ebook img

Partially Homomorphic Encryption PDF

148 Pages·2021·1.621 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Partially Homomorphic Encryption

Çetin Kaya Koç Funda Özdemir Zeynep Ödemiş Özger Partially Homomorphic Encryption Partially Homomorphic Encryption Çetin Kaya Koç • Funda Özdemir Zeynep Ödemiş Özger Partially Homomorphic Encryption Çetin Kaya Koç Funda Özdemir Department of Computer Science Faculty of Engineering University of California and Natural Sciences Santa Barbara, CA, USA Istinye University Istanbul, Turkey Zeynep Ödemiş Özger Faculty of Engineering and Architecture Kâtip Çelebi University İzmir, Turkey ISBN 978-3-030-87628-9 ISBN 978-3-030-87629-6 (eBook) https://doi.org/10.1007/978-3-030-87629-6 © Springer Nature Switzerland AG 2021 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors, and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. This Springer imprint is published by the registered company Springer Nature Switzerland AG The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland Preface The potential applications of homomorphic operations over encryption functions were recognized and appreciated almost about the same time as the first public- keycryptographicalgorithmRSAwasinvented.TheRSAalgorithmismultiplica- tively homomorphic. The ensuing 30 years have brought on several additively or multiplicativelyhomomorphicencryptionfunctionswithincreasingalgorithmicin- ventiveness and complicated mathematics. However, until 2009, it was not clear whether a fully homomorphic encryption algorithm, one that allows both additive andmultiplicativehomomorphisms,wouldexist.ThiswasresolvedbyCraigGen- try,andfollowedupbyseveralauthorswhohaveproposedfullyhomomorphicen- cryption algorithms and addressed issues related to their formulation, arithmetic, efficiencyandsecurity.Whileformidableefficiencybarriersremain,wenowhavea varietyoffullyhomomorphicencryptionalgorithmsthatcanbeappliedtovarious privatecomputationproblemsinhealthcare,financeandnationalsecurity. Thisbookstartedwiththedesireandmotivationtodescribeandimplementpar- tiallyhomomorphicencryptionfunctionsusingaunifiedmathematicalnotation.We hope that we accomplished our projected goal, and you will find our exposition helpfultounderstandandimplementthesealgorithms.Ifahighlyefficientfullyho- momorphicencryptionfunctionformultipleapplicationsweretobecomeavailable, the usefulness of partially homomorphic encryption functions would be in ques- tion.Butthisloftyendisnotyetinsight.Studyingpartiallyhomomorphicencryp- tionfunctionsmayhelpustounderstandthedifficultiesaheadandperhapstoavoid blindalleysanddeadends.Moreover,partiallyhomomorphicencryptionalgorithms mayhavecertainperhapslimitedapplicationsforwhichsignificantlymoreefficient implementationscanbeobtained.Ifnot,itisalwaysenjoyabletolearninteresting algorithmsandtheirunderlyingbeautifulmathematics. Theauthorsthanktheirfamiliesanddedicatethisbooktothem. C¸etinKayaKoc¸ FundaO¨zdemir ZeynepO¨demis¸O¨zger v Contents 1 Introduction................................................... 1 2 MathematicalBackground ...................................... 3 2.1 NumberTheory ............................................ 3 2.1.1 DivisibilityandFactorization .......................... 3 2.1.2 GreatestCommonDivisor(GCD) ...................... 4 2.1.3 ModularArithmetic .................................. 6 2.1.4 ModularExponentiation .............................. 8 2.1.5 ModularInverse ..................................... 9 2.1.6 Euler’sTheorem..................................... 11 2.1.7 Carmichael’sTheorem................................ 12 2.1.8 Generators.......................................... 13 2.1.9 ChineseRemainderTheorem .......................... 14 2.1.10 QuadraticResidues................................... 15 2.1.11 Higher-OrderResidues ............................... 19 2.1.12 ResidueClasses ..................................... 19 2.1.13 RandomNumberGenerators........................... 22 2.2 GroupTheory ............................................. 23 2.2.1 BasicAxioms ....................................... 23 2.2.2 MultiplicativeGroups ................................ 23 2.2.3 AdditiveGroups ..................................... 24 2.2.4 OrderofaGroup .................................... 24 2.2.5 CyclicGroupsandSubgroups.......................... 25 2.2.6 DiscreteLogarithmProblem........................... 26 2.2.7 Diffie-HellmanProblem .............................. 26 2.2.8 CosetsandLagrange’sTheorem........................ 27 2.2.9 Sylow’sTheorem .................................... 28 2.2.10 DirectProducts...................................... 29 2.2.11 Homomorphisms .................................... 29 2.3 FieldTheory............................................... 30 2.4 EllipticCurves............................................. 31 vii viii Contents 2.4.1 GroupLaw ......................................... 32 2.4.2 EllipticCurvePointMultiplication ..................... 34 2.4.3 EllipticCurvesoverFiniteFields....................... 34 3 Rivest-Shamir-AdlemanAlgorithm .............................. 37 3.1 KeyGeneration ............................................ 37 3.2 Encryption ................................................ 38 3.3 Decryption ................................................ 38 3.4 HomomorphicProperties .................................... 39 3.5 Security .................................................. 40 3.6 Example .................................................. 41 4 Goldwasser-MicaliAlgorithm ................................... 43 4.1 KeyGeneration ............................................ 43 4.2 Encryption ................................................ 44 4.3 Decryption ................................................ 45 4.4 HomomorphicProperties .................................... 45 4.5 Security .................................................. 46 4.6 Example .................................................. 47 5 ElGamalAlgorithm ............................................ 51 5.1 MultiplicativelyHomomorphicElGamalAlgorithm.............. 51 5.1.1 KeyGeneration...................................... 51 5.1.2 Encryption.......................................... 51 5.1.3 Decryption.......................................... 52 5.1.4 HomomorphicProperties.............................. 53 5.1.5 Security ............................................ 55 5.1.6 Example............................................ 56 5.2 AdditivelyHomomorphicElGamal............................ 58 5.2.1 Encryption.......................................... 58 5.2.2 Decryption.......................................... 59 5.2.3 HomomorphicProperties.............................. 59 5.3 TheEllipticCurveElGamalAlgorithm ........................ 60 5.3.1 KeyGeneration...................................... 60 5.3.2 Encryption.......................................... 60 5.3.3 Decryption.......................................... 61 5.3.4 HomomorphicProperties.............................. 61 6 BenalohAlgorithm ............................................. 63 6.1 KeyGeneration ............................................ 63 6.2 Encryption ................................................ 64 6.3 Decryption ................................................ 64 6.4 HomomorphicProperties .................................... 65 6.5 Security .................................................. 67 6.6 Example .................................................. 67 Contents ix 7 Naccache-SternAlgorithm ...................................... 71 7.1 TheDeterministicVersion ................................... 71 7.1.1 KeyGeneration...................................... 71 7.1.2 Encryption.......................................... 72 7.1.3 Decryption.......................................... 72 7.1.4 Security ............................................ 74 7.2 TheProbabilisticVersion .................................... 74 7.2.1 KeyGeneration...................................... 74 7.2.2 Encryption.......................................... 75 7.2.3 Decryption.......................................... 75 7.2.4 HomomorphicProperties.............................. 75 7.2.5 Security ............................................ 77 7.2.6 Example............................................ 77 8 Okamoto-UchiyamaAlgorithm .................................. 83 8.1 KeyGeneration ............................................ 83 8.2 Encryption ................................................ 84 8.3 Decryption ................................................ 84 8.4 HomomorphicProperties .................................... 87 8.5 Security .................................................. 89 8.6 Example .................................................. 91 9 PaillierAlgorithm.............................................. 95 9.1 KeyGeneration ............................................ 95 9.2 Encryption ................................................ 95 9.3 Decryption ................................................ 98 9.4 HomomorphicProperties ....................................101 9.5 Security ..................................................102 9.6 Example ..................................................103 10 Damga˚rd-JurikAlgorithm ......................................107 10.1 FormingthePlaintextSpace..................................107 10.2 KeyGeneration ............................................110 10.3 Encryption ................................................110 10.4 Decryption ................................................111 10.5 HomomorphicProperties ....................................115 10.6 Security ..................................................116 10.7 Example ..................................................118 11 Boneh-Goh-NissimAlgorithm ...................................123 11.1 KeyGeneration ............................................125 11.2 Encryption ................................................125 11.3 Decryption ................................................127 11.4 HomomorphicProperties ....................................127 11.5 Security ..................................................130 11.6 Example ..................................................131 x Contents 12 Sander-Young-YungAlgorithm ..................................135 12.1 KeyGeneration ............................................135 12.2 Encryption ................................................135 12.3 Decryption ................................................136 12.4 HomomorphicProperties ....................................138 12.5 Security ..................................................139 12.6 Example ..................................................139 References.....................................................141 FurtherReading ...................................................142 Index .............................................................143 Chapter 1 Introduction Homomorphic encryption is the last chapter for now in the 3000-year history of cryptographyandabout50yearsofpublic-keycryptography.Performingmeaning- ful computations with encrypted text without decrypting it seems magical at first. Imagineadeckofcardswithunknownnumbersoneach,facingdownonthetable: Can you add these numbers and obtain the total value with 100% accuracy, with- out peeking at any of them? Homomorphic encryption can do this for you; so can asuccessfulillusionistusingsomeelaboratetricks,buthomomorphicencryptionis honest and straightforward, and involves no tricks whatsoever; it is just beautiful mathematics. Answers to the question of how homomorphic cryptography accomplishes this feat are found in tens of doctoral theses and in hundreds of journal, conference and electronic archival articles. This book brings together several of these algo- rithms with their descriptions, algorithmic steps, examples, and security analyses. Wearelimitingourscopehowevertopartiallyhomomorphicencryptionfunctions, whicharethosethatallowoneorafewarithmeticoperationstobeperformedhomo- morphically,ratherthanallarithmeticoperations.Wealsoincludedtwosomewhat homomorphic encryption functions; however, focused on their partial homomor- phismsonly.Thereadershouldnotethat,inthisbook,weusethetermshomomor- phicencryptionandhomomorphiccryptographyinterchangeably. The general concept of homomorphic encryption was introduced by Rivest, AdlemanandDertouzousin[22]usingthetermprivacyhomomorphism,soonafter theRSAalgorithmwasinvented[21].Themultiplicativehomomorphicpropertyof theRSAalgorithmwasfirstnotedinprintinthispaper,as(xe)(ye)=(xy)e.Unfor- tunately,theRSAalgorithmdoesnotallowadditivehomomorphism,andtherefore homomorphicallyevaluatingapolynomialisnotpossibleusingtheRSAencryption function. The breakthrough in the search for fully homomorphic encryption functions camewiththedoctoraldissertationofCraigGentryin2009.Heintroducedthefirst construction for a fully homomorphic encryption scheme [8]. Furthermore, since 1978,wehaveseenveryproductiveresearchonpartialhomomorphismsofexisting ornewencryptionfunctions. © Springer Nature Switzerland AG 2021 1 Ç. K. Koç et al., Partially Homomorphic Encryption, https://doi.org/10.1007/978-3-030-87629-6_1

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.