Multi-key homomorphic authenticators
Artikel i vetenskaplig tidskrift, 2019

Homomorphic authenticators (HAs) enable a client to authenticate a large collection of data elements m1, …, mt and outsource them, along with the corresponding authenticators, to an untrusted server. At any later point, the server can generate a short authenticator σf, y vouching for the correctness of the output y of a function f computed on the outsourced data, i.e. y = f(m1, …, mt). The notion of HAs studied so far, however, only supports executions of computations over data authenticated by a single user. Motivated by realistic scenarios in which large datasets include data provided by multiple users, we study the concept of multi-key homomorphic authenticators. In a nutshell, multi-key HAs are like HAs with the extra feature of allowing the holder of public evaluation keys to compute on data authenticated under different secret keys. In this paper, we introduce and formally define multi-key HAs. Secondly, we propose a construction of a multi-key homomorphic signature based on standard lattices and supporting the evaluation of circuits of bounded polynomial depth. Thirdly, we provide a construction of multi-key homomorphic MACs based only on pseudorandom functions and supporting the evaluation of low-degree arithmetic circuits. © The Institution of Engineering and Technology 2019


Dario Fiore

IMDEA Software Institute

Aikaterini Mitrokotsa

Chalmers, Data- och informationsteknik, Nätverk och system

Luca Nizzardo

Universidad Politecnica de Madrid

IMDEA Software Institute

Elena Pagnin

Chalmers, Data- och informationsteknik, Informationssäkerhet

IET Information Security

1751-8709 (ISSN) 17518717 (eISSN)

Vol. 13 6 618-638


Informations- och kommunikationsteknik



Datavetenskap (datalogi)




Mer information

Senast uppdaterat