Paper 2019/588

Formal Notions of Security for Verifiable Homomorphic Encryption

Jakub Klemsa and Ivana Trummová

Abstract

Homomorphic encryption enables computations with encrypted data, however, in its plain form, it does not guarantee that the computation has been performed honestly. For the Fully Homomorphic Encryption (FHE), a verifiable variant emerged soon after the introduction of FHE itself, for a single-operation homomorphic encryption (HE), particular verifiable variant has been introduced recently, called the VeraGreg Framework. In this paper, we identify a weakness of List Non-Malleability as defined for the VeraGreg Framework—an analogy to the classical Non-Malleability—and suggest its improvement which we show not to be extendable any more in certain sense. Next, we suggest a decomposition of the abstract VeraGreg framework, introduce novel notions of security for the resulting components and show some reductions between them and/or their combinations. Finally, we conjecture that VeraGreg achieves the strongest (and desirable) security guarantee if and only if its building blocks achieve certain, much more tangible properties, in a specific case together with an assumption on hardness of particular kind of the famous Shortest Vector Problem for lattices.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint. Minor revision.
Keywords
Verifiable homomorphic encryptionFormal notions of securityNon-malleability
Contact author(s)
jakub klemsa @ gmail com
History
2019-05-30: received
Short URL
https://ia.cr/2019/588
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/588,
      author = {Jakub Klemsa and Ivana Trummová},
      title = {Formal Notions of Security for Verifiable Homomorphic Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2019/588},
      year = {2019},
      note = {\url{https://eprint.iacr.org/2019/588}},
      url = {https://eprint.iacr.org/2019/588}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.