International Association for Cryptologic Research

International Association
for Cryptologic Research


Large Message Homomorphic Secret Sharing from DCR and Applications

Jaspal Singh , Oregon State University
Lawrence Roy , Oregon State University
DOI: 10.1007/978-3-030-84252-9_23 (login may be required)
Search ePrint
Search Google
Conference: CRYPTO 2021
Abstract: We present the first homomorphic secret sharing (HSS) construction that simultaneously (1) has negligible correctness error, (2) supports integers from an exponentially large range, and (3) relies on an assumption not known to imply FHE --- specifically, the Decisional Composite Residuosity (DCR) assumption. This resolves an open question posed by Boyle, Gilboa, and Ishai (Crypto 2016). Homomorphic secret sharing is analogous to fully-homomorphic encryption, except the ciphertexts are shared across two non-colluding evaluators. Previous constructions of HSS either had non-negligible correctness error and polynomial-size plaintext space or were based on the stronger LWE assumption. We also present two applications of our technique: a multi-server ORAM with constant bandwidth overhead, and a rate-$1$ trapdoor hash function with negligible error rate.
Video from CRYPTO 2021
  title={Large Message Homomorphic Secret Sharing from DCR and Applications},
  author={Jaspal Singh and Lawrence Roy},