Multi‐key homomorphic authenticators

Fiore, Dario; Mitrokotsa, Aikaterini; Nizzardo, Luca; Pagnin, Elena

doi:10.1049/iet-ifs.2018.5341

Cited by 15 publications

(24 citation statements)

References 41 publications

(204 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We remove the tools that are network-coding related and use a simple trick to obtain the multi-key features. While this technique is known and implicitly used in other works (e.g., [13,26]), here we make a clear explanation of it and show that a natural application of this technique already brings with a non-trivial construction. Performance-wise, mklhs only requires operations in the base curve for computing signatures or evaluating functions over authenticated data, while signature verification requires a product of pairings.…”

Section: Introductionmentioning

confidence: 70%

“…In other words, the "combined" signature can be used to verify that what the cloud outputs to the verifier is indeed the answer to the desired computation on the database (and not some random authenticated record). Existing MKHS constructions are based on lattice techniques [13], zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARK) [23], or creative yet convoluted compilers [14,26]. In this work, we take multi-key homomorphic signatures as a case of study and propose a new scheme that we consider conceptually simpler than all existing proposals.…”

Section: Introductionmentioning

confidence: 99%

“…Agrawal et al [1] expand the horizon of applications by considering multisource signatures in the context of network coding. A few years later, Fiore et al [13] formalize the concept of multi-key homomorphic authenticators and provided the first constructions of a multi-key homomorphic signature scheme (MKHS) and of a multi-key homomorphic MAC. The MKHS in [13] is designed for boolean circuits of bounded depth and can be seen as a (non-trivial) extension of the FHS scheme in [18].…”

Section: Introductionmentioning

confidence: 99%

“…A few years later, Fiore et al [13] formalize the concept of multi-key homomorphic authenticators and provided the first constructions of a multi-key homomorphic signature scheme (MKHS) and of a multi-key homomorphic MAC. The MKHS in [13] is designed for boolean circuits of bounded depth and can be seen as a (non-trivial) extension of the FHS scheme in [18]. A limitation of this work is that the proposed MKHS scheme is not unforgeable if corrupted parties take part to the computation.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

The Simplest Multi-key Linearly Homomorphic Signature Scheme

Aranha

Pagnin

2019

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

We consider the problem of outsourcing computation on data authenticated by different users. Our aim is to describe and implement the simplest possible solution to provide data integrity in cloudbased scenarios. Concretely, our multi-key linearly homomorphic signature scheme (mklhs) allows users to upload signed data on a server, and at any later point in time any third party can query the server to compute a linear combination of data authenticated by different users and check the correctness of the returned result. Our construction generalizes Boneh et al.'s linearly homomorphic signature scheme (PKC'09 [7]) to the multi-key setting and relies on basic tools of pairing-based cryptography. Compared to existing multi-key homomorphic signature schemes, our mklhs is a conceptually simple and elegant direct construction, which trades-off privacy for efficiency. The simplicity of our approach leads us to a very efficient construction that enjoys significantly shorter signatures and higher performance than previous proposals. Finally, we implement mklhs using two different pairing-friendly curves at the 128-bit security level, a Barreto-Lynn-Scott curve and a Barreto-Naehrig curve. Our benchmarks illustrate interesting performance trade-offs between these parameters, involving the cost of exponentiation and hashing in pairing groups. We provide a discussion on such trade-offs that can be useful to other implementers of pairing-based protocols.

show abstract

Section: Introductionmentioning

confidence: 70%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

The Simplest Multi-key Linearly Homomorphic Signature Scheme

Aranha

Pagnin

2019

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…Moreover, current MIFE schemes have prohibitively large overhead. Fiore et al [20] built a multikey homomorphic authenticator (multikey HA), allowing multiple clients to authenticate and outsource a large collection of data, together with the corresponding authenticators, to a malicious server. Backes et al [12] added a crucial efficiency property for the verification of multikey HAs.…”

Section: Related Workmentioning

confidence: 99%

An Efficient HPRA-Based Multiclient Verifiable Computation: Transform and Instantiation

2021

Security and Communication Networks

View full text Add to dashboard Cite

Choi, Katz, Kumaresan, and Cid put forward the conception of multiclient noninteractive verifiable computation (MVC), enabling a group of clients to outsource computation of a function of f . CKKC’s MVC is impractical due to their dependence on fully homomorphic encryption (FHE) and garbled circuits (GCs). In this paper, with the goal of satisfying practical requirements, a general transform is presented from the homomorphic proxy re-authenticator (HPRA) of Deler, Ramacher, and Slamanig to MVC schemes. MVC constructions in this particular study tend to be more efficient once the underlying HPRA avoids introducing FHE and GCs. By deploying the transform to DRS’s HPRA scheme, a specific MVC scheme for calculating the linear combinations of vectors has been proposed. It can be understood that it is the first feasible and implementable MVC scheme so far, and the instantiation solution has a great advantage in efficiency compared with related works.

show abstract

Lighter is Better: A Lighter Multi-client Verifiable Outsourced Computation with Hybrid Homomorphic Encryption

Wang

Cao

Liu

et al. 2022

Computer Security – ESORICS 2022

View full text Add to dashboard Cite

Gordon et al. (TCC 2015) systematically studied the security of Multi-client Verifiable Computation (MVC), in which a set of computationally-weak clients outsource the computation of a general function f over their private inputs to an untrusted server. They introduced the universally composable (UC) security of MVC and proposed a scheme achieving UC-security, where the protocol remains secure after arbitrarily composed with other UC-secure instances. However, the clients in their scheme have to undertake the heavy computation overhead caused by fully homomorphic encryption (FHE) and further, the plaintext size is linear to the function input size. In this work, we propose a more efficient UC-secure multi-client privacypreserving verifiable computation protocol, called MVOC, that sharply reduces amortized overheads for clients, in both semi-honest and malicious settings. In particular, our protocol achieves stronger outsourcability by outsourcing more computation to the server, so that it may be more friendly to those lightweight clients. More specifically, we revisit the definition of garbling scheme, and propose a novel garbled circuit protocol whose circuit randomness is non-interactively provided by multiple parties. We also realize the idea of hybrid homomorphic encryption, which makes the FHE plaintext size independent of the input size. We present the detailed proof and analyze the theoretical complexity of MVOC. We further implement our protocol and evaluate the performance, and the results show that, after adopting our new techniques, the computation and communication overheads during input phase can be decreased by 55.15%-68.05% and 62.55%-75% respectively.

show abstract

Multi‐key homomorphic authenticators

Cited by 15 publications

References 41 publications

The Simplest Multi-key Linearly Homomorphic Signature Scheme

The Simplest Multi-key Linearly Homomorphic Signature Scheme

An Efficient HPRA-Based Multiclient Verifiable Computation: Transform and Instantiation

Lighter is Better: A Lighter Multi-client Verifiable Outsourced Computation with Hybrid Homomorphic Encryption

Contact Info

Product

Resources

About