Additively homomorphic encryption with a double decryption mechanism, revisited

Andreas Peter, M. Kronberg, W. Trei, S. Katzenbeisser

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    5 Citations (Scopus)
    152 Downloads (Pure)


    We revisit the notion of additively homomorphic encryption with a double decryption mechanism (DD-PKE), which allows for additions in the encrypted domain while having a master decryption procedure that can decrypt all properly formed ciphertexts by using a special master secret. This type of encryption is generally considered as a practical way to enforce access control in hierachical organisations where some form of malleability properties are required. Up to now, only two additively homomorphic DD-PKE schemes have been proposed: CS-Lite by Cramer and Shoup (Eurocrypt 2002), and a variant called BCP by Bresson, Catalano and Pointcheval (Asiacrypt 2003). In this work, we argue that the two existing schemes only provide partial solutions for hierarchical organisations. Essentially, this is due to the fact that the master authority, being in possession of the master secret, has no control on the validity of given ciphertexts. We say that the master is unable to “detect invalid ciphertexts‿, which limits the employment of such schemes in practice. Therefore, we propose the first additively homomorphic DD-PKE scheme which allows the master to detect invalid ciphertexts. In fact, our scheme has the additional property that the master decryption is independent of the users’ public keys. Our solution is based on elliptic curves over rings and we prove it to be semantically secure under a DDH-related assumption. Moreover, we give experimental results on the choice of elliptic curves and their effect on the efficiency of our scheme’s setup.
    Original languageUndefined
    Title of host publication15th International Conference on Information Security, ISC 2012
    Place of PublicationBerlin
    Number of pages16
    ISBN (Print)978-3-642-33383-5
    Publication statusPublished - Sep 2012
    Event15th International Conference on Information Security, ISC 2012 - Passau, Germany
    Duration: 19 Sep 201221 Sep 2012
    Conference number: 15

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    ISSN (Print)1611-3349


    Conference15th International Conference on Information Security, ISC 2012
    Abbreviated titleISC


    • SCS-Cybersecurity
    • METIS-297667
    • Additively
    • Revisited
    • Decryption
    • Factoring
    • Elliptic Curves
    • Homomorphic
    • Homomorphic Encryption
    • Encryption
    • Public key cryptography
    • IR-86178
    • Double Decryption Mechanisms
    • Mechanism
    • EWI-23389

    Cite this