Paper 2024/1231

A Composable View of Homomorphic Encryption and Authenticator

Ganyuan Cao, École Polytechnique Fédérale de Lausanne
Abstract

Homomorphic Encryption (HE) is a cutting-edge cryptographic technique that enables computations on encrypted data to be mirrored on the original data. This has quickly attracted substantial interest from the research community due to its extensive practical applications, such as in cloud computing and privacy-preserving machine learning. In addition to confidentiality, the importance of authenticity has emerged to ensure data integrity during transmission and evaluation. To address authenticity, various primitives have been developed including Homomorphic Authenticator (HA). Corresponding security notions have also been introduced by extending the existing notions to their homomorphic versions. Despite these advancements, formalizing the security of HE and HA remains challenging due to the novelty of these primitives and complexity of application scenarios involving message evaluation. It is inclusive which definitions in this zoo of notions are insufficient or overly complex. Moreover, HE and HA are designed to be combined to construct a secure communication channel that ensures both confidentiality and authenticity. However, the security of such compositions is not always clear when game-based notions are used to formalize security. To bridge this gap, we conduct a constructive analysis through the lens of com- posable security. This method enables us to examine the security properties of each primitive in isolation and to more effectively evaluate their security when integrated into a larger system. We introduce the concepts of a confidential channel and an au- thenticated channel to specify the security requirements for HE and HA, respectively. We make a comparison with existing game-based notions to determine whether they adequately capture the intended security objectives. We then analyze whether the composition of HE and HA constructs a Homomorphic Authenticated Encryption (HAE) that provides both confidentiality and authenticity in presence of message evaluation. Specifically, we examine a serial composition of HE and HA, corresponding to Encrypt-then-MAC (EtM) composition for constructing classical AE.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
Homomorphic EncryptionHomomorphic AuthenticatorComposable SecurityConstructive CryptographyProvable Security
Contact author(s)
ganyuan cao @ epfl ch
History
2024-09-30: last of 3 revisions
2024-08-02: received
See all versions
Short URL
https://ia.cr/2024/1231
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1231,
      author = {Ganyuan Cao},
      title = {A Composable View of Homomorphic Encryption and Authenticator},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1231},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1231}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.