Security Notions for the VeraGreg Framework and Their Reductions

Abstract

Homomorphic encryption enables computations with encrypted data, however, in its plain form, it does not guarantee that the computation has been performed honestly. For the Fully Homomorphic Encryption (FHE), a verifiable variant emerged soon after the introduction of FHE itself, for a single-operation homomorphic encryption (HE), particular verifiable variant has been introduced recently, called the VeraGreg Framework. In this paper, we identify a weakness of List Non-Malleability as defined for the VeraGreg framework—an analogy to the classical Non-Malleability—and define a stronger variant, which addresses the weakness and which we show not to be strengthenable any more. Next, we suggest a decomposition of the abstract VeraGreg framework, introduce novel notions of security for the resulting components and show some reductions between them and/or their combinations. We conjecture that VeraGreg achieves the strongest (and desirable) security guarantee if and only if its building blocks achieve certain, much more tangible properties. Finally, we suggest a simplification to the original VeraGreg instantiation, which now relies on hardness of particular kind of the famous Shortest Vector Problem for lattices.