International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Fabien Laguillaumie

Affiliation: Université de Lyon 1 / LIP

Publications

Year
Venue
Title
2019
CRYPTO
Two-Party ECDSA from Hash Proof Systems and Efficient Instantiations
ECDSA is a widely adopted digital signature standard. Unfortunately, efficient distributed variants of this primitive are notoriously hard to achieve and known solutions often require expensive zero knowledge proofs to deal with malicious adversaries. For the two party case, Lindell [Lin17] recently managed to get an efficient solution which, to achieve simulation-based security, relies on an interactive, non standard, assumption on Paillier’s cryptosystem. In this paper we generalize Lindell’s solution using hash proof systems. The main advantage of our generic method is that it results in a simulation-based security proof without resorting to non-standard interactive assumptions.Moving to concrete constructions, we show how to instantiate our framework using class groups of imaginary quadratic fields. Our implementations show that the practical impact of dropping such interactive assumptions is minimal. Indeed, while for 128-bit security our scheme is marginally slower than Lindell’s, for 256-bit security it turns out to be better both in key generation and signing time. Moreover, in terms of communication cost, our implementation significantly reduces both the number of rounds and the transmitted bits without exception.
2018
ASIACRYPT
Practical Fully Secure Unrestricted Inner Product Functional Encryption Modulo p
Guilhem Castagnos Fabien Laguillaumie Ida Tucker
Functional encryption (FE) is a modern public-key cryptographic primitive allowing an encryptor to finely control the information revealed to recipients from a given ciphertext. Abdalla, Bourse, De Caro, and Pointcheval (PKC 2015) were the first to consider FE restricted to the class of linear functions, i.e. inner products. Though their schemes are only secure in the selective model, Agrawal, Libert, and Stehlé (CRYPTO 16) soon provided adaptively secure schemes for the same functionality. These constructions, which rely on standard assumptions such as the Decision Diffie-Hellman ( $$\mathsf {DDH}$$ ), the Learning-with-Errors ( $$\mathsf {LWE}$$ ), and Paillier’s Decision Composite Residuosity (DCR) problems, do however suffer of various practical drawbacks. Namely, the DCR based scheme only computes inner products modulo an RSA integer which is oversized for many practical applications, while the computation of inner products modulo a prime p either requires, for their $$\mathsf {DDH}$$ based scheme, that the inner product be contained in a sufficiently small interval for decryption to be efficient, or, as in the $$\mathsf {LWE}$$ based scheme, suffers of poor efficiency due to impractical parameters.In this paper, we provide adaptively secure FE schemes for the inner product functionality which are both efficient and allow for the evaluation of unbounded inner products modulo a prime p. Our constructions rely on new natural cryptographic assumptions in a cyclic group containing a subgroup where the discrete logarithm ( $$\mathsf {DL}$$ ) problem is easy which extend Castagnos and Laguillaumie’s assumption (RSA 2015) of a $$\mathsf {DDH}$$ group with an easy $$\mathsf {DL}$$ subgroup. Instantiating our generic constructions using class groups of imaginary quadratic fields gives rise to the most efficient FE for inner products modulo an arbitrary large prime p. One of our schemes outperforms the DCR variant of Agrawal et al.’s protocols in terms of size of keys and ciphertexts by factors varying between 2 and 20 for a 112-bit security.
2017
CRYPTO
2015
EPRINT
2015
ASIACRYPT
2013
ASIACRYPT
2010
PKC
2009
ASIACRYPT
2009
EUROCRYPT
2005
ASIACRYPT

Program Committees

PKC 2010