Bounded-width polynomial-size branching programs recognize exactly those languages in NC1
STOC '86 Proceedings of the eighteenth annual ACM symposium on Theory of computing
Journal of the ACM (JACM)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Replication is not needed: single database, computationally-private information retrieval
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Non-Interactive CryptoComputing For NC1
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Private Searching on Streaming Data
Journal of Cryptology
A survey of single-database private information retrieval: techniques and applications
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Public key encryption that allows PIR queries
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Evaluating 2-DNF formulas on ciphertexts
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Sufficient conditions for collision-resistant hashing
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Public-key encryption with efficient amortized updates
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Optimal structure-preserving signatures in asymmetric bilinear groups
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Hi-index | 0.00 |
In cryptography, there has been tremendous success in building various two-party protocols with small communication complexity out of homomorphic semantically-secure encryption schemes, using their homomorphic properties in a black-box way. A few notable examples of such primitives include items like single database Private Information Retrieval (PIR) schemes (introduced in [15]) and private database update with small communication (introduced in [5]). In this paper, we illustrate a general methodology for determining what types of protocols can and cannot be implemented with small communication by using homomorphic encryption in a black-box way.We hope that this work will provide a simple "litmus test" of feasibility for black-box use of known homomorphic encryption schemes by other cryptographic researchers attempting to develop new protocols with low communication. Additionally, a precise mathematical language for reasoning about such problems is developed in this work, which may be of independent interest. We stress that the class of algebraic structures for which we prove communication complexity lower bounds is large, and covers practically all known semantically-secure homomorphic cryptosystems (including those based upon bilinear maps).Finally, we show the following equivalence which relates group homomorphic encryption and a major open question of designing a so-called fully-homomorphic cryptosystem: a fully homomorphic encryption scheme (over a non-zero ring) exists if and only if there exists homomorphic encryption over any finite non-abelian simple group. This result somewhat generalizes results of Barrington [1] (to any group containing a finite non-abelian simple subgroup) and of Maurer and Rhodes [18], and in fact gives a constructiveproof of the 1974 result Werner [28]. (This also answers an open question posed by Rappe in [23], who in 2004 proved a special case of this result.)