Encryption Switching Protocols Revisited: Switching Modulo p
نویسندگان
چکیده
At CRYPTO 2016, Couteau, Peters and Pointcheval introduced a new primitive called encryption switching protocols, allowing to switch ciphertexts between two encryption schemes. If such an ESP is built with two schemes that are respectively additively and multiplicatively homomorphic, it naturally gives rise to a secure 2-party computation protocol. It is thus perfectly suited for evaluating functions, such as multivariate polynomials, given as arithmetic circuits. Couteau et al. built an ESP to switch between Elgamal and Paillier encryptions which do not naturally fit well together. Consequently, they had to design a clever variant of Elgamal over Z/nZ with a costly shared decryption. In this paper, we first present a conceptually simple generic construction for encryption switching protocols. We then give an efficient instantiation of our generic approach that uses two well-suited protocols, namely a variant of Elgamal in Z/pZ and the Castagnos-Laguillaumie encryption which is additively homomorphic over Z/pZ. Among other advantages, this allows to perform all computations modulo a prime p instead of an RSA modulus. Overall, our solution leads to significant reductions in the number of rounds as well as the number of bits exchanged by the parties during the interactive protocols. We also show how to extend its security to the malicious setting.
منابع مشابه
Analysis of Symmetric Algorithms in MPLS Network
To speed up the forwarding characteristics of routers Internet engineering task force (IETF) developed Multiprotocol Label Switching or MPLS technology .This technology is very much efficient than usual IP routing as it uses a label switching technique. For security purpose there are various encryption algorithms like symmetric (AES, DES, Triple DES , blowfish, CAST,RC5 ) or asymmetric( DiffieH...
متن کاملSwitching Blindings with a View Towards IDEA
Cryptographic algorithms implemented on smart-cards must be protected against side-channel attacks. Some encryption schemes and hash functions like IDEA, RC6, MD5, SHA-1 alternate various arithmetic and boolean operations, each of them requiring a different kind of blinding. Hence the maskings have to be changed frequently. How to switch reasonably between standard arithmetic masking and boolea...
متن کاملAccess Protocols to Support Different Service Classes in an Optical Burst Switching Ring
Several access protocols are proposed to support different service classes in an optical burst switched ring. Their performance is evaluated through simulation. Various performance metrics such as throughput, utilization, burst loss rate, end-to-end delay and fairness are used to analyze the behaviour of each protocol.
متن کاملبررسی نقش کامنرم در تبدیل تنفس بینی به بینیدهانی در حین ورزش در افراد سالم غیر ورزشکار
Background and Objective: Breathing through the nose and mouth is one of the controversial issues during exercise. The present study was scheduled to investigate a quantitative approach to habitual versus the obligatory switching point from nasal to oronasal breathing during exercise as well as coincidence of soft palate movement as the main aims of this study, that has not been studied previou...
متن کاملEncryption Switching Protocols
We formally define the primitive of encryption switching protocol (ESP), allowing to switch between two encryption schemes. Intuitively, this two-party protocol converts given ciphertexts from one scheme into ciphertexts of the same messages under the other scheme, for any polynomial number of switches, in any direction. Although ESP is a special kind of two-party computation protocol, it turns...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2017 شماره
صفحات -
تاریخ انتشار 2017