Open Access

A Survey of Homomorphic Encryption for Nonspecialists

EURASIP Journal on Information Security20072007:013801

DOI: 10.1155/2007/13801

Received: 30 March 2007

Accepted: 24 October 2007

Published: 11 December 2007

Abstract

Processing encrypted signals requires special properties of the underlying encryption scheme. A possible choice is the use of homomorphic encryption. In this paper, we propose a selection of the most important available solutions, discussing their properties and limitations.

[12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970]

Authors’ Affiliations

(1)
CNRS/IRISA-TEMICS, Campus de Beaulieu

References

  1. Rivest R, Adleman L, Dertouzos M: On data banks and privacy homomorphisms. In Foundations of Secure Computation. Academic Press; 1978:169-177.Google Scholar
  2. Brickell E, Yacobi Y: On privacy homomorphisms. In Advances in Cryptology (EUROCRYPT '87), Lecture Notes in Computer Science. Volume 304. Springer, New York, NY, USA; 1987:117-126.Google Scholar
  3. Rappe D: Homomorphic cryptosystems and their applications, Ph.D. thesis. University of Dortmund, Dortmund, Germany; 2004.http://www.rappe.de/doerte/Diss.pdfGoogle Scholar
  4. Cramer R, Damgård I: Zero-knowledge for finite field arthmetic, or: can zeroknowledge be for free? In Advances in Cryptology (CRYPTO '98), Lecture Notes in Computer Science. Volume 1462. Springer, New York, NY, USA; 1998:424-441. 10.1007/BFb0055745Google Scholar
  5. Lipmaa H: Verifiable homomorphic oblivious transfer and private equality test. In Advances in Cryptology (ASIACRYPT '03), Lecture Notes in Computer Science. Volume 2894. Springer, New York, NY, USA; 2003:416-433. 10.1007/978-3-540-40061-5_27Google Scholar
  6. Fouque P-A, Poupard G, Stern J: Sharing decryption in the context of voting or lotteries. Proceedings of the 4th International Conference on Financial Cryptography, 2000, Anguilla, British West Indies, Lecture Notes in Computer Science 1962: 90-104.Google Scholar
  7. Sander T, Tschudin C: Protecting mobile agents against malicious hosts. In Mobile Agents and Security, Lecture Notes in Computer Science. Volume 1419. Springer, New York, NY, USA; 1998:44-60.View ArticleGoogle Scholar
  8. Golle P, Jakobsson M, Juels A, Syverson P: Universal re-encryption for mixnets. Proceedings of the RSA Conference Cryptographer's (Track '04), 2004, San Francisco, Calif, USA, Lecture Notes in Computer Science 2964: 163-178.MathSciNetGoogle Scholar
  9. Damgård I, Jurik M: A length-flexible threshold cryptosystem with applications. Proceedings of the 8th Australian Conference on Information Security and Privacy (ACISP '03), 2003, Wollongong, Australia, Lecture Notes in Computer Science 2727:Google Scholar
  10. Adelsbach A, Katzenbeisser S, Sadeghi A: Cryptology meets watermarking: detecting watermarks with minimal or zero-knowledge disclosures. Proceedings of the European Signal Processing Conference (EUSIPCO '02), September 2002, Toulouse, FranceGoogle Scholar
  11. Pfitzmann B, Waidner W: Anonymous fingerprinting. In Advances in Cryptology (EUROCRYPT '97), Lecture Notes in Computer Science. Volume 1233. Springer, New York, NY, USA; 1997:88-102. 10.1007/3-540-69053-0_8Google Scholar
  12. Memon N, Wong P: A buyer-seller watermarking protocol. IEEE Transactions on Image Processing 2001, 10(4):643-649. 10.1109/83.913598MATHView ArticleGoogle Scholar
  13. Lei C-L, Yu P-L, Tsai P-L, Chan M-H: An efficient and anonymous buyer-seller watermarking protocol. IEEE Transactions on Image Processing 2004, 13(12):1618-1626. 10.1109/TIP.2004.837553View ArticleGoogle Scholar
  14. Kuribayashi M, Tanaka H: Fingerprinting protocol for images based on aditive homomorphic property. IEEE Transactions on Image Processing 2005, 14(12):2129-2139.View ArticleGoogle Scholar
  15. Shoup V: A Computational Introduction to Number Theory and Algebra. Cambridge University Press; 2005.http://www.shoup.net/ntb/MATHView ArticleGoogle Scholar
  16. Menezes A, Van Orschot P, Vanstone S: Handbook of applied cryptography. CRC Press; 1997.http://www.cacr.math.uwaterloo.ca/hac/MATHGoogle Scholar
  17. Van Tilborg H (Ed): Encyclopedia of Cryptography and Security. Springer, New York, NY, USA; 2005.MATHGoogle Scholar
  18. Kerckhoffs A: La cryptographie militaire (part i). Journal des Sciences Militaires 1883, 9(1):5-38.Google Scholar
  19. Kerckhoffs A: La cryptographie militaire (part ii). Journal des Sciences Militaires 1883, 9(2):161-191.Google Scholar
  20. Daemen J, Rijmen V: The block cipher RIJNDAEL. In (CARDIS '98), Lecture Notes in Computer Science. Volume 1820. Springer, New York, NY, USA; 2000:247-256.Google Scholar
  21. Daemen J, Rijmen V: The design of Rijndael. In AES—the Advanced Encryption Standard, Informtion Security and Cryptography. Springer, New York, NY, USA; 2002.Google Scholar
  22. Vernam G: Cipher printing telegraph systems for secret wire and radio telegraphic communications. Journal of the American Institute of Electrical Engineers 1926, 45: 109-115.Google Scholar
  23. Ekdahl P, Johansson T: A new version of the stream cipher SNOW. In Selected Areas in Cryptography (SAC '02), Lecture Notes in Computer Science. Volume 2595. Springer, New York, NY, USA; 2002:47-61.View ArticleGoogle Scholar
  24. Rivest R, Shamir A, Adleman L: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 1978, 21(2):120-126. 10.1145/359340.359342MATHMathSciNetView ArticleGoogle Scholar
  25. ElGamal T: A prublic key cryptosystem and a signature scheme based on discrete logarithms. In Advances in Cryptology (CRYPTO '84), Lecture Notes in Computer Science. Volume 196. Springer, New York, NY, USA; 1985:10-18. 10.1007/3-540-39568-7_2Google Scholar
  26. Shannon C: Communication theory of secrecy systems. Bell System Technical Journal 1949, 28: 656-715.MATHMathSciNetView ArticleGoogle Scholar
  27. Ajtai M, Dwork C: A public key cryptosystem with worst-case/average-case equivalence. Proceedings of the 29th ACM Symposium on Theory of Computing (STOC '97), 1997 284-293.Google Scholar
  28. Nguyen P, Stern J: Cryptanalysis of the Ajtai-Dwork cryptosystem. In Advances in Cryptology (CRYPTO '98), Lecture Notes in Computer Science. Volume 1462. Springer, New York, NY, USA; 1999:223-242.Google Scholar
  29. Canetti R, Goldreich O, Halevi S: The random oracle model, revisited. Proceedings of the 30th ACM Symposium on Theory of Computing (STOC '98), 1998, Berkeley, Calif, USA 209-218.View ArticleGoogle Scholar
  30. Paillier P: Impossibility proofs for RSA signatures in the standard model. Proceedings of the RSA Conference 2007, Cryptographers' (Track), 2007, San Fancisco, Calif, USA, Lecture Notes in Computer Science 4377: 31-48.MathSciNetGoogle Scholar
  31. Diffie W, Hellman M: New directions in cryptography. IEEE Transactions on Information Theory 1976, 22(6):644-654. 10.1109/TIT.1976.1055638MATHMathSciNetView ArticleGoogle Scholar
  32. Kahn D: The Codebreakers: The Story of Secret Writing. Macmillan, New York, NY, USA; 1967.Google Scholar
  33. Bellare M, Rogaway P: Optimal asymmetric encryption—how to encrypt with RSA. In Advances in Cryptology (EUROCRYPT '94), Lecture Notes in Computer Science. Volume 950. Springer, New York, NY, USA; 1995:92-111. 10.1007/BFb0053428Google Scholar
  34. Goldwasser S, Micali S: Probabilistic encryption & how to play mental poker keeping secret all partial information. Proceedings of the 14th ACM Symposium on the Theory of Computing (STOC '82), 1982, New York, NY, USA 365-377.Google Scholar
  35. Blum M, Goldwasser S: An efficient probabilistic public-key encryption scheme which hides all partial information. In Advances in Cryptology (EUROCRYPT '84), Lecture Notes in Computer Science. Volume 196. Springer, New York, NY, USA; 1985:289-299.Google Scholar
  36. Goldreich O: A uniform complexity treatment of encryption and zero-knowledge. Journal of Cryptology 1993, 6(1):21-53. 10.1007/BF02620230MATHMathSciNetView ArticleGoogle Scholar
  37. Naor M, Yung M: Public-key cryptosystems provably secure against chosen ciphertext attacks. Proceedings of the 22nd ACM Annual Symposium on the Theory of Computing (STOC '90), 1990, Baltimore, Md, USA 427-437.Google Scholar
  38. Rackoff C, Simon D: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In Advances in Cryptology (CRYPTO '91), Lecture Notes in Computer Science. Volume 576. Springer, New York, NY, USA; 1991:433-444.Google Scholar
  39. Dolev D, Dwork C, Naor M: Non-malleable cryptography. Proceedings of the 23rd ACM Annual Symposium on the Theory of Computing —(STOC '91), 1991 542-552.Google Scholar
  40. Dolev D, Dwork C, Naor M: Non-malleable cryptography. SIAM Journal of Computing 2000, 30(2):391-437. 10.1137/S0097539795291562MATHMathSciNetView ArticleGoogle Scholar
  41. Bellare M, Desai A, Pointcheval D, Rogaway P: Relations among notions of security for public-key encryption schemes. In Advances in Cryptology (CRYPTO '98), Lecture Notes in Computer Science. Volume 1462. Springer, New York, NY, USA; 1998:26-45. 10.1007/BFb0055718Google Scholar
  42. Bellare M, Sahai A: Non-malleable encryption: equivalence between two notions, and an indistinguishability-based characterization. In Advances in Cryptology (CRYPTO '99), Lecture Notes in Computer Science. Volume 1666. Springer, New York, NY, USA; 1999:519-536. 10.1007/3-540-48405-1_33Google Scholar
  43. Watanabe Y, Shikata J, Imai H: Equivalence between semantic security and indistinguishability against chosen ciphertext attacks. In Public Key Cryptography (PKC '03), Lecture Notes in Computer Science. Volume 2567. Springer, New York, NY, USA; 2003:71-84.Google Scholar
  44. Ahituv N, Lapid Y, Neumann S: Processing encrypted data. Communications of the ACM 1987, 30(9):777-780. 10.1145/30401.30404MATHView ArticleGoogle Scholar
  45. Boneh D, Lipton R: Algorithms for black box fields and their application to cryptography. In Advances in Cryptology (CRYPTO '96), Lecture Notes in Computer Science. Volume 1109. Springer, New York, NY, USA; 1996:283-297. 10.1007/3-540-68697-5_22Google Scholar
  46. Goldwasser S, Micali S: Probabilistic encryption. Journal of Computer and System Sciences 1984, 28(2):270-299. 10.1016/0022-0000(84)90070-9MATHMathSciNetView ArticleGoogle Scholar
  47. Paillier P: Public-key cryptosystems based on composite degree residuosity classes. In Advances in Cryptology (EUROCRYPT '99), Lecture Notes in Computer Science. Volume 1592. Springer, New York, NY, USA; 1999:223-238. 10.1007/3-540-48910-X_16Google Scholar
  48. Cramer R, Gennaro R, Schoenmakers B: A secure and optimally efficient multiauthority election scheme. In Advances in Cryptology (EUROCRYPT '97), Lecture Notes in Computer Science. Volume 1233. Springer, New York, NY, USA; 1997:103-118. 10.1007/3-540-69053-0_9Google Scholar
  49. McEliece R: A public-key cryptosystem based on algebraic coding theory. Dsn progress report 1978.Google Scholar
  50. Benaloh J: Verifiable secret-ballot elections, Ph.D. thesis. Yale University, Department of Computer Science, New Haven, Conn, USA; 1988.Google Scholar
  51. Naccache D, Stern J: A new public-key cryptosystem based on higher residues. Proceedings of the 5th ACM Conference on Computer and Communications Security, November 1998, San Francisco, Calif, USA 59-66.Google Scholar
  52. Okamoto T, Uchiyama S: A new public-key cryptosystem as secure as factoring. In Advances in Cryptology (EUROCRYPT '98), Lecture Notes in Computer Science. Volume 1403. Springer, New York, NY, USA; 1998:308-318. 10.1007/BFb0054135Google Scholar
  53. Okamoto T, Uchiyama S, Fujisaki E: Epoc: efficient probabilistic publickey encryption. 2000.Proposal to IEEE P1363a, http://grouper.ieee.org/groups/1363/P1363a/draft.htmlhttp://grouper.ieee.org/groups/1363/P1363a/draft.htmlGoogle Scholar
  54. Joye M, Quisquater J-J, Yung M: On the power of misbehaving adversaries and security analysis of the original EPOC. In Topics in Cryptology CT-RSA 2001, Lecture Notes in Computer Science. Volume 2020. Springer, New York, NY, USA; 2001.Google Scholar
  55. Cramer R, Shoup V: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Advances in Cryptology (EUROCRYPT '02), Lecture Notes in Computer Science. Volume 2332. Springer, New York, NY, USA; 2002:45-64. 10.1007/3-540-46035-7_4Google Scholar
  56. Bresson E, Catalano D, Pointcheval D: A simple public-key cryptosystem with a double trapdoor decryption mechanism and its applications. In Advances in Cryptology (ASIACRYPT '03), Lecture Notes in Computer Science. Volume 2894. Springer, New York, NY, USA; 2003:37-54. 10.1007/978-3-540-40061-5_3Google Scholar
  57. Damgård I, Jurik M: A generalisation, a simplification and some applications of Paillier's probabilistic public-key system. In 4th International Workshop on Practice and Theory in Public-Key Cryptography, Lecture Notes in Computer Science. Volume 1992. Springer, New York, NY, USA; 2001:119-136.Google Scholar
  58. Galbraith S: Elliptic curve paillier schemes. Journal of Cryptology 2002, 15(2):129-138.MATHMathSciNetView ArticleGoogle Scholar
  59. Castagnos G: An efficient probabilistic public-key cryptosystem over quadratic fields quotients. 2007.Finite Fields and Their Applications, paper version in press, http://users.info.unicaen.fr/~gcastagn/http://users.info.unicaen.fr/~gcastagn/Google Scholar
  60. Castagnos G: Quelques schémas de cryptographie asymétrique probabiliste, Ph.D. thesis. , Bochum, Germany; 2006.http://users.info.unicaen.fr/~gcastagn/Google Scholar
  61. Boneh D, Franklin M: Identity-based encryption from the Weil pairing. In Advances in Cryptology (CRYPTO '01), Lecture Notes in Computer Science. Volume 2139. Springer, New York, NY, USA; 2001:213-229. 10.1007/3-540-44647-8_13Google Scholar
  62. Boneh D, Boyen X, Goh E-J: Hierarchical identity based encryption with constant size ciphertext. In Advances in Cryptology (EUROCRYPT '05), Lecture Notes in Computer Science. Volume 3494. Springer, New York, NY, USA; 2005:440-456. 10.1007/11426639_26Google Scholar
  63. Domingo-Ferrer J: A provably secure additive and multiplicative privacy homomorphism. Proceedings of the 5th International Conference on Information Security (ISC '02), 2002, Sao Paulo, Brazil, Lecture Notes in Computer Science 2433: 471-483.Google Scholar
  64. Wagner D: Cryptanalysis of an algebraic privacy homomorphism. Proceedings of the 6th International Conference on Information Security (ISC '03), 2003, Bristol, UK, Lecture Notes in Computer Science 2851:Google Scholar
  65. Bao F: Cryptanalysis of a provable secure additive and multiplicative privacy homomorphism. International Workshop on Coding and Cryptograhy (WCC '03), 2003, Versailles, France 43-49.Google Scholar
  66. Domingo-Ferrer J: A new privacy homomorphism and applications. Information Processing Letters 1996, 60(5):277-282. 10.1016/S0020-0190(96)00170-6MathSciNetView ArticleGoogle Scholar
  67. Cheon J, Kim W-H, Nam H: Known-plaintext cryptanalysis of the domingo-ferrer algebraic privacy homomorphism scheme. Information Processing Letters 2006, 97(3):118-123.MATHMathSciNetView ArticleGoogle Scholar
  68. Castelluccia C, Mykletun E, Tsudik G: Efficient aggregation of encrypted data in wireless sensor networks. ACM/IEEE Mobile and Ubiquitous Systems: Networking and Services (Mobiquitous '05) 2005, 109-117.View ArticleGoogle Scholar
  69. Fellows M, Koblitz N: Combinatorial cryptosystems galore! Contemporary Mathematics, Finite Fields: Theory, Applications, and Algorithms, FQ2 1993, 168: 51-61.MathSciNetView ArticleGoogle Scholar
  70. Ly L: A public-key cryptosystem based on Polly Cracker, Ph.D. thesis. 2002.Google Scholar

Copyright

© C. Fontaine and F. Galand. 2007

This article is published under license to BioMed Central Ltd. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.