On the Relations between the Attacks on Symmetric Homomorphic Encryption over the Residue Ring

On the Relations between the Attacks on Symmetric Homomorphic Encryption over the Residue Ring

The paper considers the security of symmetric homomorphic cryptosystems (HC) over the residue ring. The main task is to establish an equivalence between ciphertexts only attack (COA) and known plaintexts attack (KPA) for HC. The notion of reducibility between attacks and sufficient condition of redu...

Full description

Bibliographic Details
Main Author: Alina V. Trepacheva
Format: Article
Language:English
Published: Moscow Engineering Physics Institute 2017-06-01
Series:Bezopasnostʹ Informacionnyh Tehnologij
Subjects:
ring-homomorphic encryption
fully homomorphic encryption
RSA problem
number factorization problem
ciphertexts only attack
known plaintext attack
Online Access:https://bit.mephi.ru/index.php/bit/article/view/108
Description
Summary:The paper considers the security of symmetric homomorphic cryptosystems (HC) over the residue ring. The main task is to establish an equivalence between ciphertexts only attack (COA) and known plaintexts attack (KPA) for HC. The notion of reducibility between attacks and sufficient condition of reducibility from COA to KPA are given for this purpose. The main idea is: to prove reducibility from COA to KPA we need to find a function over residue ring being efficiently computable and having a small image size comparing with the size of residue ring. The study of reducibility existence is important since it allows to understand better the security level of symmetric HC proposed in literature. A vulnerability against KPA has been already found for the majority of these HC. Thus the reducibility presence can demonstrate that cryptosystems under the study are not secure even against COA, and therefore they are totally insecure and shouldn’t be used in practice. We give an example of reducibility from COA to KPA for residue ring being a simple field. Based on this example we show an efficient COA on one symmetric HC for small field. Also we separately consider the case of residue ring composed using number n being hard-to-factor. For such n an efficient algorithm to construct an efficiently computable function with small image is unknown so far. So further work related to cryptanalysis of existing symmetric HC will be directed into study of functions properties over residue rings modulo numbers hard for factorization.
ISSN:2074-7128
2074-7136

Similar Items