Abstract
Evaluating arbitrary functions on encrypted data is one of the holy grails of cryptography, with Fully Homomorphic Encryption (FHE) being probably the most prominent and powerful example. FHE, in its current state is, however, not efficient enough for practical applications. On the other hand, simple homomorphic and somewhat homomorphic approaches are not powerful enough to support arbitrary computations.
We propose a new approach towards a practicable system for evaluating functions on encrypted data. Our approach allows to chain an arbitrary number of computations, which makes it more powerful than existing efficient schemes. As with basic FHE we do not encrypt or in any way hide the function, that is evaluated on the encrypted data. It is, however, sufficient that the function description is known only to the evaluator. This situation arises in practice for software as a Software as a Service (SaaS)-scenarios, where an evaluator provides a function only known to him and the user wants to protect his data. Another application might be the analysis of sensitive data, such as medical records.
In this paper we restrict ourselves to functions with only one input parameter, which allow arbitrary transformations on encrypted data.
Damgård’s ElGamal
Elliptic Curve Cryptography
Fully Homomorphic Encryption
Multiparty Computation
Oblivious Lookup Table
Oblivious Transfer
Private Information Retrieval
Software as a Service
Universal Arithmetic Circuit
REFERENCES
[1] ARMKNECHT, F.—AUGOT, D.—PERRET, L.—SADEGHI, A.-R.: On constructing homomorphic encryption schemes from coding theory, Cryptology ePrint Archive, Report 2011/309, June 2011.
[2] ARMKNECHT, F.—KATZENBEISSER, S.—PETER, A.: Group homomorphic encryption: characterizations, impossibility results, and applications, Cryptology ePrint Archive, Report 2010/501, 2010, http://eprint.iacr.org/
[3] ARMKNECHT, F.—KATZENBEISSER, S.—PETER, A.: Shift-type homomorphic encryption and its application to fully homomorphic encryption, in: Progress in Cryptology—AFRICACRYPT ’12, 5th Internat. Conf. on Cryptology in Africa (A. Mitrokotsa and S. Vaudenay, eds.), Ifrance, Morocco, 2012, Springer-Verlag, Berlin, 2012, pp. 234–251.
[4] DAMGÅRD, I.: Towards practical public key systems secure against chosen ciphertext attacks, in: Advances in Cryptology—CRYPTO ’91 (J. Feigenbaum, ed.), Lecture Notes in Comput. Sci., Vol. 576, Springer-Verlag, Berlin, 1992, pp. 445–456.
[5] GENTRY, C.: Computing arbitrary functions of encrypted data, Commun. ACM 53 (2010), 97–105.
[6] KATZ, J.—LINDELL, Y.: Introduction to Modern Cryptography—Principles and Protocols, Chapman and Hall/CRC Press, London, 2007.
[7] KENNEDY, W. S.—KOLESNIKOV, V.—WILFONG, G.: Overlaying circuit clauses for secure computation, Cryptology ePrint Archive, Report 2016/685, 2016, http://eprint.iacr.org/2016/685
[8] KISS,Á.—SCHNEIDER, T.: Valiant’s universal circuit is practical, Cryptology ePrint Archive, Report 2016/093, February 2016.
[9] BOGDANOV, A.—LEE, CH. H.: Homomorphic evaluation requires depth, Cryptology ePrint Archive, Report 2015/1044, 2015, http://eprint.iacr.org/
[10] LIPMAA, H.: On the CCA1-Security of Elgamal and Damgård’s Elgamal, Cryptology ePrint Archive, Report 2008/234, 2008, http://eprint.iacr.org/2008/234
[11] LIPMAA, H.—PAYMAN, M.—SAEED, S.: Valiant’s universal circuit: improvements, implementation, and applications, Cryptology ePrint Archive, Report 2016/017, January 2016.
[12] OTTOY, G.—PRENEEL, B.—GOEMAERE, J.-P.—DE STRYCKER, L.: Flexible design of a modular simultaneous exponentiation core for embedded platforms, in: Reconfigurable Computing: Architectures, Tools and Applications (P. Brisk et al., eds.), Lecture Notes in Comput. Sci., Vol. 7806, Springer-Verlag, Berlin, pp. 115–121.
[13] SHELAT, A.—MUTHURAMAKRISHNAN, V.: Secure computation from millionaire, in: Advances in Cryptology—ASIACRYPT ’15, 21st Internat. Conf. on the Theory and Appl. of Cryptology and Inform. Security (T. Iwata and J. H. Cheon, eds.), Auckland, New Zealand, 2015, Lecture Notes in Comp. Sci., Vol. 9452, Springer-Verlag, Berlin, pp. 736–757.
