Cryptology ePrint Archive: Report 2019/1462

Privacy-preserving greater-than integer comparison without binary decomposition

Sigurd Eskeland

Abstract: Common for the overwhelming majority of privacy-preserving greater-than integer comparison schemes is that cryptographic computations are conducted in a bitwise manner. To ensure the secrecy, each bit must be encoded in such a way that nothing is revealed to the opposite party. The most noted disadvantage is that the computational and communication cost of the bitwise encoding is as best linear to the number of bits. Also, many proposed schemes have complex designs that may be difficult to implement and are not intuitive. Carlton et al. proposed in 2018 an interesting scheme that avoids bitwise decomposition and works on whole integers. % It uses a special composite RSA modulus. A variant was proposed by Bourse et al. in 2019. In this paper, we show that in particular the Bourse scheme does not provide the claimed security. Inspired by the two mentioned papers, we propose a comparison scheme with a somewhat simpler construction and with clear security reductions.

Category / Keywords: cryptographic protocols / Privacy protocols; secure integer comparison

Date: received 18 Dec 2019, withdrawn 20 Dec 2019

Contact author: sigurd eskeland at nr no

Available format(s): (-- withdrawn --)

Version: 20191220:142834 (All versions of this report)

Short URL: ia.cr/2019/1462


[ Cryptology ePrint archive ]