Skip to Main content Skip to Navigation
Conference papers

Linearly Homomorphic Encryption from DDH

Guilhem Castagnos 1, 2 Fabien Laguillaumie 3
1 LFANT - Lithe and fast algorithmic number theory
IMB - Institut de Mathématiques de Bordeaux, Inria Bordeaux - Sud-Ouest
3 ARIC - Arithmetic and Computing
Inria Grenoble - Rhône-Alpes, LIP - Laboratoire de l'Informatique du Parallélisme
Abstract : We design a linearly homomorphic encryption scheme whose security relies on the hardness of the decisional Diffie-Hellman problem. Our approach requires some special features of the underlying group. In particular, its order is unknown and it contains a subgroup in which the discrete logarithm problem is tractable. Therefore, our instantiation holds in the class group of a non maximal order of an imaginary quadratic field. Its algebraic structure makes it possible to obtain such a linearly homomorphic scheme whose message space is the whole set of integers modulo a prime p and which supports an unbounded number of additions modulo p from the ciphertexts. A notable difference with previous works is that, for the first time, the security does not depend on the hardness of the factorization of integers. As a consequence, under some conditions, the prime p can be scaled to fit the application needs.
Document type :
Conference papers
Complete list of metadata

Cited literature [27 references]  Display  Hide  Download
Contributor : Guilhem Castagnos Connect in order to contact the contributor
Submitted on : Thursday, October 8, 2015 - 11:01:53 AM
Last modification on : Saturday, December 4, 2021 - 3:43:06 AM
Long-term archiving on: : Saturday, January 9, 2016 - 10:18:46 AM


Files produced by the author(s)




Guilhem Castagnos, Fabien Laguillaumie. Linearly Homomorphic Encryption from DDH. The Cryptographer's Track at the RSA Conference 2015, Apr 2015, San Francisco, United States. ⟨10.1007/978-3-319-16715-2_26⟩. ⟨hal-01213284⟩



Les métriques sont temporairement indisponibles