CWI Cryptology Group

Abstract: Motivated by the goal of efficient secure computations on sensitive numerical data, we present a protocol for securely computing arithmetic circuits that requires only a constant (amortized) number of arithmetic operations per gate. Our protocol is based on new cryptographic assumptions that can be viewed as natural arithmetic analogues of well studied assumptions. Beyond the asymptotic result, a key building block in our protocol can yield concrete efficiency improvements for natural secure computation tasks. Joint work with Benny Applebaum, Ivan Damgård, Michael Nielsen, and Lior Zichron

Abstract: SPDZ denotes a protocol for actively secure full-threshold multiparty computation with a preprocessing phase that is based on somewhat homomorphic encryption. At CCS '16, Keller et al. proposed MASCOT, a replacement for the preprocessing phase based on oblivious transfer together with an implementation that improved on previous SPDZ implementations by two orders of magnitude. In this work, we revisit preprocessing based on BGV and show it improves at least an order of magnitude on MASCOT when combining ideas from SPDZ, MASCOT, and BeDOZa (Bendlin et al, Eurocrypt '11). In particular, we found that for a low number of parties, it is more efficient to use a semi-homomorphic version of BGV (multiplicative depth zero).

Abstract: In the McEliece encryption paradigm, decryption consists of decoding by using a hidden code structure but security reductions to decoding generic codes are not readily available. In contrast, Regev (or Alekhnovich) inspired cryptosystems come with such reductions but do not have hidden decoding algorithms available for decryption. We discuss recent progress in code-based cryptography that arguably allows one to profit from both approaches and brings both worlds closer.