TY - GEN
T1 - Robust Additive Randomized Encodings from IO and Pseudo-Non-linear Codes
AU - Bitansky, Nir
AU - Freizeit, Sapir
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2024.
PY - 2024
Y1 - 2024
N2 - Additive randomized encodings (ARE), introduced by Halevi, Ishai, Kushilevitz, and Rabin (CRYPTO 2023), reduce the computation of a k-party function f(x1,⋯,xk) to locally computing encodings x^i of each input xi and then adding them together over some Abelian group into an output encoding y^=∑x^i, which reveals nothing but the result. In robust ARE (RARE) the sum of any subset of x^i, reveals only the residual function obtained by restricting the corresponding inputs. The appeal of (R)ARE comes from the simplicity of the interactive part of the computation, involving only addition, which yields for instance non-interactive multi-party computation in the shuffle model where messages from different parties are anonymously shuffled. Halevi, Ishai, Kushilevitz, and Rabin constructed ARE from standard assumptions and RARE in the ideal obfuscation model, leaving open the question of whether RARE can be constructed in the plain model. We construct RARE in the plain model from indistinguishability obfuscation, which is necessary, and a new primitive that we call pseudo-non-linear codes. We provide two constructions of this primitive assuming either Learning with Errors or Decision Diffie Hellman. A bonus feature of our construction is that it is succinct. Specifically, encodings x^i can be decomposed to non-interactive parts z^i, generated in time proportional to the input size, and sent directly to the evaluator, and group parts g^i that are added together, and whose size depends only on the security parameter.
AB - Additive randomized encodings (ARE), introduced by Halevi, Ishai, Kushilevitz, and Rabin (CRYPTO 2023), reduce the computation of a k-party function f(x1,⋯,xk) to locally computing encodings x^i of each input xi and then adding them together over some Abelian group into an output encoding y^=∑x^i, which reveals nothing but the result. In robust ARE (RARE) the sum of any subset of x^i, reveals only the residual function obtained by restricting the corresponding inputs. The appeal of (R)ARE comes from the simplicity of the interactive part of the computation, involving only addition, which yields for instance non-interactive multi-party computation in the shuffle model where messages from different parties are anonymously shuffled. Halevi, Ishai, Kushilevitz, and Rabin constructed ARE from standard assumptions and RARE in the ideal obfuscation model, leaving open the question of whether RARE can be constructed in the plain model. We construct RARE in the plain model from indistinguishability obfuscation, which is necessary, and a new primitive that we call pseudo-non-linear codes. We provide two constructions of this primitive assuming either Learning with Errors or Decision Diffie Hellman. A bonus feature of our construction is that it is succinct. Specifically, encodings x^i can be decomposed to non-interactive parts z^i, generated in time proportional to the input size, and sent directly to the evaluator, and group parts g^i that are added together, and whose size depends only on the security parameter.
UR - http://www.scopus.com/inward/record.url?scp=85202298945&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85202298945&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-68397-8_4
DO - 10.1007/978-3-031-68397-8_4
M3 - Conference contribution
AN - SCOPUS:85202298945
SN - 9783031683961
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 109
EP - 135
BT - Advances in Cryptology – CRYPTO 2024 - 44th Annual International Cryptology Conference, Proceedings
A2 - Reyzin, Leonid
A2 - Stebila, Douglas
PB - Springer Science and Business Media Deutschland GmbH
T2 - 44th Annual International Cryptology Conference, CRYPTO 2024
Y2 - 18 August 2024 through 22 August 2024
ER -