Paper 2024/1231
A Composable View of Homomorphic Encryption and Authenticator
Abstract
Homomorphic Encryption (HE) is a cutting-edge cryptographic technique that enables computations on encrypted data to be mirrored on the original data. This has quickly attracted substantial interest from the research community due to its extensive practical applications, such as in cloud computing and privacy-preserving machine learning. In addition to confidentiality, the importance of authenticity has emerged to ensure data integrity during transmission and evaluation. To address authenticity, various primitives have been developed including Homomorphic Authenticator (HA). Corresponding security notions have also been introduced by extending the existing notions to their homomorphic versions. Despite these advancements, formalizing the security of HE and HA remains challenging due to the novelty of these primitives and complexity of application scenarios involving message evaluation. It is inclusive which definitions in this zoo of notions are insufficient or overly complex. Moreover, HE and HA are designed to be combined to construct a secure communication channel that ensures both confidentiality and authenticity. However, the security of such compositions is not always clear when game-based notions are used to formalize security. To bridge this gap, we conduct a constructive analysis through the lens of com- posable security. This method enables us to examine the security properties of each primitive in isolation and to more effectively evaluate their security when integrated into a larger system. We introduce the concepts of a confidential channel and an au- thenticated channel to specify the security requirements for HE and HA, respectively. We make a comparison with existing game-based notions to determine whether they adequately capture the intended security objectives. We then analyze whether the composition of HE and HA constructs a Homomorphic Authenticated Encryption (HAE) that provides both confidentiality and authenticity in presence of message evaluation. Specifically, we examine a serial composition of HE and HA, corresponding to Encrypt-then-MAC (EtM) composition for constructing classical AE.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- Homomorphic EncryptionHomomorphic AuthenticatorComposable SecurityConstructive CryptographyProvable Security
- Contact author(s)
- ganyuan cao @ epfl ch
- History
- 2024-09-30: last of 3 revisions
- 2024-08-02: received
- See all versions
- Short URL
- https://ia.cr/2024/1231
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/1231, author = {Ganyuan Cao}, title = {A Composable View of Homomorphic Encryption and Authenticator}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/1231}, year = {2024}, url = {https://eprint.iacr.org/2024/1231} }