CryptoDB
Homomorphic Encryption with CCA Security
Authors: | |
---|---|
Download: | |
Abstract: | We address the problem of constructing public-key encryption schemes that meaningfully combine useful {\em computability features} with {\em non-malleability}. In particular, we investigate schemes in which anyone can change an encryption of an unknown message $m$ into an encryption of $T(m)$ (as a {\em feature}), for a specific set of allowed functions $T$, but the scheme is ``non-malleable'' with respect to all other operations. We formulate precise definitions that capture these intuitive requirements and also show relationships among our new definitions and other more standard ones (IND-CCA, gCCA, and RCCA). We further justify our definitions by showing their equivalence to a natural formulation of security in the Universally Composable framework. We also consider extending the definitions to features which combine {\em multiple} ciphertexts, and show that a natural definition is unattainable for a useful class of features. Finally, we describe a new family of encryption schemes that satisfy our definitions for a wide variety of allowed transformations $T$, and which are secure under the standard Decisional Diffie-Hellman (DDH) assumption. |
BibTeX
@misc{eprint-2008-17756, title={Homomorphic Encryption with CCA Security}, booktitle={IACR Eprint archive}, keywords={public-key cryptography / homomorphic encryption}, url={http://eprint.iacr.org/2008/079}, note={Full version of an extended abstract presented at ICALP 2008 rosulek@uiuc.edu 14023 received 20 Feb 2008, last revised 24 May 2008}, author={Manoj Prabhakaran and Mike Rosulek}, year=2008 }