When Homomorphism Becomes a Liability
نویسنده
چکیده
We show that an encryption scheme cannot have a simple decryption function and be homomorphic at the same time, even with added noise. Specifically, if a scheme can homomorphically evaluate the majority function, then its decryption cannot be weakly-learnable (in particular, linear), even if the probability of decryption error is high. (In contrast, without homomorphism, such schemes do exist and are presumed secure, e.g. based on LPN.) An immediate corollary is that known schemes that are based on the hardness of decoding in the presence of low hamming-weight noise cannot be fully homomorphic. This applies to known schemes such as LPN-based symmetric or public key encryption. Using these techniques, we show that the recent candidate fully homomorphic encryption, suggested by Bogdanov and Lee (ePrint ’11, henceforth BL), is insecure. In fact, we show two attacks on the BL scheme: One that uses homomorphism, and another that directly attacks a component of the scheme.
منابع مشابه
$n$-Jordan homomorphisms on C-algebras
Let $nin mathbb{N}$. An additive map $h:Ato B$ between algebras $A$ and $B$ is called $n$-Jordan homomorphism if $h(a^n)=(h(a))^n$ for all $ain A$. We show that every $n$-Jordan homomorphism between commutative Banach algebras is a $n$-ring homomorphism when $n < 8$. For these cases, every involutive $n$-Jordan homomorphism between commutative C-algebras is norm continuous.
متن کاملمطالعه تلهمدیسین (پزشکی از راه دور) از منظر حقوقی
Telemedicine meaning long-distance medicine is one of the ways to provide health care services that takes place using technology and modern equipment. Telemedicine includes services such as telecouncil, teleradiology and telesurgery. Providing telemedicine services to patients is required their informed consent on the delivery of services, the method of treatment and its rate risk. Telemedicine...
متن کاملGraph homomorphisms and components of quotient graphs
We study how the number c(X) of components of a graph X can be expressed through the number and properties of the components of a quotient graph X/∼ . We partially rely on classic qualifications of graph homomorphisms such as locally constrained homomorphisms and on the concept of equitable partition and orbit partition. We introduce the new definitions of pseudo-covering homomorphism and of co...
متن کاملAdditive maps on C$^*$-algebras commuting with $|.|^k$ on normal elements
Let $mathcal {A} $ and $mathcal {B} $ be C$^*$-algebras. Assume that $mathcal {A}$ is of real rank zero and unital with unit $I$ and $k>0$ is a real number. It is shown that if $Phi:mathcal{A} tomathcal{B}$ is an additive map preserving $|cdot|^k$ for all normal elements; that is, $Phi(|A|^k)=|Phi(A)|^k $ for all normal elements $Ainmathcal A$, $Phi(I)$ is a projection, and there exists a posit...
متن کاملCharacterization of Pseudo n-Jordan homomorphism Between unital algebras
Let A and B be Banach algebras and B be a right A-module. In this paper, under special hypotheses we prove that every pseudo (n+1)-Jordan homomorphism f:A----> B is a pseudo n-Jordan homomorphism and every pseudo n-Jordan homomorphism is an n-Jordan homomorphism
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2012 شماره
صفحات -
تاریخ انتشار 2012