About: Multiple encryption is a(n) research topic. Over the lifetime, 5793 publication(s) have been published within this topic receiving 150601 citation(s).
Craig Gentry1•Institutions (1)
31 May 2009-
TL;DR: This work proposes a fully homomorphic encryption scheme that allows one to evaluate circuits over encrypted data without being able to decrypt, and describes a public key encryption scheme using ideal lattices that is almost bootstrappable.
Abstract: We propose a fully homomorphic encryption scheme -- i.e., a scheme that allows one to evaluate circuits over encrypted data without being able to decrypt. Our solution comes in three steps. First, we provide a general result -- that, to construct an encryption scheme that permits evaluation of arbitrary circuits, it suffices to construct an encryption scheme that can evaluate (slightly augmented versions of) its own decryption circuit; we call a scheme that can evaluate its (augmented) decryption circuit bootstrappable.Next, we describe a public key encryption scheme using ideal lattices that is almost bootstrappable.Lattice-based cryptosystems typically have decryption algorithms with low circuit complexity, often dominated by an inner product computation that is in NC1. Also, ideal lattices provide both additive and multiplicative homomorphisms (modulo a public-key ideal in a polynomial ring that is represented as a lattice), as needed to evaluate general circuits.Unfortunately, our initial scheme is not quite bootstrappable -- i.e., the depth that the scheme can correctly evaluate can be logarithmic in the lattice dimension, just like the depth of the decryption circuit, but the latter is greater than the former. In the final step, we show how to modify the scheme to reduce the depth of the decryption circuit, and thereby obtain a bootstrappable encryption scheme, without reducing the depth that the scheme can evaluate. Abstractly, we accomplish this by enabling the encrypter to start the decryption process, leaving less work for the decrypter, much like the server leaves less work for the decrypter in a server-aided cryptosystem.
30 Oct 2006-
TL;DR: This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.
Abstract: As more sensitive data is shared and stored by third-party sites on the Internet, there will be a need to encrypt data stored at these sites. One drawback of encrypting data, is that it can be selectively shared only at a coarse-grained level (i.e., giving another party your private key). We develop a new cryptosystem for fine-grained sharing of encrypted data that we call Key-Policy Attribute-Based Encryption (KP-ABE). In our cryptosystem, ciphertexts are labeled with sets of attributes and private keys are associated with access structures that control which ciphertexts a user is able to decrypt. We demonstrate the applicability of our construction to sharing of audit-log information and broadcast encryption. Our construction supports delegation of private keys which subsumesHierarchical Identity-Based Encryption (HIBE).
01 Dec 1978-Communications of The ACM
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Abstract: Use of encryption to achieve authenticated communication in computer networks is discussed. Example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee. Both conventional and public-key encryption algorithms are considered as the basis for protocols.
01 Jan 2009-
TL;DR: This work designs a somewhat homomorphic "boostrappable" encryption scheme that works when the function f is the scheme's own decryption function, and shows how, through recursive self-embedding, bootstrappable encryption gives fully homomorphic encryption.
Abstract: We propose the first fully homomorphic encryption scheme, solving an old open problem. Such a scheme allows one to compute arbitrary functions over encrypted data without the decryption key—i.e., given encryptions E(m1), ..., E( mt) of m1, ..., m t, one can efficiently compute a compact ciphertext that encrypts f(m1, ..., m t) for any efficiently computable function f. Fully homomorphic encryption has numerous applications. For example, it enables encrypted search engine queries—i.e., a search engine can give you a succinct encrypted answer to your (boolean) query without even knowing what your query was. It also enables searching on encrypted data; you can store your encrypted data on a remote server, and later have the server retrieve only files that (when decrypted) satisfy some boolean constraint, even though the server cannot decrypt the files on its own. More broadly, it improves the efficiency of secure multiparty computation. In our solution, we begin by designing a somewhat homomorphic "boostrappable" encryption scheme that works when the function f is the scheme's own decryption function. We then show how, through recursive self-embedding, bootstrappable encryption gives fully homomorphic encryption.
01 Jan 2007-
TL;DR: This book discusses Private-Key (Symmetric) Cryptography, Number Theory and Cryptographic Hardness Assumptions, and the Random-Oracle Model in Detail.
Abstract: Preface I. Introduction and Classical Cryptography Introduction Cryptography and Modern Cryptography The Setting of Private-Key Encryption Historical Ciphers and Their Cryptanalysis Principles of Modern Cryptography Principle 1 - Formal Definitions Principle 2 - Precise Assumptions Principle 3 - Proofs of Security Provable Security and Real-World Security References and Additional Reading Exercises Perfectly Secret Encryption Definitions The One-Time Pad Limitations of Perfect Secrecy Shannon's Theorem References and Additional Reading Exercises II. Private-Key (Symmetric) Cryptography Private-Key Encryption Computational Security The Concrete Approach The Asymptotic Approach Defining Computationally Secure Encryption The Basic Definition of Security Semantic Security Constructing Secure Encryption Schemes Pseudorandom Generators and Stream Ciphers Proofs by Reduction A Secure Fixed-Length Encryption Scheme Stronger Security Notions Security for Multiple Encryptions Chosen-Plaintext Attacks and CPA-Security Constructing CPA-Secure Encryption Schemes Pseudorandom Functions and Block Ciphers CPA-Secure Encryption from Pseudorandom Functions Modes of Operation Stream-Cipher Modes of Operation Block-Cipher Modes of Operation Chosen-Ciphertext Attacks Defining CCA-Security Padding-Oracle Attacks References and Additional Reading Exercises Message Authentication Codes Message Integrity Secrecy vs. Integrity Encryption vs. Message Authentication Message Authentication Codes - Definitions Constructing Secure Message Authentication Codes A Fixed-Length MAC Domain Extension for MACs CBC-MAC The Basic Construction Proof of Security Authenticated Encryption Definitions Generic Constructions Secure Communication Sessions CCA-Secure Encryption Information-Theoretic MACs Constructing Information-Theoretic MACs Limitations on Information-Theoretic MACs References and Additional Reading Exercises Hash Functions and Applications Definitions Collision Resistance Weaker Notions of Security Domain Extension: The Merkle-Damgard Transform Message Authentication Using Hash Functions Hash-and-MAC HMAC Generic Attacks on Hash Functions Birthday Attacks for Finding Collisions Small-Space Birthday Attacks Time/Space Tradeoffs for Inverting Functions The Random-Oracle Model The Random-Oracle Model in Detail Is the Random-Oracle Methodology Sound? Additional Applications of Hash Functions Fingerprinting and Deduplication Merkle Trees Password Hashing Key Derivation Commitment Schemes References and Additional Reading Exercises Practical Constructions of Symmetric-Key Primitives Stream Ciphers Linear-Feedback Shift Registers Adding Nonlinearity Trivium RC4 Block Ciphers Substitution-Permutation Networks Feistel Networks DES - The Data Encryption Standard 3DES: Increasing the Key Length of a Block Cipher AES - The Advanced Encryption Standard Differential and Linear Cryptanalysis Hash Functions Hash Functions from Block Ciphers MD5 SHA-0, SHA-1, and SHA-2 SHA-3 (Keccak) References and Additional Reading Exercises Theoretical Constructions of Symmetric-Key Primitives One-Way Functions Definitions Candidate One-Way Functions Hard-Core Predicates From One-Way Functions to Pseudorandomness Hard-Core Predicates from One-Way Functions A Simple Case A More Involved Case The Full Proof Constructing Pseudorandom Generators Pseudorandom Generators with Minimal Expansion Increasing the Expansion Factor Constructing Pseudorandom Functions Constructing (Strong) Pseudorandom Permutations Assumptions for Private-Key Cryptography Computational Indistinguishability References and Additional Reading Exercises III. Public-Key (Asymmetric) Cryptography Number Theory and Cryptographic Hardness Assumptions Preliminaries and Basic Group Theory Primes and Divisibility Modular Arithmetic Groups The Group ZN Isomorphisms and the Chinese Remainder Theorem Primes, Factoring, and RSA Generating Random Primes Primality Testing The Factoring Assumption The RSA Assumption Relating the RSA and Factoring Assumptions Cryptographic Assumptions in Cyclic Groups Cyclic Groups and Generators The Discrete-Logarithm/Diffie-Hellman Assumptions Working in (Subgroups of) Zp Elliptic Curves Cryptographic Applications One-Way Functions and Permutations Constructing Collision-Resistant Hash Functions References and Additional Reading Exercises Algorithms for Factoring and Computing Discrete Logarithms Algorithms for Factoring Pollard's p - 1 Algorithm Pollard's Rho Algorithm The Quadratic Sieve Algorithm Algorithms for Computing Discrete Logarithms The Pohlig-Hellman Algorithm The Baby-Step/Giant-Step Algorithm Discrete Logarithms from Collisions The Index Calculus Algorithm Recommended Key Lengths References and Additional Reading Exercises Key Management and the Public-Key Revolution Key Distribution and Key Management A Partial Solution: Key-Distribution Centers Key Exchange and the Diffie-Hellman Protocol The Public-Key Revolution References and Additional Reading Exercises Public-Key Encryption Public-Key Encryption - An Overview Definitions Security against Chosen-Plaintext Attacks Multiple Encryptions Security against Chosen-Ciphertext Attacks Hybrid Encryption and the KEM/DEM Paradigm CPA-Security CCA-Security CDH/DDH-Based Encryption El Gamal Encryption DDH-Based Key Encapsulation A CDH-Based KEM in the Random-Oracle Model Chosen-Ciphertext Security and DHIES/ECIES RSA Encryption Plain RSA Padded RSA and PKCS #1 v1.5 CPA-Secure Encryption without Random Oracles OAEP and RSA PKCS #1 v A CCA-Secure KEM in the Random-Oracle Model RSA Implementation Issues and Pitfalls References and Additional Reading Exercises Digital Signature Schemes Digital Signatures - An Overview Definitions The Hash-and-Sign Paradigm RSA Signatures Plain RSA RSA-FDH and PKCS #1 v Signatures from the Discrete-Logarithm Problem The Schnorr Signature Scheme DSA and ECDSA Signatures from Hash Functions Lamport's Signature Scheme Chain-Based Signatures Tree-Based Signatures Certificates and Public-Key Infrastructures Putting It All Together - SSL/TLS Signcryption References and Additional Reading Exercises Advanced Topics in Public-Key Encryption Public-Key Encryption from Trapdoor Permutations Trapdoor Permutations Public-Key Encryption from Trapdoor Permutations The Paillier Encryption Scheme The Structure of ZN2 The Paillier Encryption Scheme Homomorphic Encryption Secret Sharing and Threshold Encryption Secret Sharing Verifiable Secret Sharing Threshold Encryption and Electronic Voting The Goldwasser-Micali Encryption Scheme Quadratic Residues Modulo a Prime Quadratic Residues Modulo a Composite The Quadratic Residuosity Assumption The Goldwasser-Micali Encryption Scheme The Rabin Encryption Scheme Computing Modular Square Roots A Trapdoor Permutation Based on Factoring The Rabin Encryption Scheme References and Additional Reading Exercises Index of Common Notation Appendix A: Mathematical Background Identities and Inequalities Asymptotic Notation Basic Probability The "Birthday" Problem Finite Fields Appendix B: Basic Algorithmic Number Theory Integer Arithmetic Basic Operations The Euclidean and Extended Euclidean Algorithms Modular Arithmetic Basic Operations Computing Modular Inverses Modular Exponentiation Montgomery Multiplication Choosing a Uniform Group Element Finding a Generator of a Cyclic Group Group-Theoretic Background Efficient Algorithms References and Additional Reading Exercises References Index