Analysis of Gong et al.'s CCA2-secure homomorphic encryption
It is a well-known result that homomorphic encryption is not secure against adaptive chosen ciphertext attacks (CCA2) because of its malleable property. Very recently, however, Gong et al. proposed a construction asserted to be a CCA2-secure additively homomorphic encryption (AHE) scheme; in their c...
Saved in:
| Main Authors: | , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2017
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/83728 http://hdl.handle.net/10220/42768 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-83728 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-837282023-02-28T19:36:40Z Analysis of Gong et al.'s CCA2-secure homomorphic encryption Lee, Hyung Tae Ling, San Wang, Huaxiong School of Physical and Mathematical Sciences Additively Homomorphic Encryption Adaptive Chosen Ciphertext Attack It is a well-known result that homomorphic encryption is not secure against adaptive chosen ciphertext attacks (CCA2) because of its malleable property. Very recently, however, Gong et al. proposed a construction asserted to be a CCA2-secure additively homomorphic encryption (AHE) scheme; in their construction, the adversary is not able to obtain a correct answer when querying the decryption oracle on a ciphertext obtained by modifying the challenge ciphertext (Theoretical Computer Science, 2016). Because their construction is very similar to Paillier's AHE, it appeared to support an additively homomorphic property, though they did not specify an evaluation algorithm for the scheme in their paper. In this paper, we present a simple CCA2 attack on their construction by re-randomizing the challenge ciphertext. Furthermore, we look into an additively homomorphic property of their construction. To do this, we first consider a typical candidate for an addition algorithm on ciphertexts, as provided for previous AHE constructions, and establish that it does not function correctly. Subsequently, we provide plausible evidence for the hardness of achieving an additively homomorphic property with their construction. According to our analysis, it seems hard to preserve an additively homomorphic property of their construction without any modification. In addition, as a minor contribution, we point out a flaw in the decryption algorithm of their construction and present a rectified algorithm for correct decryption. MOE (Min. of Education, S’pore) Accepted version 2017-06-29T04:50:08Z 2019-12-06T15:30:47Z 2017-06-29T04:50:08Z 2019-12-06T15:30:47Z 2016 Journal Article Lee, H. T., Ling, S., & Wang, H. (2016). Analysis of Gong et al.'s CCA2-secure homomorphic encryption. Theoretical Computer Science, 640, 104-114. 0304-3975 https://hdl.handle.net/10356/83728 http://hdl.handle.net/10220/42768 10.1016/j.tcs.2016.06.014 en Theoretical Computer Science © 2016 Elsevier B.V. This is the author created version of a work that has been peer reviewed and accepted for publication by Theoretical Computer Science, Elsevier B.V. It incorporates referee’s comments but changes resulting from the publishing process, such as copyediting, structural formatting, may not be reflected in this document. The published version is available at: [http://dx.doi.org/10.1016/j.tcs.2016.06.014]. 14 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Additively Homomorphic Encryption Adaptive Chosen Ciphertext Attack |
| spellingShingle |
Additively Homomorphic Encryption Adaptive Chosen Ciphertext Attack Lee, Hyung Tae Ling, San Wang, Huaxiong Analysis of Gong et al.'s CCA2-secure homomorphic encryption |
| description |
It is a well-known result that homomorphic encryption is not secure against adaptive chosen ciphertext attacks (CCA2) because of its malleable property. Very recently, however, Gong et al. proposed a construction asserted to be a CCA2-secure additively homomorphic encryption (AHE) scheme; in their construction, the adversary is not able to obtain a correct answer when querying the decryption oracle on a ciphertext obtained by modifying the challenge ciphertext (Theoretical Computer Science, 2016). Because their construction is very similar to Paillier's AHE, it appeared to support an additively homomorphic property, though they did not specify an evaluation algorithm for the scheme in their paper. In this paper, we present a simple CCA2 attack on their construction by re-randomizing the challenge ciphertext. Furthermore, we look into an additively homomorphic property of their construction. To do this, we first consider a typical candidate for an addition algorithm on ciphertexts, as provided for previous AHE constructions, and establish that it does not function correctly. Subsequently, we provide plausible evidence for the hardness of achieving an additively homomorphic property with their construction. According to our analysis, it seems hard to preserve an additively homomorphic property of their construction without any modification. In addition, as a minor contribution, we point out a flaw in the decryption algorithm of their construction and present a rectified algorithm for correct decryption. |
| author2 |
School of Physical and Mathematical Sciences |
| author_facet |
School of Physical and Mathematical Sciences Lee, Hyung Tae Ling, San Wang, Huaxiong |
| format |
Article |
| author |
Lee, Hyung Tae Ling, San Wang, Huaxiong |
| author_sort |
Lee, Hyung Tae |
| title |
Analysis of Gong et al.'s CCA2-secure homomorphic encryption |
| title_short |
Analysis of Gong et al.'s CCA2-secure homomorphic encryption |
| title_full |
Analysis of Gong et al.'s CCA2-secure homomorphic encryption |
| title_fullStr |
Analysis of Gong et al.'s CCA2-secure homomorphic encryption |
| title_full_unstemmed |
Analysis of Gong et al.'s CCA2-secure homomorphic encryption |
| title_sort |
analysis of gong et al.'s cca2-secure homomorphic encryption |
| publishDate |
2017 |
| url |
https://hdl.handle.net/10356/83728 http://hdl.handle.net/10220/42768 |
| _version_ |
1759853766417317888 |