Multi-key homomorphic authenticators
Journal article, 2019

Homomorphic authenticators (HAs) enable a client to authenticate a large collection of data elements m1, …, mt and outsource them, along with the corresponding authenticators, to an untrusted server. At any later point, the server can generate a short authenticator σf, y vouching for the correctness of the output y of a function f computed on the outsourced data, i.e. y = f(m1, …, mt). The notion of HAs studied so far, however, only supports executions of computations over data authenticated by a single user. Motivated by realistic scenarios in which large datasets include data provided by multiple users, we study the concept of multi-key homomorphic authenticators. In a nutshell, multi-key HAs are like HAs with the extra feature of allowing the holder of public evaluation keys to compute on data authenticated under different secret keys. In this paper, we introduce and formally define multi-key HAs. Secondly, we propose a construction of a multi-key homomorphic signature based on standard lattices and supporting the evaluation of circuits of bounded polynomial depth. Thirdly, we provide a construction of multi-key homomorphic MACs based only on pseudorandom functions and supporting the evaluation of low-degree arithmetic circuits. © The Institution of Engineering and Technology 2019


Dario Fiore

IMDEA Software Institute

Aikaterini Mitrokotsa

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Luca Nizzardo

Technical University of Madrid

IMDEA Software Institute

Elena Pagnin

Chalmers, Computer Science and Engineering (Chalmers), Information Security

IET Information Security

1751-8709 (ISSN) 17518717 (eISSN)

Vol. 13 6 618-638

Areas of Advance

Information and Communication Technology

Subject Categories

Media Engineering

Computer Science

Computer Systems



More information

Latest update