Implementing Attacks on the Approximate Greatest Common Divisor Problem
The security of many fully homomorphic encryption (FHE) schemes is guaranteed by the difficulty of the approximate greatest common divisor (AGCD) problem. Therefore, the study of AGCD problem is of great significance to the security of the fully homomorphic encryption. This paper surveys three kinds of attacks on the AGCD problem, i.e. exhaustive search attack, simultaneous Diophantine approximation (SDA) attack and the orthogonal lattice (OL) attack. We utilize the Number Theory Library (NTL) to implement the SDA attack and the optimized OL attack on the AGCD problem. Comparisons are performed based on the experimental results to illustrate that the exhaustive search attack can be easily defended just by increasing the size of ρ. And increasing the length of the public key is the most effective way to defend SDA attack and OL attack. Meanwhile, we concluded that the success rate of SDA attack and OL attack can be improved by increasing the dimension of lattice at the expense of a certain time efficiency. In addition, the analysis and experiments show that the fully homomorphic computing efficiency of FHE scheme can’t be improved by simply increasing the private key without appropriately increasing the size of public key. Otherwise, the FHE scheme is vulnerable to OL and SDA attack. Besides, experimental results show that optimized OL attack performs better than both classical OL attack and SDA attack in terms of attack success rate and the time efficiency.
KeywordsApproximate greatest common divisor problem Orthogonal lattice attack Simultaneous diophantine approximation attack Lattice reduction algorithm
First of all, I would like to thank my mentor Professor Baocang Wang and Professor Hailou Yao. When I was puzzled to solve the AGCD problem, it was Professor Wang’s appropriate advice that guides me. In addition, when I wrote my paper, Professor Wang and Professor Yao also gave me many valuable opinions and suggestions which benefited me a lot. In the end, I would like to express my heartfelt thanks to Professor Wang and Professor Yao for their concern and help.
This work is supported by the National Key R&D Program of China under Grant No. 2017YFB0802000, the National Natural Science Foundation of China under Grant Nos. 61572390, U1736111, the National Cryptography Development Fund under Grant No. MMJJ20180111, the Plan For Scientific Innovation Talent of Henan Province under Grand no. 184100510012, the Program for Science & Technology Innovation Talents in Universities of Henan Province under Grant No. 8HASTIT022, the Innovation Scientists and Technicians Troop Construction Projects of Henan Province.
- 1.Gentry, C.: Fully homomorphic encryption using hidden ideal lattice. In: Proceedings of the 41st Annual ACM Symposium on Symposium on Theory of Computing-STOC 2009, pp. 169–178. ACM (2009)Google Scholar
- 3.Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. In: Foundations of Computer Science (FOCS). 2011 IEEE 52nd Annual Symposium on IEEE, 97–106 (2011)Google Scholar
- 7.Coron, J.-S., Naccache, D., Tibouchi, M.: Public key compression and modulus switching for fully homomorphic encryption over the integers. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 446–464. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_27CrossRefGoogle Scholar
- 17.Novocin, A., Stehl´e, D., Villard, G.: An LLL-reduction algorithm with quasi-linear time complexity: extended abstract. In: Proceedings of the Fortythird Annual ACM Symposium on Theory of Computing, STOC 2011, pp. 403–412. ACM, New York (2011)Google Scholar
- 18.Aono, Y., Wang, Y., Hayashi, T., Takagi, T.: Improved progressive BKZ algorithms and their precise cost estimation by sharp simulator. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 789–819. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_30CrossRefGoogle Scholar
- 19.Meixia, L., Yunfei, F.: LLL algorithm and application. J. Chongqing Vocat. Tech. Inst. 16(2), 161–163 (2007)Google Scholar
- 20.Chen, L., Ben, H., Huang, J.: An encryption depth optimization scheme for fully homomorphic encryption. In: International Conference on Identification, Information and Knowledge in the Internet of Thingsm Beijing, pp. 137–141 (2014)Google Scholar
- 22.Chen, Y., Nguyen, P.Q.: Faster algorithms for approximate common divisors: breaking fully-homomorphic-encryption challenges over the integers. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 502–519. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_30CrossRefGoogle Scholar
- 23.Challa, R., VijayaKumari, G., Sunny, B.: Secure Image processing using LWE based Homomorphic encryption. In: IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT). Coimbatore, pp. 1–6 (2015)Google Scholar
- 28.Jintai, D., Chengdong, T.: A new algorithm for solving the general approximate common divisors problem and cryptanalysis of the FHE based on the GACD problem. Cryptology ePrint Archive, Report 2014/042 (2014). http://eprint.iacr.org/
- 29.Lepoint, T.: Design and implementation of lattice-based cryptography. Theses, Ecole Normale Sup´erieure de Paris - ENS Paris, June 2014Google Scholar
- 31.Galbraith, S.D., Gebregiyorgis, S.W., Murphy, S.D.: Algorithms for the approximate common divisor problem. In: Proceedings of Twelfth Algorithmic Number Theory Symposium (ANTS-XII) (2016)Google Scholar
- 33.Xu, J., Sarkar, S., Hu, L.: Revisiting orthogonal lattice attacks on approximate common divisor problems and their applications. Cryptology ePrint Archive: Report 2018/1208, pp. 6–11 (2018)Google Scholar