Fully Homomorphic Distributed Identity-based Encryption Resilient to

Continual Auxiliary Input Leakage

Franc¸ois G

´

erard, Veronika Kuchta, Rajeev Anand Sahu, Gaurav Sharma and Olivier Markowitch

Universit

´

e Libre de Bruxelles, Belgium

Keywords:

Homomorphic Encryption, Identity-based Encryption, Leakage Resilient Cryptography, LWE.

Abstract:

History tells us that is not enough to base security solely on the unfeasability of solving the underlying hard

problem of a cryptosystem. In the real world, it is not uncommon for an adversary to get access to some key

dependent information potentially helping to perform cryptanalysis. Recently a lot of effort has been put into

designing cryptosystems such that the impact of leaking key related information is minimized, this area is

mostly known as leakage-resilient cryptography. In this work, we show how to construct a distributed fully

homomorphic identity-based encryption secure in the continual auxiliary input model. Our construction is

based on the fully homomorphic scheme of Gentry, Sahai and Waters and relies merely on the learning with

errors assumption, which is conjectured being resistant against quantum attacks.

1 INTRODUCTION AND

MOTIVATION

Leakage-Resilient Cryptography. Security of tra-

ditional public-key cryptographic schemes depends

on privacy of secret keys and can be analyzed in an

idealized model under the assumption that the secret

keys are hidden from adversary. Nevertheless many

schemes become insecure during their implementa-

tion into real systems. An adversary can often learn

auxiliary information on the secret inputs of the al-

gorithm (for example if the key is used somewhere

else or by studying the physical behavior of the device

performing cryptographic operations). Such attacks

are known as side-channel attacks. A solution for this

problem can be provided by what is called leakage re-

silient cryptography which guarantees security even if

we assume secret key leakage during implementation

procedure (Akavia et al., 2009).

An example of strong side-channel attack is the so-

called ”cold-boot attack” that was deﬁned recently

(Halderman et al., 2009). Due to the fact that ev-

ery cryptographic algorithm is made to be eventually

used in a real environment, side-channel attacks of-

ten lead to loss of secrecy, during the implementation

which enables observations like the amount of power

consumption or the time required for this implemen-

tation. These observations lead to information leak-

age about secret-keys without breaking the underlying

assumptions of the considered schemes. Those side-

channel attacks which include all attacks in which

leakage of information is possible when while the

scheme performs any computations, are called com-

putational side-channel attacks as showed by Micali

and Reyzin (Micali and Reyzin, 2004). But not only

computation on secrets leak information. Akavia et

al. (Akavia et al., 2009) considered another family of

side-channel attacks, the so called ”memory attack”,

which is a generalization of the already mentioned

”cold-boot attack” introduced by Halderman et al.

(Halderman et al., 2009). Akavia et al.’s work deﬁned

the family of memory attacks by allowing leakage of a

bounded number of bits of the secret, which are com-

puted upon applying an arbitrary function with output

that is bounded by the size of the secret key. This

model is called the bounded leakage model indicat-

ing that the overall amount of information the attacker

can learn is bounded by a ﬁnite natural number. This

leads to the main question in leakage-resilient cryp-

tography which is exploring the suitable size of the

output of the leakage function without compromising

the security of cryptosystem. There are new results

on public-key encryption to provide security against

memory attacks. First one looks for redundant repre-

sentation of secret-keys which can enable the battling

memory attack. The other approach is just to con-

sider the already existing cryptosystems and to check

their consistency against memory attacks. Akavia et

al. (Akavia et al., 2009) took the second approach, ex-

Gérard, F., Kuchta, V., Sahu, R., Sharma, G. and Markowitch, O.

Fully Homomorphic Distributed Identity-based Encryption Resilient to Continual Auxiliary Input Leakage.

DOI: 10.5220/0006832200410052

In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications (ICETE 2018) - Volume 2: SECRYPT, pages 41-52

ISBN: 978-989-758-319-3

Copyright © 2018 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved

41

amined the learning with errors (LWE) problem and

proved semantic security against memory attack of an

LWE-based public-key encryption. The strength of

the LWE assumption depends on the size of the leak-

age one would like to tolerate.

The variety of side-channel attacks leads to the con-

clusion that information can every time leak the cryp-

tographic device while it performs certain computa-

tions. (Brakerski et al., 2010) presented new con-

structions of encryption schemes and identity-based

encryption which remain secure while information of

the secret key is leaked. Their constructions guaran-

tees leakage-resilience of the secret key even if an ad-

versary can test the memory and leak a proper frac-

tion of this key. However their construction cannot

tolerate leakage from the master secret key. There-

fore the authors left the problem open of ﬁnding an

IBE scheme that is resilient to the leakage of the mas-

ter secret key. The problem with a model in which

parameters are chosen according to the total leak-

age of the system during its lifetime is that it can

lead to huge key size. Brakerski et al. (Brakerski

et al., 2010) introduced a new model where the se-

cret key can be refreshed during different time periods

while the public key remains the same. The previ-

ously mentioned drawback is reduced by the fact that

the leakage bound exists only between refresh phases.

This leakage model is known as the continual leakage

model. There are also scenarios where information

leaks from the memory even if there is no computa-

tion taking place during the attack. In order to make

public key encryption secure against leakage attacks

the idea was not to store the complete secret memory

on the device but to add some auxiliary device. An-

other attack resulting from memory leakages forms a

class of ”auxiliary input attacks”, where the adversary

chooses an efﬁciently computable leakage auxiliary

function which is hard to invert in polynomial time.

Dodis et al. (Dodis et al., 2010a) provided the model

of such auxiliary leakage functions in case of public-

key encryptions. Analogously a symmetric encryp-

tion scheme was introduced by Dodis et al. (Dodis

et al., 2009). The ﬁrst IBE scheme resilient to contin-

ual auxiliary leakage has been proposed by Yuen et al.

(Yuen et al., 2012), meaning that the identity-based

scheme remains secure even if the adversary has ac-

cess to some auxiliary input, where the auxiliary input

is modeled by an uninvertible function of the secret

key. The auxiliary input model represents a more gen-

eral model where the secret key cannot be recovered.

Another differentiation between the models is given

by the possibility of an adversary to see the public

key either before choosing a leakage function or af-

terward. The ﬁrst case describes an adaptive model

where the adversary can adaptively choose a leakage

function after she has seen the public key. The latter

model is called non-adaptive model, where the leak-

age function has to be chosen by an adversary before

seeing the public key. Over the last 17 years, leakage-

resilience has become a popular research topic which

can be reﬂected in the following research articles (Al-

wen et al., 2010; Canetti et al., 2000; Dodis et al.,

2009; Dziembowski and Pietrzak, 2008; Micali and

Reyzin, 2004; Naor and Segev, 2009; Pietrzak, 2009;

Chow et al., 2010).

Fully-homomorphic Encryption. This property of

cryptographic encryption schemes became one of the

most fascinating research topics of modern cryptog-

raphy. It allows users to perform computations on en-

crypted data without decrypting it in advance. Even

though there were earlier attempts for a homomorphic

encryption (Rivest et al., 1978), the real breakthrough

came with work by Gentry (Gentry, 2009b) who intro-

duced the ﬁrst fully homomorphic encryption scheme

based on a cryptographic assumption using the well-

known mathematical construct called ideal lattices.

Some other fully homomorphic encryption schemes

which are not based on lattices but relied on ideals

in rings were presented in (Smart and Vercauteren,

2010; Brakerski and Vaikuntanathan, 2011b; van Dijk

et al., 2010). Brakerski and Vaikuntanathan (Brak-

erski and Vaikuntanathan, 2011a) presented a fully

homomorphic scheme based on a well-studied as-

sumption - known as the learning with errors as-

sumption (LWE). A comparatively simple fully ho-

momorphic encryption scheme also based on LWE

problem has been introduced by Gentry et al. (Gen-

try et al., 2013). They presented a new technique

called approximate eigenvector method where homo-

morphic addition and multiplication are provided by

a simple matrix addition and multiplication. In con-

trast to previous fully homomoprhic schemes, Gen-

try et al.’s construction does not require any evalua-

tion key and evaluation can even be calculated with-

out knowing user’s public key. This feature allowed

the authors to construct the ﬁrst fully homomorphic

identity-based encryption without usage of any eval-

uation keys. Berkoff and Liu (Berkoff and Liu, 2014)

explored for the ﬁrst time a new topic of leakage-

resilient fully homomorphic encryption. They instan-

tiated their construction by making the underlying

decisional learning with errors (DLWE) problem of

a fully homomorphic encryption scheme leakage re-

silient. They deﬁned the scheme in adaptive bounded

leakage model. Later on, Goldwasser et al. (Gold-

wasser et al., 2010) showed in their work that the

leakage resilient DLWE involves leakage resilience of

symmetric-key encryption schemes which are secure

SECRYPT 2018 - International Conference on Security and Cryptography

42

under the DLWE assumption.

Our Contribution. In this work we present the ﬁrst

leakage resilient IBE scheme which is deﬁned in con-

tinual auxiliary leakage model and has the fully ho-

momorphic property. Furthermore we enhance our

construction by dividing the role of one decryption

server among two servers which decrypt the cipher-

text by running an interactive two party decryption

protocol. In contrast to the previous construction

of fully homomorphic encryption by Berkoff and

Liu (Berkoff and Liu, 2014), our scheme combines

the concepts of continual leakage model and auxil-

iary leakage model where the earlier model will be

achieved by refreshing the secret key shares of each

server while the latter model is achievable by the min-

imal restriction of the leakage function between up-

dates. The auxiliary input model provides another

appealing feature being useful for composible con-

structions which is an interesting question for fur-

ther research. We also instantiate the ﬁrst fully ho-

momorphic IBE scheme which is secure under LWE

assumption. Identity-based encryption became an en-

grossing research topic because of its distinctive fu-

ture where any public string can be used as a public

key for the encryption process. Analogously to the

Berkoff and Liu construction (Berkoff and Liu, 2014)

our scheme also achieves adaptivity which allows an

adversary to choose the leakage function after seeing

the public key. For the fully homomorphic property

we assume a scenario where the different ciphertexts

are computed using the same public key. In order

to enhance the scheme to a scenario where different

ciphertext can be computed at different times using

distinct public keys, we refer to the multi-key FHE

technique used in (Clear and McGoldrick, 2015) and

leave the topic for our further research. Furthermore

our scheme proﬁts from its distributed decryption pro-

cess, where the secret key will be shared between two

decryption parties. In order to realize the distribution

of the secret key we use a leakage resilient symmet-

ric encryption based on LWE. Finally, our leakage re-

silient lattice-based distributed IBE scheme is secure

against chosen-plaintext attacks.

Applications. Our leakage-resilient fully homomor-

phic IBE scheme has several applications. As men-

tioned shortly in the introduction, an identity-based

encryption has the attractive feature of no need to

managing a public key infrastructure since only re-

cipient’s identity and some public parameters are re-

quired to encrypt a message. Regarding privacy,

IBE schemes are especially suitable for those systems

which require anonymity of communicating parties.

Having an IBE scheme, a user can choose an anony-

mous certiﬁcate to achieve anonymity between those

parties. Fully homomorphic property is particularly

useful in applications concerning cloud security. Out-

sourcing private data to the cloud services increases

concerns about data owner’s privacy. Storing the data

on cloud in encrypted form and providing the homo-

morphic property, which allows the cloud servers to

perform arbitrary computations on encrypted data, ad-

dresses the question of privacy issues. In particular,

cloud services are appealing in the medical and ﬁnan-

cial sectors. Li et al. (Li et al., 2010) presented an

attribute-based encryption (ABE) scheme which al-

lows to secure personal health records in cloud com-

puting. Sahai and Waters (Sahai and Waters, 2005)

showed in their work how to generalize an IBE en-

cryption to fuzzy identity-based encryption, which on

its part can be generalized to and ABE scheme, as

showed by Goyal et al. (Goyal et al., 2006). This

applies that our leakage-resilient fully homomorphic

distributed IBE scheme can be generalized to an ABE

scheme, which on its part can be applied to secure

cloud services of medical and ﬁnancial sectors.

2 PRELIMINARIES

Notations. In our paper, we follow common nota-

tions used in the recent literature. A column vector v

(with coefﬁcients v

i

) is written as a bold lowercase let-

ter. A matrix M is written as a bold uppercase letter.

For a value v sampled from a distribution D, we write

v ← D. This notation is extended to vector, v ← D

n

indicates that the coefﬁcients of v are sampled inde-

pendently from D. The uniform distribution over a set

S is written as U(S). Matrix multiplication will be de-

noted with either juxtaposition AB or with a small dot

A · B when it enhances readability. The dot product

between two (same size) vectors ha, bi or a

T

b corre-

sponds to

∑

i

a

i

b

i

with the operations performed in the

algebraic structure of the vectors’ coefﬁcients.

2.1 Learning with Errors

For some positive integers parameters q,n, a vec-

tor s ← U

Z

n

q

and an error distribution D

σ

with

standard deviation σ over the integers (usually a

discrete Gaussian), we deﬁne the LWE distribution

A

s,D

σ

which is obtained by sampling a vector a ←

U(Z

n

q

), an error term e ← D

σ

and outputting the tu-

ple (a,ha,si + e) ← U

Z

n

q

× Z

q

.

The LWE problem, ﬁrst introduced by Regev

(Regev, 2005), comes in two ﬂavors, a search prob-

lem and a decision problem.

Fully Homomorphic Distributed Identity-based Encryption Resilient to Continual Auxiliary Input Leakage

43

Deﬁnition 1 (Search-LWE

n,m,q,σ

). Given m samples

(a,ha,si + e) ← A

s,D

σ

, ﬁnd s.

This can be seen as solving an over-determined

system of noisy linear equations over Z

q

. Indeed, if

we write the samples as a matrix, the problem be-

comes: given a public matrix A ∈ Z

m×n

and a target

vector t = As + e ∈ Z

m

q

, ﬁnd s.

Deﬁnition 2 (Decision-LWE

n,m,q,σ

). Given m sam-

ples over Z

n

q

× Z

q

, determine if they come from

U(Z

n

q

× Z

q

) or A

s,D

σ

.

Stated otherwise, it is the problem of distinguish-

ing the LWE distribution from the uniform distribu-

tion over Z

n

q

× Z

q

.

Surprisingly, both problems are equivalently hard,

even for an adversary in possession of a quantum

computer.

Deﬁnition 3 (Goldreich-Levin Theorem(Dodis et al.,

2010a)). For a prime q, a set H ⊆ Z(q), a function

h : H

m

→ {0,1}

∗

, a secret vector s ∈ H

m

, a random

vector r ← U(Z

q

)

m

if there exists a distinguisher be-

tween hs,ri and U(Z

q

) given h(s), there exists an ef-

ﬁcient inverter for h.

Deﬁnition 4 (Goldreich-Levin Theorem for LWE

(Goldwasser et al., 2010)). Let k > log q and h :

{0,1}

n

→ {0,1}

∗

be a function that no polynomial

adversary can invert with probability greater than

2

−k

. For a super-polynomial q, a polynomial m,

0 ≤ σ

1

,σ

2

≤ q such that σ

2

/σ

1

is negligible,

(A,As + e, h(s)) ≈

c

(A,u,h(s)) (1)

where A ← U(Z

m×n

q

),s ← U(Z

n

q

),u ← U(Z

m

q

) are

uniformly random and the error vector e ← D

σ

1

if

the Decision-LWE

`,m,q,σ

2

assumption holds with ` =

k−ω(log n)

log q

.

This result was ﬁrst introduced in (Goldwasser

et al., 2010). It express the leakage-resilient property

of LWE in the auxiliary input model. In it ﬁrst form it

required required a super-polynomial q but, later on,

Alwen et al. (Alwen et al., 2013) showed that the

LWE-to-LWE reduction works even for larger param-

eters where the modulus and modulus-to-error ratio

have polynomial size.

2.2 Homomorphic Encryption

For several decades(Rivest et al., 1978), cryptog-

raphers asked themselves the following question:

is it possible to perform arbitrary computation on

encrypted data without revealing it? The ﬁnal answer

came from Gentry in 2009(Gentry, 2009a). In his

thesis, he solved the open problem of constructing

a cryptosystem allowing to compute an arbitrary

function on encrypted data without decrypting ﬁrst.

Despite being still quite inefﬁcient, this technique,

called fully homomorphic encryption(FHE), ﬁts

really well in the context of distributed computing, or

more generally, cloud applications. As surprising as

it can sounds, a small device can now ask a powerful

cloud to perform data analysis without altering the

privacy of the data. In the following, we recall the

basic deﬁnitions. A survey of the ﬁeld can be found

in (Armknecht et al., 2015).

A homomorphic encryption scheme is made

of four algorithms (FHEKeyGen,FHEEncrypt,

FHEDecrypt,Eval) deﬁned as follow:

FHEKeyGen(λ) : On input a security parameter λ, it

outputs the secret key sk, the public key pk and the

evaluation key evk.

FHEEncrypt(pk,m) : On input the public key pk and

a message m, it outputs a ciphertext c.

FHEDecrypt(sk, c) : On input the secret key sk and a

ciphertext c, it outputs a message m.

Eval(evk, f ,(c

0

,...,c

n

)) : On input the evalua-

tion key evk, a function f and some ciphertexts

c

0

,...,c

n

such that c

i

= Encrypt(pk,m

i

), it outputs

c

0

= Encrypt(pk , f (m

0

,...,m

n

)).

The correctness requirement for homomorphic

encryption scheme is the following:

FHEDecrypt(sk, Eval(evk, f ,(c

0

,...,c

n

)))

= f (m

0

,...,m

n

).

Correct decryption of evaluated ciphertext is sufﬁ-

cient in the sense that one can always evaluate the

identity function on a ciphertext without explicitly

asking for the output of FHEEncrypt to be decrypt-

able. (Brakerski and Vaikuntanathan, 2011a)

Deﬁnition 5. A fully homomorphic encryption

scheme is said to be leveled if the depth of the circuit

evaluating the function f is bounded by a prespeciﬁed

parameter.

2.3 Gentry-Sahai-Waters FHE

Let us now describe the fully homomorphic encryp-

tion scheme of Gentry, Sahai and Waters(Gentry

et al., 2013)(GSW). This scheme has the beautiful

property that no evaluation key is required to perform

homomorphic operations. One can directly add and

multiply ciphertexts together (which is enough to de-

scribe a NAND gate) and get the expected result. The

construction is based on LWE.

Ciphertext ﬂattening. We start by recalling the tech-

nique which keeps ciphertexts strongly bounded. We

SECRYPT 2018 - International Conference on Security and Cryptography

44

call a ciphertext C B-strongly-bounded if its associ-

ated messages µ and the coefﬁcients of the cipher-

text C all have magnitude at most 1, while the co-

efﬁcients of the error vector e all have magnitude

at most B ((Gentry et al., 2013)). The technique

was used to realize the ﬁrst (leveled) fully homo-

morphic identity-based and (leveled) fully homomor-

phic attribute-based encryption as showed in (Gentry

et al., 2013). Using transformations from (Brakerski

and Vaikuntanathan, 2011a), vectors can be modiﬁed

without affecting dot products.

We assume two vectors a, b ← U

Z

k

q

and set

l =

b

log

2

q

c

+ 1 and N = k · l. Let BitDecomp(a)

be the N-dimensional vector (a

1,0

,...,a

1,l−1

,...,a

k,0

,

...,a

k,l−1

), where a

i, j

is the j-th bit in a

i

’s binary rep-

resentation. For some vector a

0

= (a

1,0

,...,a

1,l−1

,...,

a

k,0

,...,a

k,l−1

), let

BitDecomp

−1

(a

0

) =

l−1

∑

j=0

2

j

· a

1, j

,...,

l−1

∑

j=0

2

j

· a

k, j

!

be the inverse of BitDecomp, which is well deﬁned.

That means even if the input is not a bit-vector, the in-

verse is well-deﬁned. For an N-dimensional vector a

0

,

let Flatten(a

0

) = BitDecomp(BitDecomp

−1

(a

0

)) a

N-dimensional bit vector. For a matrix A, let

BitDecomp(A), BitDecomp

−1

(A),Flatten(A) be

applied to each row of A. Let Powerof2(b) =

(b

1

,2b

1

,...,2

l−1

b

1

,...,b

k

,2b

k

,...,2

l−1

b

k

). We ob-

serve the following properties for any N-dimensional

a

0

:

•

h

BitDecomp(a),Powerof2(b)

i

=

h

a,b

i

•

a

0

,Powerof2(b)

=

BitDecomp

−1

(a

0

),b

=

Flatten(a

0

),Powerof2(b)

.

Encryption and Decryption. The fully homomor-

phic encryption (FHE) scheme from (Gentry et al.,

2013) works as follows. For suitable parameters

q,n,m = O(n log q) the LWE instance consists of a

m × (n + 1) matrix A such that there is a vector

s ← U

Z

n+1

q

, where the ﬁrst entry is 1 and e = A · s

is a small error vector. We assume that A is pub-

lic and s is secret. A ciphertext C encrypts µ if

C · v = µv + e, where v is a N-dimensional secret

key. To decrypt message µ, the i-th row C

i

is ex-

tracted from C and x ←

h

C

i

,v

i

= µv

i

+ e

i

computed.

The vector v is called approximate eigenvector. Let

v = Powerof2(s), which is a vector of dimension

N = (n + 1) · l for l =

b

log

2

q

c

+ 1. Consider the fol-

lowing property:

Flatten(C) · v = C · v.

To encrypt a message µ ∈ Z

q

, a random matrix R ∈

{0,1}

N×m

is generated and C = Flatten(µ · I

N

+

BitDecomp(R · A)) computed. Note that Flatten

operation does not affect the product with v, i.e.

C · v = µ · v + BitDecomp(R · A) · v

= µ · v + R · A · s = µ · v + small.

Homomorphic Properties. Homomorphism comes

naturally with the deﬁnition of a ciphertext C

i

on a

message µ

i

being a matrix such that C

i

·v = µ

i

·v +e

i

.

Indeed, for addition,

C

+

= Add(C

1

,C

2

) = C

1

+ C

2

implies C

+

· v = (µ

1

+ µ

2

) · v + (e

1

+ e

2

) and for mul-

tiplication,

C

×

= Mult(C

1

,C

2

) = C

1

· C

2

implies C

×

· v = C

1

· (C

2

· v) = C

1

· (µ

2

· v + e

2

) =

µ

2

·(µ

1

·v+e

1

)+C

1

·e

2

= µ

1

·µ

2

·v+µ

2

·e

1

+C

1

·e

2

=

µ

1

· µ

2

· v + small. Unfortunately, it is impossible to

prevent the error term to grow while performing ho-

momorphic operations. We refer to (Gentry et al.,

2013) for more details.

2.4 Identity-based Encryption

An identity-based encryption scheme is made of four

algorithms (Setup, Extract, Encrypt, Decrypt)

deﬁned as follow:

IBE.Setup(λ) : On input a security parameter λ it

outputs a key pair (msk, mpk).

Extract(msk, ID) : On input the master secret key

msk and an identity ID, it outputs a secret key for the

given ID sk

ID

.

IBE.Encrypt(mpk,ID, m) : On input the master

public key mpk, an identity ID and a message m, it

outputs a ciphertext c

ID

intended to ID.

IBE.Decrypt(c

ID

,sk

ID

) : On input a ciphertext c

ID

and a secret key sk

ID

for both the same ID, it outputs

a message m.

For correctness to hold, it should be the case

that when sk

ID

is output by the algorithm

Extract(msk, ID), we have

IBE.Decrypt(IBE.Encrypt(mpk,ID,m),sk

ID

) = m.

3 MODELING CONTINUAL

KEY-LEAKAGE ATTACKS

We propose our scheme in the continual auxiliary

leakage model. A cryptosystem is secure in this

model if it remains secure even when an adversary is

given a computationally uninvertible function on in-

put a secret key as an auxiliary input. The scheme

achieves continual leakage resistance by refreshing

Fully Homomorphic Distributed Identity-based Encryption Resilient to Continual Auxiliary Input Leakage

45

the secret key in each time period with a restriction

that there is no polynomial time algorithm which can

invert the leakage function between two time periods.

The auxiliary input model was introduced by Dodis

et al. (Dodis et al., 2010a), while the continual leak-

age model was presented in (Dodis et al., 2010b). We

present a model which is deﬁned in the chosen ci-

phertext security setting. In this case an adversary

has access to four oracles: extraction, leakage and re-

fresh oracle. The model is provided in the following

paragraph. Let A

ind

be an adversary which is playing

the following experiment Exp

IND−ID−CPA−b

LR−FHIBE,A

ind

for a bit

b ∈ {0,1}:

Setup: The challenger runs Setup algorithm and

outputs mpk,msk. The adversary speciﬁes the leak-

age function h. The challenger constructs storage list

which consists of extracted secret keys L

ex

given by

(ID, sk

ID,1

,sk

ID,2

), where sk

ID,1

,sk

ID,2

are the two se-

cret shares.

Phase 1: Adversary A

ind

queries the following ora-

cles:

• Extraction Oracle: Taking as input ID, index

i ∈ {1,2}, the oracle checks if (ID,sk

ID,i

,·) ∈ L

ex

.

If so it takes the corresponding secret key sk

ID

=

(sk

ID,1

,sk

ID,2

) and gives the secret share sk

ID,i

to

the adversary. Otherwise it runs the Extract al-

gorithm on input master public, master secret key

and an identity ID. It outputs then the computed

secret key shares sk

ID,i

to the adversary and stores

(ID, sk

ID,i

,·) in the list L

ex

.

• Leakage Oracle: On input a PPT computable

leakage function h and an identity ID the oracle re-

turns h(mpk,ID, sk

ID,1

,sk

ID,2

).

• Refresh Oracle: On input an identity ID and,

the oracle checks if (ID,sk

ID,1

,sk

ID,2

) ∈ L

ex

, if

not, it sets a counter count = 1. The ora-

cle generates {sk

ID,i

}

i∈{1,2}

← Extract(msk,ID),

adds (ID,sk

ID,1

,sk

ID,2

) to the list, runs the

Refresh algorithm on input {sk

ID,1

,sk

ID,2

} and

returns (sk

f resh

ID,1

,sk

f resh

ID,2

) to A

ind

. Otherwise, if

(ID, sk

ID,1

,sk

ID,2

) is already in the list it runs

the Refresh algorithm on the existing secret key

shares from the list L

ex

and returns {sk

f resh

ID,i

}

i∈{1,2}

to A.

Challenge: A

ind

outputs m

0

,m

1

and an

identity ID

∗

. The challenger computes

FHIB.Encrypt(mpk,m

b

,ID

∗

), where ID

∗

has

not been queried before to the leakage and refresh

oracles.

Phase 2: The adversary is allowed to issue further

extraction oracle queries excluding the queries on

input ID

∗

.

Output: A

ind

returns a bit b

0

as a guess for b.

We say that an identity-based encryption is secure

against chosen-plaintext attacks in the continual aux-

iliary input model if for any probabilistic polynomial

time attacker A running the above experiment the

advantage to win, deﬁned as

Adv

IND−ID−CPA

LR−FHIBE,A

ind

= |Pr[Exp

IND−ID−CPA−0

LR−FHIBE,A

ind

= 1]

− Pr[Exp

IND−ID−CPA−1

LR−FHIBE,A

ind

= 1]| ≤ ε(λ),

where ε(·) is a negligible function in λ.

4 LEAKAGE-RESILIENT

FULLY-HOMOMORPHIC

DISTRIBUTED

IDENTITY-BASED

ENCRYPTION WITH

AUXILIARY INPUTS

(LRFHIBE)

Intuition. Motivated by the scheme of (Akavia et al.,

2012) which introduced distributed public key en-

cryption schemes secure against continual leakage,

we present the new construction of a leakage-resilient

fully homomorphic IBE scheme (LRFHIBE) in the

distributed setting. We note that the secret key will be

shared among two computing devices which can com-

municate with each other via a public channel. This

distributed setting allows to reduce the risk of manip-

ulating the single device, by distributing the power of

a single device among two ones. Our construction

guarantees security against continual leakage of the

secret key where the leakage function consists of the

secret key and some auxiliary input. Decryption of

ciphertext is given by a two-party protocol. In order

to ensure a secure communication between the two

parties we use symmetric encryption during the ex-

ecution of the 2-party protocol. We use the approx-

imate eigenvector technique in order to achieve the

fully homomorphic property of our scheme, avoiding

the existence of any evaluation keys which makes our

scheme favorable in contrast to the so far existing ho-

momorphic encryption schemes with evaluation keys.

Deﬁnition 6 (Model for LRFHIBE Scheme). Let

ˆ

C

denote the evaluated ciphertext which can be either

ˆ

C

+

or

ˆ

C

×

, as introduced in Chapter 2.3. A LRFHIBE

consists of the following six algorithms:

FHIB.Setup(λ): On input security parameter λ it

generates the master public key and master secret key

mpk,msk.

FHIB.Extract(mpk,msk,ID) : On input mpk, msk,

ID the algorithm consists of two stages:

SECRYPT 2018 - International Conference on Security and Cryptography

46

• Stage 1. Takes as input mpk,msk, ID. Outputs

sk

ID

.

• Stage 2. On input secret key sk

ID

, it outputs se-

cret shares sk

ID,1

,sk

ID,2

for party P

1

and party P

2

,

respectively.

FHIB.Encrypt(mpk,ID, µ

i

) : On input master public

key mpk, identity ID and message µ

i

it outputs a

ciphertext C

ID

(µ

i

).

FHIB.Eval(mpk,C

ID

(µ

1

),...,C

ID

(µ

n

),F) : Take

as input the ciphertexts, C

ID

(µ

1

),...,C

ID

(µ

n

) and

an evaluation function F and output the evaluated

ciphertext

ˆ

C.

FHIB.Decrypt(mpk,

ˆ

C,sk

ID,1

,sk

ID,2

) : On input

master public key mpk, evaluated ciphertext

ˆ

C, two

secret shares sk

ID,1

,sk

ID,2

it runs an interactive

2-party protocol executed between P

1

and P

2

where

at the end of the protocol one of the parties outputs ˆµ,

which is an evaluated value of messages µ

1

,...,µ

n

,

i.e. ˆµ = F(µ

1

,...,µ

n

).

Refresh(sk

ID,1

,sk

ID,2

) : Is a 2-party protocol exe-

cuted between P

1

and P

2

taking as input their secret

shares sk

ID,1

= s and sk

ID,2

and outputting updated

secret shares sk

f resh

ID,1

,sk

f resh

ID,2

.

4.1 Building Block: Leakage-resilient

Symmetric Encryption

We recall a building block, termed leakage-resilient

symmetric encryption introduced in (Goldwasser

et al., 2010):

SymGen(λ) : On input λ outputs a uniformly random

secret key s ← U({0,1}

λ

).

SymEnc(s,µ) : On input a secret key s and a message

µ ∈ {0, 1}

m

, outputs the ciphertext C = (A,As + e +

µb

q

2

c), where A ← U(Z

m×n

q

) and e ← D

m

σ

.

SymDec(s,C) : On input a secret key s and a cipher-

text (A,y), computes y− As and outputs the message

using a threshold decoder.

4.2 The Scheme

Intuition. Let Σ be an LWE-based IBE scheme con-

sisting of four algorithms (IBE.Setup,IBE.Extract,

IBE.Encrypt,IBE.Decrypt) as described in Section

2.4. To apply the transformation technique presented

via ”compiler” in (Gentry et al., 2013), the underlying

IBE scheme needs to have the following three proper-

ties:

• The decryption key for identity ID and the cor-

responding ciphertext for ID, are sk

ID

,c

ID

←

U

Z

n

0

q

. We extend the decryption key by adding

1 as the ﬁrst component.

• If c

ID

encrypts 0, then

h

c

ID

,sk

ID

i

is small.

• Encryptions of 0 are indistinguishable from uni-

form vectors over Z

q

(under LWE assumption).

Our transformation of Σ into a distributed LRFHIBE

scheme follows in the next paragraph. The main idea

of the compiler is that the encryption of a message

µ ∈ {0,1} is represented by encryption of 0 using

the encryption algorithm of the underlying IBE

scheme. The decryptor uses the decryption algorithm

of the fully homomorphic scheme FHE to recover

the message µ. In order to make our scheme resilient

against continual leakage our construction contains

an additional algorithm to refresh the secret keys.

At the beginning of the refresh protocol, P

1

holds a

secret key which is represented by a ciphertext of the

symmetric encryption and encrypts the secret key of

the underlying public key encryption. The other party

P

2

holds the secret key of the symmetric encryption

scheme. The role of the refresh algorithm is to update

the secret shares. As a result the new key of P

1

represents the new random symmetric encryption

of secret key of the underlying asymmetric scheme

using the new symmetric secret key which is to

be held by P

2

. During the refreshing process, P

2

chooses a new random secret and sends an encryption

combining the old ciphertext with the new one and

sends it to P

1

. For his part, P

1

chooses a new secret

key and sends a ciphertext to P

2

using its own share.

After decrypting the received ciphertext, P

1

will

receive a new secret share.

Note that the extraction algorithm ﬁrst extracts

identity-based secret key, then it generates the key

shares for both parties. P

2

obtains encryption of the

identity-based secret key, using symmetric secret key

which is hold by P

1

as his secret key. Furthermore

we point out that the decryption algorithm does not

reconstruct the initial master secret key. The idea

is that the two servers interact in a protocol sending

each other certain values, where the ﬁnal decryption

procedure is done by one of the servers.

As showed by Goldwasser et al. (Goldwasser

et al., 2010) the decisional LWE problem is leakage

resilient. Regev (Regev, 2005) proved the search

version of LWE (worst-case) is as hard as several

lattice problems in the worst case. Eventually we

know that decisional and search LWE are equivalent

up to a polynomial in q factors, where q is a prime

number. In order to achieve leakage resilience of

our fully homomorphic IBE scheme we need to

change the parameters of the underlying scheme

which is based on Gentry et al. construction (Gentry

et al., 2013). We assume that the circuit depth of the

scheme is given by L = poly(λ) and is a polynomial

in the security parameter λ. The observance in the pa-

Fully Homomorphic Distributed Identity-based Encryption Resilient to Continual Auxiliary Input Leakage

47

rameter setting is the fact that with a higher parameter

σ of error distribution D

σ

the security increases too.

But according to correctness constraint, σ must be set

low while q must grow exponentially with the depth

of circuit. This contradicts to the hardness constraint

where with an increasing circuit depth L, solving

the underlying gapSVP becomes easy. This problem

involves a solution where the parameter n has to be

polynomial in the depth L. A deeper discussion on

parameter settings has been provided by Berkoff and

Liu (Berkoff and Liu, 2014). Following the proofs

in (Berkoff and Liu, 2014) we set m = 2nlogq + 3λ,

where n = τ

2

and τ = max{L,λ

2

}. The suitable

error distribution parameter σ of D

σ

is set equal to

σ = 2

log

2

τ

and the prime q is bounded by q ≥ 2

τlog

2

τ

.

These parameters guarantee correctness of our

leakage resilient fully homomorphic IBE scheme

according to the analysis in (Berkoff and Liu, 2014).

Construction. A leakage-resilient fully-

homomorphic distributed IBE scheme consists

of the following six algorithms:

FHIB.Setup(λ): It runs the IBE.Setup algorithm of

Σ to generate the master public key and master secret

key mpk,msk.

FHIB.Extract(mpk,msk,ID) : The algorithm

consists of 2 stages:

• Stage 1. It runs the extraction algorithm

IBE.Extract of Σ scheme in order to com-

pute sk

ID

← U

Z

m

q

, which is the decryption

key of IBE scheme. It supplements the calcula-

tions by setting sk

0

ID

= (1,sk

ID

) ← U

Z

m+1

q

.

It computes the decryption key of LRFHIBE

scheme as Powerof2(sk

0

ID

) = v

ID

, where

v

ID

= (v

ID,1

,...,v

ID,N

) ∈ Z

l·(m+1)

q

, N = l(m + 1).

It outputs v

ID

.

• Stage 2. The secret key shares of the two par-

ties are generated as follows: given the security

parameter and the identity-based secret key v

ID

it

runs the SymGen algorithm of symmetric scheme

and outputs a random value s ← U(Z

n

q

) which is

the secret share of P

1

, i.e. sk

ID,1

= s. The secret

share of P

2

is given by running the symmetric algo-

rithm Encrypt(s,v

ID

) = As +e +b

q

2

cv

ID

= sk

ID,2

,

where A ← U

Z

N×n

q

, e ← D

N

σ

.

FHIB.Encrypt(mpk,ID, µ

i

) : To encrypt the message

µ

i

← U ({0,1}), the algorithm invokes IBE.Encrypt

of Σ to compute N = l · (m + 1) encryptions of 0. The

resulted ciphertext is denoted by C

0

ID

. Taking C

0

ID

it

computes the ciphertext of FHIBE by the following

calculation:

C

ID

= Flatten

µ · I

N

+ BitDecomp(C

0

ID

)

← U

Z

N×N

q

.

FHIB.Eval(mpk,C

ID

(µ

1

),...,C

ID

(µ

n

),F) : Take as

input the ciphertexts, C

ID

(µ

1

),...,C

ID

(µ

n

) and an

evaluation function F ∈ {Add, Mult}. If F = Add,

output

ˆ

C = Add(C

ID

(µ

1

),...,C

ID

(µ

n

))

= Flatten(C

ID

(µ

1

) + . . . + C

ID

(µ

n

)),

else if F = Mult, output

ˆ

C = Mult(C

ID

(µ

1

),...,C

ID

(µ

n

))

= Flatten(C

ID

(µ

1

) × . . . × C

ID

(µ

n

)).

FHIB.Decrypt(mpk,

ˆ

C,sk

ID,1

,sk

ID,2

) : Is the follow-

ing 2-party protocol executed between P

1

and P

2

on

a given ciphertext

ˆ

C. Assume that both parties know

index i, which represents the required row i of cipher-

text

ˆ

C:

• P

2

picks a uniformly random s

0

← U(Z

n

q

), takes

the i−th row of ciphertexts

ˆ

C

i

of the underlying

asymmetric scheme, and computes d = As

0

ˆ

C

i

+

sk

ID,2

ˆ

C

i

= As

0

ˆ

C

i

+ As

ˆ

C

i

+ e

ˆ

C

i

+

D

v

ID

,

ˆ

C

i

E

b

q

2

c.

Finally P

2

sends d to P

1

.

• P

1

computes d

0

= d −AsC

i

and sends it back to P

2

.

• P

2

decrypts by executing the simple computation

d

0

− As

0

ˆ

C

i

=

D

v

ID

,

ˆ

C

i

E

b

q

2

c + e.

Refresh(sk

ID,1

,sk

ID,2

) : Is a 2-party protocol exe-

cuted between P

1

and P

2

taking as input their secret

shares sk

ID,1

= s and sk

ID,2

= SymEnc

s

(v

ID

).

• P

2

uses the previously picked secret s

0

, picks a new

error vector e

0

← (D

σ

)

N

, computes f = sk

ID,2

+

As

0

+ e

0

and sends it to P

1

.

• Using its secret key, P

1

computes As + e and tak-

ing f it sets f − (As + e) = f

0

. In the next step P

1

chooses a new secret share sk

f resh

ID,1

given by s

00

←

U(Z

n

q

),e

00

← (D

σ

)

N

, computes f

00

= As

00

+ e

00

+ f

0

and sends it to P

2

.

• Upon receiving f

00

, P

2

subtracts As

0

+ e

0

and ob-

tains the refreshed secret key sk

f resh

ID,2

= As

00

+ e

00

+

v

ID

b

q

2

c.

Correctness. Correctness of the scheme follows

due to the fact that:

v

ID

,

ˆ

C

i

= µv

ID

+ small.

5 SECURITY ANALYSIS

Our scheme offers an extension of Berkoff and Liu

(Berkoff and Liu, 2014) scheme to a distributed set-

ting by introducing a 2-party protocol between two

SECRYPT 2018 - International Conference on Security and Cryptography

48

servers who run the decryption process. Furthermore

our scheme remains secure even if an adversary can

leak a part of the secret key at each time period, while

the leakage is represented by an uninvertible function.

This security model is called continual auxiliary leak-

age model and is particularly attractive in contrast to

the previous leakage models reviewed in the introduc-

tion of our work. Analogously to (Yuen et al., 2012)

our model does not require erasure of the secret key

after each update in every period.

Theorem 7. The fully homomorphic distributed

identity-based encryption is resilient to continual aux-

iliary input leakage under the assumption that the

LW E problem is hard, the underlying identity-based

encryption and symmetric encryption are both secure

under chosen-plaintext attacks.

Proof. Assume an adversary A which plays the

security experiment from section 4. The se-

curity holds even for auxiliary leakage functions

h(mpk,sk

ID,1

,sk

ID,2

) which are hard to invert. The

goal is to generate secret key shares which cannot

be used to decrypt the challenge ciphertext, in other

words those secret key shares will always decrypt to

⊥. We show that if the leakage function is uninvert-

ible, an adversary will not be able to gain information

about the secret key which can be used to distinguish

the ciphertext from a random ciphertext. Later on we

have to show how to extend it to the continual leak-

age model where the secret key shares will be updated

in each time period. We will use a CPA adversary A

against our scheme to construct a polynomial time al-

gorithm B against the LWE problem.

Additionally we prove that our scheme achieves

the appealing property of adaptivity, where an adver-

sary can choose the leakage function after seeing the

public key. In order to achieve this property we need

to show that the ciphertext remains computational in-

distinguishable form random even if we assume that

the public key can be distinguished from a random

value. In the decisional LWE problem, the adversary

is provided with the access to a sampling oracle. Note

that this oracle can be either a pseudorandom oracle

O

pr

with some included secret s

0

or a truly random

oracle, with all random samples over Z

·

q

(where the

exponent differs according to the required vectors). B

samples N + 1 vectors a

0

,a

1

,...,a

N

← U

Z

n

q

N

and

a vector v from Z

N

q

. Similarly it samples more vec-

tors for the simulation of master public key and mas-

ter secret key. Before we proceed with the proof, we

describe how B simulates the received queries from

A.

Extraction Queries: Whenever A issues ex-

traction queries on identity ID and an index i ←

U ({1, 2}), B picks the sampled vector v. Then

it takes the sampled n-dimensional vector a

0

and

the remained N vectors a

1

,...,a

N

and deﬁnes A =

[a

1

|...|a

N

]. It simulates sk

ID,1

= a

0

and sk

ID,2

=

Aa

0

+ e + v, where e ← D

N

σ

is a sample corre-

sponding to the Gaussian distribution D

N

σ

. It re-

turns {sk

ID,i

}

i∈{1,2}

to the adversary A

ind

, sets sk

ID

=

v

ID

= v and stores (ID,sk

ID,1

,sk

ID,2

) in the list L

ex

.

Leakage Queries: Whenever A issues leak-

age queries on input an identity ID and a leak-

age function h, B simulates the input of the leak-

age function by ﬁrst running the simulation of the

secret share queries described above and returns

h(mpk,ID, sk

ID,1

,sk

ID,2

).

Refresh Queries: The challenger B simulates

the queries as follows: Whenever A

ind

issues a re-

fresh query on an identity ID, B ﬁrst checks whether

(ID, sk

ID,1

,sk

ID,2

) ∈ L

ex

. If so, it picks a random

value s

0

∈ U(Z

n

q

) and builds a matrix A of sampled

vectors a

0

,a

1

,...,a

N

. It picks a value e

0

← D

N

σ

and

sets sk

f resh

ID,1

= (s

0

,e

0

). By picking another random

s

00

∈ U(Z

n

q

) and e

00

← D

N

σ

, the challenger simulates

sk

f resh

ID,2

= As

00

+ e

00

+ v

ID

(where v

ID

= v is the previ-

ously sampled vector.

For the continuation of the proof we use the hy-

brid argument with a sequence of games. The oracle

queries in each game are simulated as showed above.

The initial game Game

0

is the real game as described

in section 4. Each game proﬁts from adversary’s com-

putational boundary and from the fact that this adver-

sary cannot distinguish the ciphertext from random.

Game

i

is different from the initial (real) Game

0

by

deﬁnition of secret key shares and ciphertext which

are so modiﬁed that the secret key shares do not de-

crypt correctly the modiﬁed ciphertext.

Gentry et al. (Gentry et al., 2013) deﬁned a com-

piler that transforms any LWE-based IBE scheme into

a fully-homomorphic IBE scheme. Since we exploit

their technique, we recall the three main properties of

that should have the underlying IBE scheme which

we apply to our proof:

Ciphertext and Decryption Key Vectors: The

ID-based secret key sk

ID

and a ciphertext for c

ID

, are

vectors in Z

n+1

q

, where the ﬁrst coefﬁcient is 1.

Small Dot Product: If c

ID

encrypts 0, then

h

c

ID

,sk

ID

i

is small.

Security: Encryptions of 0 are indistinguishable

from uniform vectors over Z

q

under LWE assump-

tion.

To guarantee these properties we assume an un-

derlying identity-based encryption, which has the

required properties and is secure against chosen-

plaintext attacks. The most famous schemes satisfy-

49

ing the mentioned features have been introduced in

(Gentry et al., 2008; Agrawal et al., 2010; Cash et al.,

2010).

We have to show that the compiler is leakage-

resilient in continual leakage model with auxiliary

input. Due to the fact that this compiler uses en-

cryption algorithm of the underlying IBE scheme and

generates N encryptions of 0, the ciphertext is in-

distinguishable from random according to the third

property mentioned above. Since the underlying IBE

scheme is assumed to be secure under LWE assump-

tion, which is known to be leakage resilient, we con-

clude that leakage resilience of the compiler is guar-

anteed too.

Furthermore, in order to prove resistance against

the continual auxiliary leakage we ﬁrst deﬁne a class

of function family F having a minimal entropy ξ

min

of the ID-based secret shares, which at the same

time denotes the length of the secret shares. Ob-

serve a set S of all queries secret key shares for

both servers, (sk

ID

1

,sk

ID

2

). Assuming that S

∗

de-

notes the set of all secret keys on the challenge iden-

tity ID

∗

, then the intersection set S ∩ S

∗

=

/

0. We de-

note by F (g(ξ

min

)) the class of all probabilistic poly-

nomial functions h such that for all leakage queries

i ∈ [1,...,q

l

], with access to the master public key,

challenge identity ID

∗

, set S and the leakage func-

tion h(mpk,ID, sk

ID

1

,sk

ID

2

), where ID is one of the

queried identities to the leakage oracle, no PPT ad-

versary A can ﬁnd the valid secret shares sk

ID

∗

1

,sk

ID

∗

2

with a greater probability than the hardness parameter

g(ξ

min

), where g(ξ

min

) ≥ 2

−ξ

min

. We say that the un-

derlying IBE and symmetric encryption schemes are

supposed to be CPA secure against continual auxiliary

leakages if they are indistinguishable CPA secure with

respect to the family F (g(ξ

min

)) described above.

Let ID

∗

be the challenge identity. The adversary’s

view in the real game is represented by the tu-

ple (mpk,C

ID

,h(mpk,sk

ID,1

,sk

ID,2

)), where C

ID

=

Flatten(µ · I

N

+ BitDecomp(C

0

ID

)), with C

0

ID

be-

ing a ciphertext from the underlying identity-based

encryption which represents N encryptions of 0 and

µ ← U ({0,1}). Upon applying BitDecomp

−1

, we

obtain C

ID

= BitDecomp

−1

(µ · I

N

) + C

0

ID

. We note

that BitDecomp and thus BitDecomp

−1

are determin-

istic operation, it is easier to assume an adversary

A who runs the security experiment with

ˆ

C

ID

. That

means we have to show that A cannot distinguish C

0

ID

from a randomly picked value V ← U(Z

N×(n+1)

q

).

Adversary’s view in the real game Game0 is given

by the following hybrid tuple:

Hybrid

0

:=

mpk,A,b,C

0

ID

,h(mpk,sk

ID,1

,sk

ID,2

)

,

where a random hybrid tuple of a Game

r

is given

by Hybrid

r

:= (mpk,A,u,V, h(mpk,sk

ID,1

,sk

ID,2

)),

where A ← U

Z

N×n

q

and b = As + e is the pub-

lic key of the underlying symmetric scheme, which

is used during the key distribution process. We have

to show that the two hybrid tuples are computation-

ally equivalent, i.e Hybrid

0

≈

c

Hybrid

r

. To represent

the view of adversary A in each other game Game

i

we deﬁne a tuple Hybrid

i

where each row of C

ID

is

replaced by a random vector v

ID,i

← U

Z

n+1

q

. So

we have to show that Hybrid

i

≈

c

Hybrid

i+1

, where

0 < i ≤ N.

According to the Deﬁnition 4 (after amending the

parameters) the following approximation holds:

(A,As + e, h(mpk,sk

ID,1

,sk

ID,2

))

≈

c

(A,u,h(mpk,sk

ID,1

,sk

ID,2

)),

where u ← U(Z

N

q

). According to the security prop-

erty of our IBE compiler, C

0

ID

is indistinguishable

from uniform vectors v

ID,i

← U

Z

n+1

q

, such that we

can say C

0

ID

≈

c

{v

ID,i

}

i∈[N]

. Eventually, we obtain the

following result:

mpk,A,b,C

0

ID

,h(mpk,sk

ID,1

,sk

ID,2

)

≈ (mpk , A,u,V,h(mpk, sk

ID,1

,sk

ID,2

)).

According to the second property of the IBE compiler,

the dot product of a ciphertext with the secret key is

small. That means an adversary cannot distinguish

the modiﬁed secret key from the real one, assuming

that the leakage function is uninvertible.

As next we have to handle with the fact that there is

a continual leakage, meaning existence of a certain

sequence of phases where leakage of the secret key

shares occurs. Each new phase follows after running

a refresh algorithm and generating fresh secret key

shares. Considering the refresh algorithm and choos-

ing a random s ← U

Z

n

q

as the ﬁrst secret share, and

a random v

0

← U

Z

N

q

it computes As + e + b

q

2

c · v

0

,

where e ← (D

σ

)

N

an error. After running the refresh

algorithm, we see that the new secret shares are indis-

tinguishable from random.

In order to complete the proof we show that inversion

of leakage function h can be reduced to the fact that

the consecutive hybrid games are indistinguishable

from each other. For reason of simplicity we shot that

the advantage between Hybrid

0

and Hybrid

r

is neg-

ligible. We show it by a contradiction assuming that

the advantage between the hybrids is non-negligible,

i.e. |Adv(Hybrid

0

) − Adv(Hybrid

r

)| ≥ negl(λ). This

assumption would mean that there is an adversary B

against LWE, such that

Pr[B

A,As + e, h(mpk,sk

ID,1

,sk

ID,2

),C

0

ID

s

= 1]

−Pr[B (A, u, h(mpk,sk

ID,1

,sk

ID,2

),V) = 1] ≥ ε(λ),

SECRYPT 2018 - International Conference on Security and Cryptography

50

This is a contradiction due to the computational in-

distinguishabilities we showed above. Thus we can

conclude

|Adv(Hybrid

0

) − Adv(Hybrid

r

)| ≤ negl(λ).

6 CONCLUSION

In this work, we described how to construct a leakage-

resilient distributed identity-based encryption scheme

having the fully homomorphic property making the

scheme appealing to such applications like cloud se-

curity of medical and ﬁnancial data. The leakage

model we considered is called continual auxiliary

leakage model. It aims at allowing a constant leakage

of information on the secret key. To achieve that, the

lifetime of the system is split in time frames during

which the adversary has access to an auxiliary input

represented by some uninvertible function. At the end

of each frame, the key is replaced by a new one and

the process can continue for an unbounded amount of

time.

Our construction lives in a distributed setting where

a secret key is shared between two devices. The re-

freshing procedure is made through a two party pro-

tocol updating the shares while keeping the same pub-

lic key. Security is proven under the LWE assumption

which enjoy strong leakage-resilient properties and is

believed to resist attacks from quantum adversaries.

REFERENCES

Agrawal, S., Boneh, D., and Boyen, X. ((2010)). Efﬁ-

cient lattice (H)IBE in the standard model. In EU-

ROCRYPT, volume 6110 of LNCS, pages 553–572.

Springer.

Akavia, A., Goldwasser, S., and Hazay, C. (2012). Dis-

tributed public key schemes secure against continual

leakage. In ACM Symposium on Principles of Dis-

tributed Computing, PODC, 2012, pages 155–164.

ACM.

Akavia, A., Goldwasser, S., and Vaikuntanathan, V. (2009).

Simultaneous hardcore bits and cryptography against

memory attacks. In Theory of Cryptography, TCC,

2009. Proceedings, volume 5444 of Lecture Notes in

Computer Science, pages 474–495. Springer.

Alwen, J., Dodis, Y., Naor, M., Segev, G., Walﬁsh, S.,

and Wichs, D. (2010). Public-key encryption in the

bounded-retrieval model. In Advances in Cryptology

- EUROCRYPT 2010. Proceedings, volume 6110 of

Lecture Notes in Computer Science, pages 113–134.

Springer.

Alwen, J., Krenn, S., Pietrzak, K., and Wichs, D. (2013).

Learning with rounding, revisited - new reduction,

properties and applications. In Advances in Cryptol-

ogy - CRYPTO 2013 - Proceedings, Part I, volume

8042 of Lecture Notes in Computer Science, pages

57–74. Springer.

Armknecht, F., Boyd, C., Carr, C., Gjøsteen, K.,

J

¨

aschke, A., Reuter, C. A., and Strand, M.

(2015). A guide to fully homomorphic encryp-

tion. Cryptology ePrint Archive, Report 2015/1192.

http://eprint.iacr.org/2015/1192.

Berkoff, A. and Liu, F. (2014). Leakage resilient fully ho-

momorphic encryption. In Theory of Cryptography -

11th Theory of Cryptography Conference, TCC 2014.

Proceedings, volume 8349 of Lecture Notes in Com-

puter Science, pages 515–539. Springer.

Brakerski, Z., Kalai, Y. T., Katz, J., and Vaikuntanathan, V.

(2010). Overcoming the hole in the bucket: Public-

key cryptography resilient to continual memory leak-

age. In 51th Annual IEEE Symposium on Foundations

of Computer Science, FOCS 2010, pages 501–510.

IEEE Computer Society.

Brakerski, Z. and Vaikuntanathan, V. (2011a). Efﬁcient

fully homomorphic encryption from (standard) LWE.

In IEEE 52nd Annual Symposium on Foundations of

Computer Science, FOCS, 2011, pages 97–106. IEEE

Computer Society.

Brakerski, Z. and Vaikuntanathan, V. (2011b). Fully ho-

momorphic encryption from ring-lwe and security for

key dependent messages. In Advances in Cryptology

- CRYPTO 2011, Proceedings, pages 505–524.

Canetti, R., Dodis, Y., Halevi, S., Kushilevitz, E., and Sahai,

A. (2000). Exposure-resilient functions and all-or-

nothing transforms. In Advances in Cryptology - EU-

ROCRYPT 2000, Proceeding, volume 1807 of Lecture

Notes in Computer Science, pages 453–469. Springer.

Cash, D., Hofheinz, D., Kiltz, E., and Peikert, C. ((2010)).

Bonsai trees, or how to delegate a lattice basis. In EU-

ROCRYPT 2010, volume 6110 of LNCS, pages 523–

552. Springer.

Chow, S. S. M., Dodis, Y., Rouselakis, Y., and Waters, B.

(2010). Practical leakage-resilient identity-based en-

cryption from simple assumptions. In Proceedings of

the 17th ACM Conference on Computer and Commu-

nications Security, CCS 2010, Chicago, Illinois, USA,

October 4-8, 2010, pages 152–161. ACM.

Clear, M. and McGoldrick, C. (2015). Multi-identity and

multi-key leveled FHE from learning with errors. In

Advances in Cryptology - CRYPTO 2015 - Proceed-

ings, Part II, volume 9216 of LNCS, pages 630–656.

Springer.

Dodis, Y., Goldwasser, S., Kalai, Y. T., Peikert, C., and

Vaikuntanathan, V. (2010a). Public-key encryption

schemes with auxiliary inputs. In Theory of Cryptog-

raphy, 7th Theory of Cryptography Conference, TCC

2010. Proceedings, volume 5978 of Lecture Notes in

Computer Science, pages 361–381. Springer.

Dodis, Y., Haralambiev, K., L

´

opez-Alt, A., and Wichs, D.

(2010b). Cryptography against continuous memory

attacks. In 51th Annual IEEE Symposium on Founda-

51

tions of Computer Science, FOCS 2010, pages 511–

520. IEEE Computer Society.

Dodis, Y., Kalai, Y. T., and Lovett, S. (2009). On cryp-

tography with auxiliary input. In Proceedings of the

41st Annual ACM Symposium on Theory of Comput-

ing, STOC 2009, Bethesda, MD, USA, May 31 - June

2, 2009, pages 621–630. ACM.

Dziembowski, S. and Pietrzak, K. (2008). Leakage-resilient

cryptography. In 49th Annual IEEE Symposium on

Foundations of Computer Science, FOCS 2008, Octo-

ber 25-28, 2008, Philadelphia, PA, USA, pages 293–

302. IEEE Computer Society.

Gentry, C. (2009a). A fully homomorphic encryption

scheme. PhD thesis, Stanford University.

Gentry, C. (2009b). Fully homomorphic encryption using

ideal lattices. In Proceedings of the 41st Annual ACM

Symposium on Theory of Computing, STOC 2009,

pages 169–178. ACM.

Gentry, C., Peikert, C., and Vaikuntanathan, V. ((2008)).

Trapdoors for hard lattices and new cryptographic

constructions. In STOC 2008, pages 197–206. ACM.

Gentry, C., Sahai, A., and Waters, B. ((2013)).

Homomorphic encryption from learning with er-

rors: Conceptually-simpler, asymptotically-faster,

attribute-based. In CRYPTO 2013, volume 8042 of

LNCS, pages 75–92. Springer.

Goldwasser, S., Kalai, Y. T., Peikert, C., and Vaikun-

tanathan, V. (2010). Robustness of the learning with

errors assumption. In Innovations in Computer Sci-

ence - ICS 2010, Tsinghua University, Beijing, China,

January 5-7, 2010. Proceedings, pages 230–240. Ts-

inghua University Press.

Goyal, V., Pandey, O., Sahai, A., and Waters, B. (2006).

Attribute-based encryption for ﬁne-grained access

control of encrypted data. In CCS 2006, pages 89–98.

ACM.

Halderman, J. A., Schoen, S. D., Heninger, N., Clarkson,

W., Paul, W., Calandrino, J. A., Feldman, A. J., Ap-

pelbaum, J., and Felten, E. W. (2009). Lest we remem-

ber: cold-boot attacks on encryption keys. Commun.

ACM, 52(5):91–98.

Li, M., Yu, S., Ren, K., and Lou, W. (2010). Securing

personal health records in cloud computing: Patient-

centric and ﬁne-grained data access control in multi-

owner settings. pages 89–106.

Micali, S. and Reyzin, L. (2004). Physically observable

cryptography (extended abstract). In Theory of Cryp-

tography, First Theory of Cryptography Conference,

TCC 2004, Proceedings, volume 2951 of Lecture

Notes in Computer Science, pages 278–296. Springer.

Naor, M. and Segev, G. (2009). Public-key cryptosystems

resilient to key leakage. In Advances in Cryptology -

CRYPTO 2009, 29th Annual International Cryptology

Conference, Santa Barbara, CA, USA, August 16-20,

2009. Proceedings, volume 5677 of Lecture Notes in

Computer Science, pages 18–35. Springer.

Pietrzak, K. (2009). A leakage-resilient mode of operation.

In Advances in Cryptology - EUROCRYPT 2009, 28th

Annual International Conference on the Theory and

Applications of Cryptographic Techniques, Cologne,

Germany, April 26-30, 2009. Proceedings, volume

5479 of Lecture Notes in Computer Science, pages

462–482. Springer.

Regev, O. ((2005)). On lattices, learning with errors, ran-

dom linear codes and cryptography. In STOC 2005,

pages 84–93. ACM.

Rivest, R. L., Adleman, L., and Dertouzos, M. L. (1978).

On data banks and privacy homomorphisms. Founda-

tions of Secure Computation, Academia Press, pages

169–179.

Sahai, A. and Waters, B. (2005). Fuzzy identity-based en-

cryption. In EUROCRYPT 2005, Proceedings, volume

3494 of LNCS, pages 457–473. Springer.

Smart, N. P. and Vercauteren, F. (2010). Fully homomor-

phic encryption with relatively small key and cipher-

text sizes. In Public Key Cryptography - PKC 2010,

Proceedings, volume 6056 of Lecture Notes in Com-

puter Science, pages 420–443. Springer.

van Dijk, M., Gentry, C., Halevi, S., and Vaikuntanathan,

V. (2010). Fully homomorphic encryption over the

integers. In Advances in Cryptology - EUROCRYPT,

2010, Proceedings, pages 24–43.

Yuen, T. H., Chow, S. S. M., Zhang, Y., and Yiu, S. (2012).

Identity-based encryption resilient to continual aux-

iliary leakage. In Advances in Cryptology - EURO-

CRYPT 2012, volume 7237 of LNCS, pages 117–134.

Springer.

SECRYPT 2018 - International Conference on Security and Cryptography

52