Zero-Knowledge Arguments for Matrix-Vector Relations and Lattice-Based Group Encryption

Abstract : Group encryption (GE) is the natural encryption analogue of group signatures in that it allows verifiably encrypting messages for some anonymous member of a group while providing evidence that the receiver is a properly certified group member. Should the need arise, an opening authority is capable of identifying the receiver of any ciphertext. As introduced by Kiayias, Tsiounis and Yung (Asiacrypt'07), GE is motivated by applications in the context of oblivious retriever storage systems, anonymous third parties and hierarchical group signatures. This paper provides the first realization of group encryption under lattice assumptions. Our construction is proved secure in the standard model (assuming interaction in the proving phase) under the Learning-With-Errors (LWE) and Short-Integer-Solution (SIS) assumptions. As a crucial component of our system, we describe a new zero-knowledge argument system allowing to demonstrate that a given ciphertext is a valid encryption under some hidden but certified public key, which incurs to prove quadratic statements about LWE relations. Specifically, our protocol allows arguing knowledge of witnesses consisting of X ∈ Z m×n q , s ∈ Z n q and a small-norm e ∈ Z m which underlie a public vector b = X · s + e ∈ Z m q while simultaneously proving that the matrix X ∈ Z m×n q has been correctly certified. We believe our proof system to be useful in other applications involving zero-knowledge proofs in the lattice setting.
Type de document :
Communication dans un congrès
Asiacrypt 2016, Dec 2016, Hanoi, Vietnam. Springer, 10032, pp.101 - 131, 2016, Advances in Cryptolology - Asiacrypt 2016. 〈http://www.asiacrypt2016.com/〉. 〈10.1007/978-3-662-53890-6_4〉
Liste complète des métadonnées

Littérature citée [56 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01394087
Contributeur : Benoit Libert <>
Soumis le : mardi 8 novembre 2016 - 15:56:05
Dernière modification le : vendredi 20 avril 2018 - 15:44:26
Document(s) archivé(s) le : mardi 14 mars 2017 - 20:05:39

Fichier

groupenc.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Benoît Libert, San Ling, Fabrice Mouhartem, Khoa Nguyen, Huaxiong Wang. Zero-Knowledge Arguments for Matrix-Vector Relations and Lattice-Based Group Encryption. Asiacrypt 2016, Dec 2016, Hanoi, Vietnam. Springer, 10032, pp.101 - 131, 2016, Advances in Cryptolology - Asiacrypt 2016. 〈http://www.asiacrypt2016.com/〉. 〈10.1007/978-3-662-53890-6_4〉. 〈hal-01394087〉

Partager

Métriques

Consultations de la notice

157

Téléchargements de fichiers

148