Group homomorphic encryption: characterizations, impossibility results, and applications

  title={Group homomorphic encryption: characterizations, impossibility results, and applications},
  author={Frederik Armknecht and Stefan Katzenbeisser and Andreas Peter},
  journal={Designs, Codes and Cryptography},
We give a complete characterization both in terms of security and design of all currently existing group homomorphic encryption schemes, i.e., existing encryption schemes with a group homomorphic decryption function such as ElGamal and Paillier. To this end, we formalize and identify the basic underlying structure of all existing schemes and say that such schemes are of shift-type. Then, we construct an abstract scheme that represents all shift-type schemes (i.e., every scheme occurs as an… 
Homomorphic Encryption for Multiplications and Pairing Evaluation
The semantic security under chosen plaintext attack of the proposed homomorphic encryption scheme under a generalized subgroup membership assumption is proved, and it is proved that it cannot achieve ind-cca1 security.
Shift-Type Homomorphic Encryption and Its Application to Fully Homomorphic Encryption
It is proved that the IND-CPA security of FHE schemes that offer a certain type of circuit privacy and are based on Gentry’s bootstrapping technique is equivalent to the circular security of the underlying bootstrappable scheme.
General Impossibility of Group Homomorphic Encryption in the Quantum World
This work proves the general impossibility of abelian group homomorphic encryption in the presence of quantum adversaries, when assuming the IND-CPA security notion as the minimal security requirement.
Additively Homomorphic Encryption with a Double Decryption Mechanism, Revisited
This work proposes the first additively homomorphic DD-PKE scheme which allows the master to detect invalid ciphertexts and has the additional property that the master decryption is independent of the users' public keys.
A Note on Attribute-Based Group Homomorphic Encryption
This work introduces and formally defines the notion of Attribute-Based GHE (ABGHE) and explores its properties, and presents a possibility result for IBGHE from indistinguishability obfuscation for any group for which a (public-key) GHE scheme exists.
Additively Homomorphic IBE from Higher Residuosity
We present an identity-Based encryption (IBE) scheme that is group homomorphic for addition modulo a “large” (i.e. superpolynomial) integer, the first such group homomorphic IBE. Our first result is
Homomorphic Encryption with Access Policies: Characterization and New Constructions
The main construction is an XOR-homomorphic IBE scheme based on the quadratic residuosity problem (variant of the Cocks’ scheme), which is shown to be strongly homomorphic and achieved anonymity for a weaker notion of homomorphic encryption, which is called non-universal.
Analysis of Gong et al.'s CCA2-secure homomorphic encryption
Attribute-Based Group Homomorphic Encryption and Additively Homomorphic IBE
This work Construction of an Identity-Based Encryption (IBE) scheme supporting homomorphic addition modulo a poly-sized prime e, which is an instance of ABGHE, and defines a primitive for attribute-based group homomorphisms in the multi-key setting and presents a generic construction of the primitive meeting this security property.
A Survey on Homomorphic Encryption Schemes: Theory and Implementation
The basics of HE and the details of the well-known Partially Homomorphic Encryption and Somewhat HomomorphicEncryption, which are important pillars of achieving FHE, are presented and the main FHE families, which have become the base for the other follow-up FHE schemes are presented.


Homomorphic Encryption with CCA Security
A new family of encryption schemes are described that satisfy precise definitions for a wide variety of allowed transformations T, and which are secure under the standard Decisional Diffie-Hellman (DDH) assumption.
Fully homomorphic encryption using ideal lattices
This work proposes a fully homomorphic encryption scheme that allows one to evaluate circuits over encrypted data without being able to decrypt, and describes a public key encryption scheme using ideal lattices that is almost bootstrappable.
A New Approach for Algebraically Homomorphic Encryption
This paper shows how to construct a provably secure AHS based on a coding theory problem and believes that using coding theory to design AHS is a promising approach and hope to encourage further investigations.
A fully homomorphic encryption scheme
This work designs a somewhat homomorphic "boostrappable" encryption scheme that works when the function f is the scheme's own decryption function, and shows how, through recursive self-embedding, bootstrappable encryption gives fully homomorphic encryption.
A New Public-Key Cryptosystem as Secure as Factoring
This paper proposes a novel public-key cryptosystem, which is practical, provably secure and has some other interesting properties as follows: It can be proven to be as secure as the intractability of factoring n = p2q (in the sense of the security of the whole plaintext) against passive adversaries.
Implementing Gentry's Fully-Homomorphic Encryption Scheme
A working implementation of a variant of Gentry's fully homomorphic encryption scheme, similar to the variant used in an earlier implementation effort by Smart and Vercauteren (PKC 2010), with a number of optimizations that allow it to implement all aspects of the scheme, including the bootstrapping functionality.
Chosen-Ciphertext Security from Tag-Based Encryption
This paper revisits the notion of Tag-Based Encryption (TBE) and provides security definitions for the selective-tag case and shows how to apply the techniques gained from the TBE construction to directly design a new Key Encapsulation Mechanism.
Secure Hybrid Encryption from Weakened Key Encapsulation
Constrained chosen-ciphertext security is a new security notion for KEMs that has a very constructive appeal and is demonstrated with a new encryption scheme whose security relies on a class of intractability assumptions strictly weaker than the Decision Diffie-Hellman assumption.
Paillier's cryptosystem revisited
We re-examine Paillier's cryptosystem, and show that by choosing a particular discrete log base g, and by introducing an alternative decryption procedure, we can extend the scheme to allow an
On The Security of The ElGamal Encryption Scheme and Damgard's Variant
Security proofs for ElGamal encryption scheme and its variant by Damgard (DEG) are given and a new proof that DEG is semantically secure against non-adaptive chosen ciphertext attacks under the delayed-target decisional Diffie-Hellman assumption is given.