Threshold Decryption and Zero-Knowledge Proofs for Lattice-Based Cryptosystems

  • Rikke Bendlin
  • Ivan Damgård
Conference paper

DOI: 10.1007/978-3-642-11799-2_13

Volume 5978 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Bendlin R., Damgård I. (2010) Threshold Decryption and Zero-Knowledge Proofs for Lattice-Based Cryptosystems. In: Micciancio D. (eds) Theory of Cryptography. TCC 2010. Lecture Notes in Computer Science, vol 5978. Springer, Berlin, Heidelberg

Abstract

We present a variant of Regev’s cryptosystem first presented in [Reg05], but with a new choice of parameters. By a recent classical reduction by Peikert we prove the scheme semantically secure based on the worst-case lattice problem GapSVP. From this we construct a threshold cryptosystem which has a very efficient and non-interactive decryption protocol. We prove the threshold cryptosystem secure against passive adversaries corrupting all but one of the players, and againts active adversaries corrupting less than one third of the players. We also describe how one can build a distributed key generation protocol. In the final part of the paper we show how one can, in zero-knowledge - prove knowledge of the plaintext contained in a given ciphertext from Regev’s original cryptosystem or our variant. The proof is of size only a constant times the size of the public key.

Download to read the full conference paper text

Copyright information

© IFIP International Federation for Information Processing 2010

Authors and Affiliations

  • Rikke Bendlin
    • 1
  • Ivan Damgård
    • 1
  1. 1.Department of Computer ScienceAarhus UniversityDenmark