Paper 2022/1143
Threshold Linearly Homomorphic Encryption on $\mathbf{Z}/2^k\mathbf{Z}$
Abstract
A threshold public key encryption protocol is a public key system where the private key is distributed among $n$ different servers. It offers high security since no single server is entrusted to perform the decryption in its entirety. It is the core component of many multiparty computation protocols which involves mutually distrusting parties with common goals. It is even more useful when it is homomorphic, which means that public operations on ciphertexts translate to operations on the underlying plaintexts. In particular, Cramer, Damgård and Nielsen at Eurocrypt 2001 provided a new approach to multiparty computation from linearly homomorphic threshold encryption schemes. On the other hand, there has been recent interest in developing multiparty computations modulo $2^k$ for a certain integer $k$, that closely match data manipulated by a CPU. Multiparty computation would therefore benefit from an encryption scheme with such a message space that would support a distributed decryption. In this work, we provide the first threshold linearly homomorphic encryption whose message space is $\mathbf{Z}/2^k\mathbf{Z}$ for any $k$. It is inspired by Castagnos and Laguillaumie's encryption scheme from RSA 2015, but works with a class group of discriminant whose factorisation is unknown. Its natural structure à la Elgamal makes it possible to distribute the decryption among servers using linear integer secret sharing, allowing any access structure for the decryption policy. Furthermore its efficiency and its flexibility on the choice of the message space make it a good candidate for applications to multiparty computation.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published by the IACR in ASIACRYPT 2022
- Keywords
- Class groups of quadratic fields Linearly homomorphic encryption Threshold cryptography
- Contact author(s)
- guilhem castagnos @ math u-bordeaux fr
- History
- 2022-09-05: approved
- 2022-09-02: received
- See all versions
- Short URL
- https://ia.cr/2022/1143
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1143, author = {Guilhem Castagnos and Fabien Laguillaumie and Ida Tucker}, title = {Threshold Linearly Homomorphic Encryption on $\mathbf{Z}/2^k\mathbf{Z}$}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/1143}, year = {2022}, url = {https://eprint.iacr.org/2022/1143} }