STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Completeness theorems for non-cryptographic fault-tolerant distributed computation
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Multiparty unconditionally secure protocols
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Communication complexity of secure computation (extended abstract)
STOC '92 Proceedings of the twenty-fourth annual ACM symposium on Theory of computing
Communications of the ACM
Robustness for Free in Unconditional Multi-party Computation
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Efficient Multiparty Protocols Using Circuit Randomization
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
On lattices, learning with errors, random linear codes, and cryptography
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Number Theory: An Introduction via the Distribution of Primes
Number Theory: An Introduction via the Distribution of Primes
Zero-knowledge from secure multiparty computation
Proceedings of the thirty-ninth annual ACM symposium on Theory of computing
Worst-Case to Average-Case Reductions Based on Gaussian Measures
SIAM Journal on Computing
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Protocols for secure computations
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Round-Efficient Secure Computation in Point-to-Point Networks
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Asynchronous Multi-Party Computation with Quadratic Communication
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
A Framework for Efficient and Composable Oblivious Transfer
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
On the Amortized Complexity of Zero-Knowledge Protocols
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Efficient proofs that a committed number lies in an interval
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Perfectly-secure MPC with linear communication complexity
TCC'08 Proceedings of the 5th conference on Theory of cryptography
On the theoretical gap between synchronous and asynchronous MPC protocols
Proceedings of the 29th ACM SIGACT-SIGOPS symposium on Principles of distributed computing
Multiparty computation for dishonest majority: from passive to active security at low cost
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Semi-homomorphic encryption and multiparty computation
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Efficient Fully Homomorphic Encryption from (Standard) LWE
FOCS '11 Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science
(Leveled) fully homomorphic encryption without bootstrapping
Proceedings of the 3rd Innovations in Theoretical Computer Science Conference
Threshold decryption and zero-knowledge proofs for lattice-based cryptosystems
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Multiparty computation with low communication, computation and interaction via threshold FHE
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Hi-index | 0.00 |
We construct zero-knowledge proofs of plaintext knowledge (PoPK) and correct multiplication (PoPC) for the Regev encryption scheme with low amortized communication complexity. Previous constructions of both PoPK and PoPC had communication cost linear in the size of the public key (roughly quadratic in the lattice dimension, ignoring logarithmic factors). Furthermore, previous constructions of PoPK suffered from one of the following weaknesses: either the message and randomness space were restricted, or there was a super-polynomial gap between the size of the message and randomness that an honest prover chose and the size of which an accepting verifier would be convinced. The latter weakness was also present in the existent PoPC protocols. In contrast, O(n) proofs (for lattice dimension n) in our PoPK and PoPC protocols have communication cost linear in the public key. Thus, we improve the amortized communication cost of each proof by a factor linear in the lattice dimension. Furthermore, we allow the message space to be ℤp and the randomness distribution to be the discrete Gaussian, both of which are natural choices for the Regev encryption scheme. Finally, in our schemes there is no gap between the size of the message and randomness that an honest prover chooses and the size of which an accepting verifier is convinced. Our constructions use the "MPC-in-the-head" technique of Ishai et al. (STOC 2007). At the heart of our constructions is a protocol for proving that a value is bounded by some publicly known bound. This uses Lagrange's Theorem that states that any positive integer can be expressed as the sum of four squares (an idea previously used by Boudot (EUROCRYPT 2000)), as well as techniques from Cramer and Damgård (CRYPTO 2009).