Vis enkel innførsel

Verifiable Decryption for BGV

dc.contributor.authorSilde, Tjerand
dc.date.accessioned2023-11-06T09:54:33Z
dc.date.available2023-11-06T09:54:33Z
dc.date.created2022-08-09T09:57:32Z
dc.date.issued2022
dc.identifier.issn0302-9743
dc.identifier.urihttps://hdl.handle.net/11250/3100728
dc.description.abstractIn this work we present a direct construction for verifiable decryption for the BGV encryption scheme by combining existing zero-knowledge proofs for linear relations and bounded values. This is one of the first constructions of verifiable decryption protocols for lattice-based cryptography, and we give a protocol that is simpler and at least as efficient as the state of the art when amortizing over many ciphertexts. To prove its practicality we provide concrete parameters, resulting in proof size of less than KB for ciphertexts with message space 2048 bits. Furthermore, we provide an open source implementation showing that the amortized cost of the verifiable decryption protocol is only 76 ms per message when batching over ciphertexts.en_US
dc.language.isoengen_US
dc.publisherSpringeren_US
dc.relation.urihttps://eprint.iacr.org/2021/1693.pdf
dc.rightsNavngivelse 4.0 Internasjonal*
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/deed.no*
dc.titleVerifiable Decryption for BGVen_US
dc.title.alternativeVerifiable Decryption for BGVen_US
dc.typePeer revieweden_US
dc.typeJournal articleen_US
dc.description.versionacceptedVersionen_US
dc.source.journalLecture Notes in Computer Science (LNCS)en_US
dc.identifier.doihttps://doi.org/10.1007/978-3-031-32415-4_26
dc.identifier.cristin2041879
cristin.ispublishedfalse
cristin.fulltextpostprint
cristin.qualitycode1


Tilhørende fil(er)

Thumbnail
Filnavn:
BGV.pdf
Størrelse:
426.8Kb
Format:
PDF
Åpne

Denne innførselen finnes i følgende samling(er)

Vis enkel innførsel

Navngivelse 4.0 Internasjonal
Med mindre annet er angitt, så er denne innførselen lisensiert som Navngivelse 4.0 Internasjonal