof of correct decryption on an FHE ciphertext, which for instance could hold the result of a cryptographic election.

We give two main contributions. Firstly, we present a bootstrapping-like protocol to switch from one FHE scheme to another. The first scheme has efficient homomorphic capabilities; the second admits a simple zero-knowledge protocol. To illustrate this, we use the Brakerski et al. (ITCS, 2012) scheme for the former, and Gentry's original scheme (STOC, 2009) for the latter. Secondly, we present a simple one-shot zero-knowledge protocol for verifiable decryption using Gentry's original FHE scheme.

Category / Keywords: cryptographic protocols / zero knowledge, fully homomorphic encryption, verifiable decryption

Date: received 7 Jan 2018

Contact author: martin strand at ntnu no

Available format(s): PDF | BibTeX Citation

Version: 20180107:143809 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]