Predicate Privacy in Encryption Systems
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Predicate encryption supporting disjunctions, polynomial equations, and inner products
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Fully secure functional encryption with general relations from the decisional linear assumption
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Non-interactive verifiable computing: outsourcing computation to untrusted workers
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Improved delegation of computation using fully homomorphic encryption
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Functional encryption: definitions and challenges
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Verifiable delegation of computation over large datasets
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Outsourcing computation of modular exponentiations in cloud computing
Cluster Computing
Hi-index | 0.00 |
We propose a new cryptographic primitive called Delegatable Homomorphic Encryption (DHE). This allows a Trusted Authority to control/delegate the evaluation of circuits over encrypted data to untrusted workers/evaluators by issuing tokens. This primitive can be both seen as a public-key counterpart to Verifiable Computation, where input generation and output verification are performed by different entities, or as a generalisation of Fully Homomorphic Encryption enabling control over computations on encrypted data. Our primitive comes with a series of extra features: 1) there is a one-time setup procedure for all circuits; 2) senders do not need to be aware of the functions which will be evaluated on the encrypted data, nor do they need to register keys; 3) tokens are independent of senders and receiver; and 4) receivers are able to verify the correctness of computation given short auxiliary information on the input data and the function, independently of the complexity of the computed circuit. We give a modular construction of such a DHE scheme from three components: Fully Homomorphic Encryption (FHE), Functional Encryption (FE), and a (customised) MAC. As a stepping stone, we first define Verifiable Functional Encryption (VFE), and then show how one can build a secure DHE scheme from a VFE and an FHE scheme. We also show how to build the required VFE from a standard FE together with a MAC scheme. All our results hold in the standard model. Finally, we show how one can build a verifiable computation (VC) scheme generically from a DHE. As a corollary, we get the first VC scheme which remains verifiable even if the attacker can observe verification results.