Stream Ciphers: A Practical Solution for Efficient Homomorphic-Ciphertext Compression

Abstract : In typical applications of homomorphic encryption, the first step consists for Alice of en-crypting some plaintext m under Bob's public key pk and of sending the ciphertext c = HE pk (m) to some third-party evaluator Charlie. This paper specifically considers that first step, i.e. the problem of transmitting c as efficiently as possible from Alice to Charlie. As others suggested before, a form of compression is achieved using hybrid encryption. Given a symmetric encryption scheme E, Alice picks a random key k and sends a much smaller ciphertext c = (HE pk (k), E k (m)) that Charlie decompresses homomorphically into the original c using a decryption circuit C E −1. In this paper, we revisit that paradigm in light of its concrete implementation constraints; in particular E is chosen to be an additive IV-based stream cipher. We investigate the performances offered in this context by Trivium, which belongs to the eSTREAM portfolio, and we also propose a variant with 128-bit security: Kreyvium. We show that Trivium, whose security has been firmly established for over a decade, and the new variant Kreyvium have excellent performance. We also describe a second construction, based on exponentiation in binary fields, which is impractical but sets the lowest depth record to 8 for 128-bit security.
Type de document :
Article dans une revue
Journal of Cryptology, Springer Verlag, In press
Liste complète des métadonnées

Littérature citée [70 références]  Voir  Masquer  Télécharger
Contributeur : Anne Canteaut <>
Soumis le : mardi 28 novembre 2017 - 10:40:43
Dernière modification le : jeudi 15 mars 2018 - 15:06:15


Fichiers produits par l'(les) auteur(s)


  • HAL Id : hal-01650012, version 1


Anne Canteaut, Sergiu Carpov, Caroline Fontaine, Tancrède Lepoint, María Naya-Plasencia, et al.. Stream Ciphers: A Practical Solution for Efficient Homomorphic-Ciphertext Compression. Journal of Cryptology, Springer Verlag, In press. 〈hal-01650012〉



Consultations de la notice


Téléchargements de fichiers