同态见证加密及其应用

IF 1.5 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Network Management Pub Date : 2024-09-20 DOI:10.1002/nem.2303

Yuzhu Wang, Xingbo Wang, Mingwu Zhang

{"title":"同态见证加密及其应用","authors":"Yuzhu Wang, Xingbo Wang, Mingwu Zhang","doi":"10.1002/nem.2303","DOIUrl":null,"url":null,"abstract":"<div>\n \n In witness encryption (WE), an instance <math>\n <semantics>\n <mrow>\n <mi>x</mi>\n </mrow>\n <annotation>$$ x $$</annotation>\n </semantics></math> of an NP problem is allowed to be used to encrypt a message, and who holding a witness of the problem can efficiently decrypt the ciphertext. In this work, we put forth the concept of homomorphic witness encryption (HWE), where one can evaluate functions over ciphertexts of the same instance without decrypting them, that is, one can manipulate a set of ciphertexts with messages <math>\n <semantics>\n <mrow>\n <mo>(</mo>\n <msub>\n <mrow>\n <mi>M</mi>\n </mrow>\n <mrow>\n <mn>1</mn>\n </mrow>\n </msub>\n <mo>,</mo>\n <mo>⋯</mo>\n <mspace></mspace>\n <mo>,</mo>\n <msub>\n <mrow>\n <mi>M</mi>\n </mrow>\n <mrow>\n <mi>n</mi>\n </mrow>\n </msub>\n <mo>)</mo>\n </mrow>\n <annotation>$$ \\left({M}_1,\\cdots, {M}_n\\right) $$</annotation>\n </semantics></math> to obtain the evaluation of <math>\n <semantics>\n <mrow>\n <mi>f</mi>\n <mo>(</mo>\n <msub>\n <mrow>\n <mi>M</mi>\n </mrow>\n <mrow>\n <mn>1</mn>\n </mrow>\n </msub>\n <mo>,</mo>\n <mo>⋯</mo>\n <mspace></mspace>\n <mo>,</mo>\n <msub>\n <mrow>\n <mi>M</mi>\n </mrow>\n <mrow>\n <mi>n</mi>\n </mrow>\n </msub>\n <mo>)</mo>\n </mrow>\n <annotation>$$ f\\left({M}_1,\\cdots, {M}_n\\right) $$</annotation>\n </semantics></math>, for any function <math>\n <semantics>\n <mrow>\n <mi>f</mi>\n </mrow>\n <annotation>$$ f $$</annotation>\n </semantics></math>. We declare that such homomorphic witness encryption schemes can be generically constructed from indistinguishable obfuscation (<math>\n <semantics>\n <mrow>\n <mi>i</mi>\n <mi>O</mi>\n </mrow>\n <annotation>$$ i\\mathcal{O} $$</annotation>\n </semantics></math>) for any classes of functions. Then we propose the instantiate of multiplicatively homomorphic witness encryption (MHWE) and linearly homomorphic witness encryption (LHWE) using an <math>\n <semantics>\n <mrow>\n <mi>i</mi>\n <mi>O</mi>\n </mrow>\n <annotation>$$ i\\mathcal{O} $$</annotation>\n </semantics></math>, homomorphic encryption for NP problems such as Subset-Sum and a batch-processed GS-proof system, which enables us to evaluate multiplication operations and linear operations over ciphertext. Furthermore, we show the practicality of homomorphic witness encryption by proposing new protocols for applications of interest, such as homomorphic time-lock encryption, multi-party contract signing, and e-voting.\n </div>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"35 1","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2024-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Homomorphic Witness Encryption and Its Applications\",\"authors\":\"Yuzhu Wang, Xingbo Wang, Mingwu Zhang\",\"doi\":\"10.1002/nem.2303\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>\\n \\n In witness encryption (WE), an instance <math>\\n <semantics>\\n <mrow>\\n <mi>x</mi>\\n </mrow>\\n <annotation>$$ x $$</annotation>\\n </semantics></math> of an NP problem is allowed to be used to encrypt a message, and who holding a witness of the problem can efficiently decrypt the ciphertext. In this work, we put forth the concept of homomorphic witness encryption (HWE), where one can evaluate functions over ciphertexts of the same instance without decrypting them, that is, one can manipulate a set of ciphertexts with messages <math>\\n <semantics>\\n <mrow>\\n <mo>(</mo>\\n <msub>\\n <mrow>\\n <mi>M</mi>\\n </mrow>\\n <mrow>\\n <mn>1</mn>\\n </mrow>\\n </msub>\\n <mo>,</mo>\\n <mo>⋯</mo>\\n <mspace></mspace>\\n <mo>,</mo>\\n <msub>\\n <mrow>\\n <mi>M</mi>\\n </mrow>\\n <mrow>\\n <mi>n</mi>\\n </mrow>\\n </msub>\\n <mo>)</mo>\\n </mrow>\\n <annotation>$$ \\\\left({M}_1,\\\\cdots, {M}_n\\\\right) $$</annotation>\\n </semantics></math> to obtain the evaluation of <math>\\n <semantics>\\n <mrow>\\n <mi>f</mi>\\n <mo>(</mo>\\n <msub>\\n <mrow>\\n <mi>M</mi>\\n </mrow>\\n <mrow>\\n <mn>1</mn>\\n </mrow>\\n </msub>\\n <mo>,</mo>\\n <mo>⋯</mo>\\n <mspace></mspace>\\n <mo>,</mo>\\n <msub>\\n <mrow>\\n <mi>M</mi>\\n </mrow>\\n <mrow>\\n <mi>n</mi>\\n </mrow>\\n </msub>\\n <mo>)</mo>\\n </mrow>\\n <annotation>$$ f\\\\left({M}_1,\\\\cdots, {M}_n\\\\right) $$</annotation>\\n </semantics></math>, for any function <math>\\n <semantics>\\n <mrow>\\n <mi>f</mi>\\n </mrow>\\n <annotation>$$ f $$</annotation>\\n </semantics></math>. We declare that such homomorphic witness encryption schemes can be generically constructed from indistinguishable obfuscation (<math>\\n <semantics>\\n <mrow>\\n <mi>i</mi>\\n <mi>O</mi>\\n </mrow>\\n <annotation>$$ i\\\\mathcal{O} $$</annotation>\\n </semantics></math>) for any classes of functions. Then we propose the instantiate of multiplicatively homomorphic witness encryption (MHWE) and linearly homomorphic witness encryption (LHWE) using an <math>\\n <semantics>\\n <mrow>\\n <mi>i</mi>\\n <mi>O</mi>\\n </mrow>\\n <annotation>$$ i\\\\mathcal{O} $$</annotation>\\n </semantics></math>, homomorphic encryption for NP problems such as Subset-Sum and a batch-processed GS-proof system, which enables us to evaluate multiplication operations and linear operations over ciphertext. Furthermore, we show the practicality of homomorphic witness encryption by proposing new protocols for applications of interest, such as homomorphic time-lock encryption, multi-party contract signing, and e-voting.\\n </div>\",\"PeriodicalId\":14154,\"journal\":{\"name\":\"International Journal of Network Management\",\"volume\":\"35 1\",\"pages\":\"\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2024-09-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Network Management\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1002/nem.2303\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Network Management","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/nem.2303","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

在见证加密（WE）中，允许使用NP问题的实例x $$ x $$对消息进行加密，并且持有该问题的见证的人可以有效地解密密文。在这项工作中，我们提出了同态见证加密（HWE）的概念，其中可以在不解密的情况下对同一实例的密文进行函数评估，即可以操作一组具有消息(m1，⋯，M n) $$ \left({M}_1,\cdots, {M}_n\right) $$得到f （m1）的取值，，⋯,M n) $$ f\left({M}_1,\cdots, {M}_n\right) $$，对于任何函数f $$ f $$。我们声明，这种同态见证加密方案可以从不可区分的混淆（i O $$ i\mathcal{O} $$）中构造，适用于任何函数类。然后，我们提出了乘性同态见证加密（MHWE）和线性同态见证加密（LHWE）的实例化，使用i O $$ i\mathcal{O} $$，子集和等NP问题的同态加密和批处理的gs证明系统，使我们能够对密文的乘法运算和线性运算进行评估。此外，我们通过为感兴趣的应用程序（如同态时间锁加密、多方合同签名和电子投票）提出新的协议，展示了同态见证加密的实用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

Homomorphic Witness Encryption and Its Applications

查看原文本刊更多论文

Homomorphic Witness Encryption and Its Applications

In witness encryption (WE), an instance $x$ of an NP problem is allowed to be used to encrypt a message, and who holding a witness of the problem can efficiently decrypt the ciphertext. In this work, we put forth the concept of homomorphic witness encryption (HWE), where one can evaluate functions over ciphertexts of the same instance without decrypting them, that is, one can manipulate a set of ciphertexts with messages $(M_{1}, \dots, M_{n})$ to obtain the evaluation of $f (M_{1}, \dots, M_{n})$ , for any function $f$ . We declare that such homomorphic witness encryption schemes can be generically constructed from indistinguishable obfuscation ( $i O$ ) for any classes of functions. Then we propose the instantiate of multiplicatively homomorphic witness encryption (MHWE) and linearly homomorphic witness encryption (LHWE) using an $i O$ , homomorphic encryption for NP problems such as Subset-Sum and a batch-processed GS-proof system, which enables us to evaluate multiplication operations and linear operations over ciphertext. Furthermore, we show the practicality of homomorphic witness encryption by proposing new protocols for applications of interest, such as homomorphic time-lock encryption, multi-party contract signing, and e-voting.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Network Management COMPUTER SCIENCE, INFORMATION SYSTEMS-TELECOMMUNICATIONS

CiteScore

5.10

自引率

6.70%

发文量

审稿时长

>12 weeks

期刊介绍： Modern computer networks and communication systems are increasing in size, scope, and heterogeneity. The promise of a single end-to-end technology has not been realized and likely never will occur. The decreasing cost of bandwidth is increasing the possible applications of computer networks and communication systems to entirely new domains. Problems in integrating heterogeneous wired and wireless technologies, ensuring security and quality of service, and reliably operating large-scale systems including the inclusion of cloud computing have all emerged as important topics. The one constant is the need for network management. Challenges in network management have never been greater than they are today. The International Journal of Network Management is the forum for researchers, developers, and practitioners in network management to present their work to an international audience. The journal is dedicated to the dissemination of information, which will enable improved management, operation, and maintenance of computer networks and communication systems. The journal is peer reviewed and publishes original papers (both theoretical and experimental) by leading researchers, practitioners, and consultants from universities, research laboratories, and companies around the world. Issues with thematic or guest-edited special topics typically occur several times per year. Topic areas for the journal are largely defined by the taxonomy for network and service management developed by IFIP WG6.6, together with IEEE-CNOM, the IRTF-NMRG and the Emanics Network of Excellence.