A public key cryptosystem and a signature scheme based on discrete logarithms
Proceedings of CRYPTO 84 on Advances in cryptology
A new public key cryptosystem based on higher residues
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Paillier's cryptosystem revisited
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Multiparty Computation from Threshold Homomorphic Encryption
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
On the Security of ElGamal Based Encryption
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Replication is not needed: single database, computationally-private information retrieval
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Verifiable secret-ballot elections
Verifiable secret-ballot elections
Oblivious Polynomial Evaluation
SIAM Journal on Computing
Lossy trapdoor functions and their applications
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
A robust and verifiable cryptographically secure election scheme
SFCS '85 Proceedings of the 26th Annual Symposium on Foundations of Computer Science
Homomorphic Encryption with CCA Security
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Public-Key Cryptosystems Resilient to Key Leakage
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Efficient pseudorandom functions from the decisional linear assumption and weaker variants
Proceedings of the 16th ACM conference on Computer and communications security
Multi-authority secret-ballot elections with linear work
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A secure and optimally efficient multi-authority election scheme
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Lower bounds for discrete logarithms and related problems
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Secure hybrid encryption from weakened key encapsulation
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
A fully homomorphic encryption scheme
A fully homomorphic encryption scheme
Non-interactive verifiable computing: outsourcing computation to untrusted workers
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Improved delegation of computation using fully homomorphic encryption
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
On the CCA1-security of Elgamal and Damgård's Elgamal
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Homomorphic cryptosystems based on subgroup membership problems
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
A new security proof for damgård’s elgamal
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Symmetric subgroup membership problems
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Evaluating 2-DNF formulas on ciphertexts
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Fully homomorphic encryption with relatively small key and ciphertext sizes
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Fully homomorphic encryption over the integers
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Non-interactive zaps and new techniques for NIZK
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Abstract models of computation in cryptography
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Chosen-Ciphertext security from tag-based encryption
TCC'06 Proceedings of the Third conference on Theory of Cryptography
| Hi-index | 0.00 |
We give a complete characterization both in terms of security and design of all currently existing group homomorphic encryption schemes, i.e., existing encryption schemes with a group homomorphic decryption function such as ElGamal and Paillier. To this end, we formalize and identify the basic underlying structure of all existing schemes and say that such schemes are of shift-type. Then, we construct an abstract scheme that represents all shift-type schemes (i.e., every scheme occurs as an instantiation of the abstract scheme) and prove its IND-CCA1 (resp. IND-CPA) security equivalent to the hardness of an abstract problem called Splitting Oracle-Assisted Subgroup Membership Problem (SOAP) (resp. Subgroup Membership Problem, SMP). Roughly, SOAP asks for solving an SMP instance, i.e., for deciding whether a given ciphertext is an encryption of the neutral element of the ciphertext group, while allowing access to a certain oracle beforehand. Our results allow for contributing to a variety of open problems such as the IND-CCA1 security of Paillier's scheme, or the use of linear codes in group homomorphic encryption. Furthermore, we design a new cryptosystem which provides features that are unique up to now: Its IND-CPA security is based on the k-linear problem introduced by Shacham, and Hofheinz and Kiltz, while its IND-CCA1 security is based on a new k-problem that we prove to have the same progressive property, namely that if the k-instance is easy in the generic group model, the (k+1)-instance is still hard.