Cryptanalysis of Brenner et al.'s Somewhat Homomorphic Encryption Scheme
نویسندگان
چکیده
Recently, Brenner et al. proposed a symmetric somewhat homomorphic encryption scheme and applied it to solve some practical problems, such as the Millionaires’ problem, which only need to evaluate circuits of limited depth. It is claimed that the security of their scheme is built on the hardness of integer factorization. In this paper, we use the Euclidean Greatest Common Divisor (GCD) algorithm to perform cryptanalysis on Brenner et al.’s scheme. We present several algorithms to find the secret key of their scheme. Our experiments have shown that our cryptanalysis is feasible and efficient.
منابع مشابه
On Key Recovery Attacks Against Existing Somewhat Homomorphic Encryption Schemes
In his seminal paper at STOC 2009, Gentry left it as a future work to investigate (somewhat) homomorphic encryption schemes with IND-CCA1 security. At SAC 2011, Loftus et al. showed an IND-CCA1 attack against the somewhat homomorphic encryption scheme presented by Gentry and Halevi at Eurocrypt 2011. At ISPEC 2012, Zhang, Plantard and Susilo showed an IND-CCA1 attack against the somewhat homomo...
متن کاملImproving Additive and Multiplicative Homomorphic Encryption Schemes Based on Worst-Case Hardness Assumptions}
In CRYPTO 2010, Aguilar et al. proposed a somewhat homomorphic encryption scheme, i.e. an encryption scheme allowing to compute a limited amount of sums and products over encrypted data, with a security reduction from LWE over general lattices. General lattices (as opposed to ideal lattices) do not have an inherent multiplicative structure but, using a tensorial product, Aguilar et al. managed ...
متن کاملThe Distributed Decryption Schemes for Somewhat Homomorphic Encryption
We propose distributed decryption schemes for somewhat homomorphic encryption (SHE). The proposed schemes are constructed based on the encryption scheme by Brakerski and Vaikuntanathan. In SHE, homomorphic multiplication increases the number of elements in a ciphertext. The proposed scheme can decrypt a ciphertext containing more than two elements with k out of N parties. The distributed decryp...
متن کاملMulti-integer Somewhat Homomorphic Encryption Scheme with China Remainder Theorem
As an effective solution to protect the privacy of the data, homomorphic encryption has become a hot research topic. Existing homomorphic schemes are not truly practical due to their high computational complexity and huge key size. In 2013, Coron et al. proposed a batch homomorphic encryption scheme, i.e. a scheme that supports encrypting and homomorphically evaluating several plaintext bits as...
متن کاملCryptanalysis of a (Somewhat) Additively Homomorphic Encryption Scheme Used in PIR
Private Information Retrieval (PIR) protects users’ privacy in outsourced storage applications and can be achieved using additively homomorphic encryption schemes. Several PIR schemes with a “real world” level of practicality, both in terms of computational and communication complexity, have been recently studied and implemented. One of the possible building block is a conceptually simple and c...
متن کامل