Communications of the ACM
The Strength of Weak Learnability
Machine Learning
Cryptographic limitations on learning Boolean formulae and finite automata
Journal of the ACM (JACM)
Probabilistic encryption & how to play mental poker keeping secret all partial information
STOC '82 Proceedings of the fourteenth annual ACM symposium on Theory of computing
More on Average Case vs Approximation Complexity
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
How to Encrypt with the LPN Problem
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Cryptographic hardness for learning intersections of halfspaces
Journal of Computer and System Sciences
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Toward basing fully homomorphic encryption on worst-case hardness
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Implementing Gentry's fully-homomorphic encryption scheme
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Fully homomorphic encryption from ring-LWE and security for key dependent messages
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Computing Blindfolded: New Developments in Fully Homomorphic Encryption
FOCS '11 Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science
Efficient Fully Homomorphic Encryption from (Standard) LWE
FOCS '11 Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science
Fully homomorphic encryption with relatively small key and ciphertext sizes
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Fully homomorphic encryption over the integers
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Fully homomorphic encryption with polylog overhead
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Hi-index | 0.00 |
We show that an encryption scheme cannot have a simple decryption function and be homomorphic at the same time, even with added noise. Specifically, if a scheme can homomorphically evaluate the majority function, then its decryption cannot be weakly-learnable (in particular, linear), even if the probability of decryption error is high. (In contrast, without homomorphism, such schemes do exist and are presumed secure, e.g. based on LPN.) An immediate corollary is that known schemes that are based on the hardness of decoding in the presence of low hamming-weight noise cannot be fully homomorphic. This applies to known schemes such as LPN-based symmetric or public key encryption. Using these techniques, we show that the recent candidate fully homomorphic encryption, suggested by Bogdanov and Lee (ePrint '11, henceforth BL), is insecure. In fact, we show two attacks on the BL scheme: One that uses homomorphism, and another that directly attacks a component of the scheme.