**
Adaptive Security with Quasi–Optimal Rate
**

*
Brett Hemenway,
Rafail Ostrovsky,
Silas Richelson,
Alon Rosen
*

**
Abstract:
**

A Multiparty computation protocol is said to be adaptively secure if it retains its security in the presence of an adversary who can adaptively
corrupt participants as the protocol proceeds. This is in contrast to a static
corruption model where the adversary is forced to choose which participants to corrupt before the protocol begins. A central tool for constructing adaptively secure protocols is non –committing encryption (Canetti, Feige, Goldreich and Naor, STOC' 96).
The original protocol Ganetti et al. had ciphertext expansion ͛(Κ^{2}) where k is the security parameter, and prior
to this work, the best known constructions had ciphertext expansion that was either ο(k) under general assumptions, or alternatively
ο(log(n&41;), where nis the length of the message,based on a specific factoring–based hardness assumption.

In this work, we build a new non–committing encryption scheme from lattice problems, and specifically based on the hardness of (Ring) Learning with Errors (LWE). Our scheme achieves ciphertext
expansion as small as polyog(k).Moreover; when instantiated with Ring–LWE, the public–key is od size ɓ( npolylog(k)). All previously proposed scheme had public –keys of size Ω(n^{2}polylog)(k)).

**comment:**
TCC(A1) PP: 525–541 2016

Fetch PDF file of the paper

Back to Publications List |