Cryptology ePrint Archive: Report 2021/722

Chosen Ciphertext Secure Keyed Two-Level Homomorphic Encryption

Yusaku Maeda and Koji Nuida

Abstract: Homomorphic encryption (HE) is a useful variant of public key encryption (PKE), but it has a drawback that HE cannot fully achieve IND-CCA2 security, which is a standard security notion for PKE. Beyond existing HE schemes achieving weaker IND-CCA1 security, Emura et al.\ (PKC 2013) proposed the notion of \lq\lq keyed\rq\rq{} version of HE, called KH-PKE, which introduces an evaluation key controlling the functionality of homomorphic operations and achieves security stronger than IND-CCA1 and as close to IND-CCA2 as possible. After Emura et al.'s scheme which can evaluate linear polynomials only, Lai et al.\ (PKC 2016) proposed a fully homomorphic KH-PKE, but it requires indistinguishability obfuscation and hence has a drawback in practical feasibility. In this paper, we propose a \lq\lq two-level\rq\rq{} KH-PKE scheme for evaluating degree-two polynomials, by cleverly combining Emura et al.'s generic framework with a recent efficient two-level HE by Attrapadung et al.\ (ASIACCS 2018). Our scheme is the first KH-PKE that can handle non-linear polynomials while keeping practical efficiency.

Category / Keywords: public-key cryptography / public key encryption, keyed homomorphic encryption, hash proof system

Date: received 30 May 2021, last revised 30 May 2021

Contact author: yusaku maeda1996 at gmail com, nuida at imi kyushu-u ac jp

Available format(s): PDF | BibTeX Citation

Version: 20210531:064641 (All versions of this report)

Short URL: ia.cr/2021/722


[ Cryptology ePrint archive ]