Homomorphic Signatures for Polynomial Functions

  • Dan Boneh
  • David Mandell Freeman
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6632)

Abstract

We construct the first homomorphic signature scheme that is capable of evaluating multivariate polynomials on signed data. Given the public key and a signed data set, there is an efficient algorithm to produce a signature on the mean, standard deviation, and other statistics of the signed data. Previous systems for computing on signed data could only handle linear operations. For polynomials of constant degree, the length of a derived signature only depends logarithmically on the size of the data set.

Our system uses ideal lattices in a way that is a “signature analogue” of Gentry’s fully homomorphic encryption. Security is based on hard problems on ideal lattices similar to those in Gentry’s system.

Keywords

Homomorphic signatures ideals lattices 

References

  1. 1.
    Ahn, J.H., Boneh, D., Camenisch, J., Hohenberger, S., Shelat, A., Waters, B.: Computing on authenticated data (2010) (manuscript)Google Scholar
  2. 2.
    Ajtai, M.: Generating hard instances of the short basis problem. In: Wiedermann, J., Van Emde Boas, P., Nielsen, M. (eds.) ICALP 1999. LNCS, vol. 1644, pp. 1–9. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  3. 3.
    Alwen, J., Peikert, C.: Generating shorter bases for hard random lattices. In: STACS, pp. 75–86 (2009), full version http://www.cc.gatech.edu/~cpeikert/pubs/shorter.pdf
  4. 4.
    Ateniese, G., Chou, D.H., de Medeiros, B., Tsudik, G.: Sanitizable signatures. In: di Vimercati, S.D.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 159–177. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Freeman, D.: Homomorphic signatures for polynomial functions. Cryptology ePrint Archive, report 2011/018 (2011), http://eprint.iacr.org/2011/018
  6. 6.
    Boneh, D., Freeman, D.: Linearly homomorphic signatures over binary fields and new tools for lattice-based signatures. In: Gennaro, R. (ed.) PKC 2011. LNCS, vol. 6571, pp. 1–16. Springer, Heidelberg (2011), full version http://eprint.iacr.org/2010/453 CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Freeman, D., Katz, J., Waters, B.: Signing a linear subspace: Signature schemes for network coding. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 68–87. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  8. 8.
    Brzuska, C., Busch, H., Dagdelen, Ö., Fischlin, M., Franz, M., Katzenbeisser, S., Manulis, M., Onete, C., Peter, A., Poettering, B., Schröder, D.: Redactable signatures for tree-structured data: Definitions and constructions. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 87–104. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Brzuska, C., Fischlin, M., Freudenreich, T., Lehmann, A., Page, M., Schelbert, J., Schröder, D., Volk, F.: Security of sanitizable signatures revisited. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 317–336. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  10. 10.
    Chang, E.C., Lim, C.L., Xu, J.: Short redactable signatures using random trees. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 133–147. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Charles, D., Jain, K., Lauter, K.: Signatures for network coding. International Journal of Information and Coding Theory 1(1), 3–14 (2009)MathSciNetMATHCrossRefGoogle Scholar
  12. 12.
    van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully homomorphic encryption over the integers. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 24–43. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Feige, U., Shamir, A.: Witness indistinguishable and witness hiding protocols. In: Proc. of the 22nd ACM Symposium on Theory of Computing, pp. 416–426 (1990)Google Scholar
  14. 14.
    Fragouli, C., Soljanin, E.: Network coding fundamentals. Found. Trends Netw. 2(1), 1–133 (2007)CrossRefGoogle Scholar
  15. 15.
    Gennaro, R., Gentry, C., Parno, B.: Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 465–482. Springer, Heidelberg (2010)Google Scholar
  16. 16.
    Gennaro, R., Katz, J., Krawczyk, H., Rabin, T.: Secure network coding over the integers. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 142–160. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  17. 17.
    Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis, Stanford University (2009), http://crypto.stanford.edu/craig
  18. 18.
    Gentry, C.: Toward basing fully homomorphic encryption on worst-case hardness. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 116–137. Springer, Heidelberg (2010)Google Scholar
  19. 19.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: 40th ACM Symposium on Theory of Computing—STOC 2008, pp. 197–206. ACM, New York (2008)Google Scholar
  20. 20.
    Goldwasser, S., Kalai, Y., Rothblum, G.: Delegating computation: Interactive proofs for muggles. In: 40th ACM Symposium on Theory of Computing — STOC 2008, pp. 113–122 (2008)Google Scholar
  21. 21.
    Haber, S., Hatano, Y., Honda, Y., Horne, W., Miyazaki, K., Sander, T., Tezoku, S., Yao, D.: Efficient signature schemes supporting redaction, pseudonymization, and data deidentification. In: ASIACCS 2008, pp. 353–362. ACM, New York (2008)CrossRefGoogle Scholar
  22. 22.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  23. 23.
    Krohn, M., Freedman, M., Mazieres, D.: On-the-fly verification of rateless erasure codes for efficient content distribution. In: Proc. of IEEE Symposium on Security and Privacy, pp. 226–240 (2004)Google Scholar
  24. 24.
    Lyubashevsky, V., Micciancio, D.: Generalized compact knapsacks are collision resistant. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 144–155. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  25. 25.
    Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1–23. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  26. 26.
    Micali, S.: Computationally sound proofs. SIAM J. of Computing 30(4), 1253–1298 (2000); extended abstract in FOCS 1994 MathSciNetMATHCrossRefGoogle Scholar
  27. 27.
    Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In: 45th Annual IEEE Symposium on Foundations of Computer Science—FOCS 2004, pp. 372–381. IEEE Computer Society, Washington, DC, USA (2004)CrossRefGoogle Scholar
  28. 28.
    Miyazaki, K., Hanaoka, G., Imai, H.: Digitally signed document sanitizing scheme based on bilinear maps. In: ACM Symposium on Information, Computer and Communications Security — ASIACCS 2006, pp. 343–354 (2006)Google Scholar
  29. 29.
    Miyazaki, K., Iwamura, M., Matsumoto, T., Sasaki, R., Yoshiura, H., Tezuka, S., Imai, H.: Digitally signed document sanitizing scheme with disclosure condition control. IEICE Transactions on Fundamentals E88-A(1), 239–246 (2005)CrossRefGoogle Scholar
  30. 30.
    Montgomery, H.L., Vaughan, R.C.: Multiplicative number theory. I. Classical theory. Cambridge Studies in Advanced Mathematics, vol. 97. Cambridge University Press, Cambridge (2007)MATHGoogle Scholar
  31. 31.
    Naccache, D.: Is theoretical cryptography any good in practice? CHES 2010 invited talk (2010), http://www.iacr.org/workshops/ches/ches2010
  32. 32.
    Quinlan, J.: Induction of decision trees. Machine Learning 1, 81–106 (1986)Google Scholar
  33. 33.
    Smart, N.P., Vercauteren, F.: Fully homomorphic encryption with relatively small key and ciphertext sizes. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 420–443. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  34. 34.
    Stehlé, D., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 617–635. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  35. 35.
    Steinfeld, R., Bull, L., Zheng, Y.: Content extraction signatures. In: Kim, K. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 285–304. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  36. 36.
    Stevenhagen, P.: The arithmetic of number rings. In: Algorithmic Number Theory: Lattices, Number Fields, Curves and Cryptography. Math. Sci. Res. Inst. Publ., vol. 44, pp. 209–266. Cambridge Univ. Press, Cambridge (2008)Google Scholar
  37. 37.
    Valiant, P.: Incrementally verifiable computation or proofs of knowledge imply time/space efficiency. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 1–18. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  38. 38.
    Zhao, F., Kalker, T., Médard, M., Han, K.: Signatures for content distribution with network coding. In: Proc. Intl. Symp. Info. Theory (ISIT) (2007)Google Scholar

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Dan Boneh
    • 1
  • David Mandell Freeman
    • 1
  1. 1.Stanford UniversityUSA

Personalised recommendations