Paper 2024/1207

What Have SNARGs Ever Done for FHE?

Michael Walter, Zama
Abstract

In recent years, there have been several constructions combining FHE with SNARGs to add integrity guarantees to FHE schemes. Most of these works focused on improving efficiency, while the precise security model with regards to client side input privacy has remained understudied. Only recently it was shown by Manulis and Nguyen (Eurocrypt'24) that this combination does not yield IND-CCA1 security. So an interesting open question is: does the SNARG actually add any meaningful security to input privacy? We address this question in this note and give a security definition that meaningfully captures the security of the FHE plus SNARG construction.

Note: This version corrects the incorrect claim that IND-SA implies FuncCPA. We thank Jérôme Nguyen for pointing out that error.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
FHESNARGs
Contact author(s)
michael walter @ zama ai
History
2024-07-31: revised
2024-07-26: received
See all versions
Short URL
https://ia.cr/2024/1207
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1207,
      author = {Michael Walter},
      title = {What Have {SNARGs} Ever Done for {FHE}?},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1207},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1207}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.