IACR News item: 25 March 2015
Jonathan Katz, Aishwarya Thiruvengadam, Hong-Sheng Zhou
ePrint Reportenables arbitrary computation over encrypted data.
The past few years have seen several realizations of
FHE under different assumptions, and FHE has been used as a building block in many cryptographic
applications.
\\emph{Adaptive security} for public-key encryption schemes is an important security notion that was proposed
by Canetti et al.\\ over 15 years ago. It is intended to ensure security when encryption is used within an
interactive protocol, and parties may be \\emph{adaptively} corrupted by an adversary
during the course of the protocol execution. Due to the extensive applications of FHE to protocol design, it is natural
to understand whether adaptively secure FHE is achievable.
In this paper we show two contrasting results in this direction. First, we show that adaptive security
is \\emph{impossible} for FHE satisfying the (standard) \\emph{compactness} requirement. On the other hand,
we show a construction of adaptively secure FHE that is not compact, but which does achieve circuit privacy.
Additional news items may be found on the IACR news page.