Cryptology ePrint Archive: Report 2021/262

The Rise of Paillier: Homomorphic Secret Sharing and Public-Key Silent OT

Claudio Orlandi and Peter Scholl and Sophia Yakoubov

Abstract: We describe a simple method for solving the distributed discrete logarithm problem in Paillier groups, allowing two parties to locally convert multiplicative shares of a secret (in the exponent) into additive shares. Our algorithm is perfectly correct, unlike previous methods with an inverse polynomial error probability. We obtain the following applications and further results.

- Homomorphic secret sharing. We construct homomorphic secret sharing for branching programs with *negligible* correctness error and supporting *exponentially large* plaintexts, with security based on the decisional composite residuosity (DCR) assumption.

- Correlated pseudorandomness. Pseudorandom correlation functions (PCFs), recently introduced by Boyle et al. (FOCS 2020), allow two parties to obtain a practically unbounded quantity of correlated randomness, given a pair of short, correlated keys. We construct PCFs for the oblivious transfer (OT) and vector oblivious linear evaluation (VOLE) correlations, based on the quadratic residuosity (QR) or DCR assumptions, respectively. We also construct a pseudorandom correlation generator (for producing a bounded number of samples, all at once) for general degree-2 correlations including OLE, based on a combination of (DCR or QR) and the learning parity with noise assumptions.

- Public-key silent OT/VOLE. We upgrade our PCF constructions to have a *public-key setup*, where after independently posting a public key, each party can locally derive its PCF key. This allows completely *silent generation* of an arbitrary amount of OTs or VOLEs, without any interaction beyond a PKI, based on QR, DCR, a CRS and a random oracle. The public-key setup is based on a novel non-interactive vector OLE protocol, which can be seen as a variant of the Bellare-Micali oblivious transfer protocol.

Category / Keywords: cryptographic protocols / Homomorphic secret sharing, secure computation, oblivious transfer

Original Publication (with major differences): IACR-EUROCRYPT-2021

Date: received 3 Mar 2021, last revised 10 Mar 2021

Contact author: orlandi at cs au dk, peter scholl at cs au dk, sophia yakoubov at gmail com

Available format(s): PDF | BibTeX Citation

Note: Fixed a minor bug in Theorem 6.1, which now additionally assumes QR.

Version: 20210310:103637 (All versions of this report)

Short URL: ia.cr/2021/262


[ Cryptology ePrint archive ]