Scooby：基于 FHE 的改进型多方同态秘密共享

IF 0.8 4区计算机科学 Q3 COMPUTER SCIENCE, THEORY & METHODS Information and Computation Pub Date : 2023-12-29 DOI:10.1016/j.ic.2023.105133

Ilaria Chillotti , Emmanuela Orsini , Peter Scholl , Barry Van Leeuwen

{"title":"Scooby：基于 FHE 的改进型多方同态秘密共享","authors":"Ilaria Chillotti , Emmanuela Orsini , Peter Scholl , Barry Van Leeuwen","doi":"10.1016/j.ic.2023.105133","DOIUrl":null,"url":null,"abstract":"<div>In this paper we present new constructions of multi-party homomorphic secret sharing (HSS) based on a new primitive that we call homomorphic encryption with decryption to shares (HEDS). Our first scheme, which we call <math><mi>Scooby</mi></math>, is based on many popular fully homomorphic encryption (FHE) schemes with a linear decryption property. <math><mi>Scooby</mi></math> achieves an n-party HSS for general circuits with complexity <math><mi>O</mi><mo>(</mo><mo>|</mo><mi>F</mi><mo>|</mo><mo>+</mo><mi>log</mi><mo>⁡</mo><mi>n</mi><mo>)</mo></math>, as opposed to <math><mi>O</mi><mo>(</mo><msup><mrow><mi>n</mi></mrow><mrow><mn>2</mn></mrow></msup><mo>⋅</mo><mo>|</mo><mi>F</mi><mo>|</mo><mo>)</mo></math> for the prior best construction based on multi-key FHE. <math><mi>Scooby</mi></math> relies on a trusted setup procedure, and can be based on (ring)-LWE with a super-polynomial modulus-to-noise ratio. In our second construction, <math><mi>Scrappy</mi></math>, assuming any generic FHE plus HSS for NC1-circuits, we obtain a HEDS scheme which does not require a super-polynomial modulus. While these schemes all require FHE, in another instantiation, <math><mi>Shaggy</mi></math>, we show how it is also possible to obtain multi-party HSS without FHE, instead relying on the DCR assumption to obtain 4-party HSS for constant-degree polynomials.</div>","PeriodicalId":54985,"journal":{"name":"Information and Computation","volume":"297 ","pages":"Article 105133"},"PeriodicalIF":0.8000,"publicationDate":"2023-12-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Scooby: Improved multi-party homomorphic secret sharing based on FHE\",\"authors\":\"Ilaria Chillotti , Emmanuela Orsini , Peter Scholl , Barry Van Leeuwen\",\"doi\":\"10.1016/j.ic.2023.105133\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>In this paper we present new constructions of multi-party homomorphic secret sharing (HSS) based on a new primitive that we call homomorphic encryption with decryption to shares (HEDS). Our first scheme, which we call <math><mi>Scooby</mi></math>, is based on many popular fully homomorphic encryption (FHE) schemes with a linear decryption property. <math><mi>Scooby</mi></math> achieves an n-party HSS for general circuits with complexity <math><mi>O</mi><mo>(</mo><mo>|</mo><mi>F</mi><mo>|</mo><mo>+</mo><mi>log</mi><mo>⁡</mo><mi>n</mi><mo>)</mo></math>, as opposed to <math><mi>O</mi><mo>(</mo><msup><mrow><mi>n</mi></mrow><mrow><mn>2</mn></mrow></msup><mo>⋅</mo><mo>|</mo><mi>F</mi><mo>|</mo><mo>)</mo></math> for the prior best construction based on multi-key FHE. <math><mi>Scooby</mi></math> relies on a trusted setup procedure, and can be based on (ring)-LWE with a super-polynomial modulus-to-noise ratio. In our second construction, <math><mi>Scrappy</mi></math>, assuming any generic FHE plus HSS for NC1-circuits, we obtain a HEDS scheme which does not require a super-polynomial modulus. While these schemes all require FHE, in another instantiation, <math><mi>Shaggy</mi></math>, we show how it is also possible to obtain multi-party HSS without FHE, instead relying on the DCR assumption to obtain 4-party HSS for constant-degree polynomials.</div>\",\"PeriodicalId\":54985,\"journal\":{\"name\":\"Information and Computation\",\"volume\":\"297 \",\"pages\":\"Article 105133\"},\"PeriodicalIF\":0.8000,\"publicationDate\":\"2023-12-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information and Computation\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0890540123001360\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information and Computation","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0890540123001360","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

摘要

在本文中，我们提出了基于新基元的多方同态秘密共享（HSS）的新结构，我们称之为同态加密与解密共享（HEDS）。我们的第一个方案被称为 Scooby，它基于许多流行的具有线性解密特性的全同态加密（FHE）方案。Scooby 为一般电路实现了复杂度为 O(|F|+logn)的 n 方 HSS，而之前基于多密钥 FHE 的最佳构建复杂度为 O(n2⋅|F|)。Scooby 依赖于可信设置程序，可以基于具有超多项式模数-噪声比的（环）-LWE。在我们的第二个构造 Scrappy 中，假定任何通用 FHE 加上 NC1 电路的 HSS，我们就能得到一个不需要超多项式模的 HEDS 方案。虽然这些方案都需要 FHE，但在另一个实例 Shaggy 中，我们展示了如何在没有 FHE 的情况下获得多方 HSS，而不是依靠 DCR 假设来获得恒定度多项式的 4 方 HSS。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Scooby: Improved multi-party homomorphic secret sharing based on FHE

In this paper we present new constructions of multi-party homomorphic secret sharing (HSS) based on a new primitive that we call homomorphic encryption with decryption to shares (HEDS). Our first scheme, which we call $Scooby$ , is based on many popular fully homomorphic encryption (FHE) schemes with a linear decryption property. $Scooby$ achieves an n-party HSS for general circuits with complexity $O (| F | + \log n)$ , as opposed to $O (n^{2} \cdot | F |)$ for the prior best construction based on multi-key FHE. $Scooby$ relies on a trusted setup procedure, and can be based on (ring)-LWE with a super-polynomial modulus-to-noise ratio. In our second construction, $Scrappy$ , assuming any generic FHE plus HSS for NC1-circuits, we obtain a HEDS scheme which does not require a super-polynomial modulus. While these schemes all require FHE, in another instantiation, $Shaggy$ , we show how it is also possible to obtain multi-party HSS without FHE, instead relying on the DCR assumption to obtain 4-party HSS for constant-degree polynomials.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Information and Computation 工程技术-计算机：理论方法

CiteScore

2.30

自引率

0.00%

发文量

119

审稿时长

140 days

期刊介绍： Information and Computation welcomes original papers in all areas of theoretical computer science and computational applications of information theory. Survey articles of exceptional quality will also be considered. Particularly welcome are papers contributing new results in active theoretical areas such as -Biological computation and computational biology- Computational complexity- Computer theorem-proving- Concurrency and distributed process theory- Cryptographic theory- Data base theory- Decision problems in logic- Design and analysis of algorithms- Discrete optimization and mathematical programming- Inductive inference and learning theory- Logic & constraint programming- Program verification & model checking- Probabilistic & Quantum computation- Semantics of programming languages- Symbolic computation, lambda calculus, and rewriting systems- Types and typechecking

期刊最新文献

An algebraic attack on the key exchange protocol based upon a modified tropical structure Distributed fractional local ratio and independent set approximation Editorial Board Editorial Board A parallel algorithm for counting parse trees