Difference between revisions of "CertSGN"
Line 14: | Line 14: | ||
Given a monoid <math> M </math> and any commutative ring <math> R </math> with unity, one can associate to these an algebra <math>R[M] </math>. As an <math>R</math>-module, the monoid algebra <math> R[M]</math> is free with a basis consisting of the symbols <math>[x] </math>, where <math>x \in M </math>. | Given a monoid <math> M </math> and any commutative ring <math> R </math> with unity, one can associate to these an algebra <math>R[M] </math>. As an <math>R</math>-module, the monoid algebra <math> R[M]</math> is free with a basis consisting of the symbols <math>[x] </math>, where <math>x \in M </math>. | ||
+ | |||
+ | The multiplication in this algebra is defined by extending <math> [x] \cdot [y] = [xy]</math> in an <math>R</math>-bilinear manner. Any element <math> a \in R[M]</math> has a unique representation | ||
+ | |||
+ | <center><math> a = \sum_{x \in M} a_x[x],</math> </center> | ||
+ | |||
+ | where <math>a_x=0 </math> for all but finitely many <math> x\in M </math>. The product of two elements <math>a,b \in R[M] </math> is given by | ||
+ | |||
+ | <center><math> ab = \sum_{x \in M} \left( \sum_{yz=x} a_yb_z \right)[x]. </math> </center> | ||
+ | |||
+ | We note that the identity element with respect to multiplication is <math>1[e] </math>, where <math> e</math> is the identity element of <math> M</math>. If <math> M </math> is a group then the monoid algebra described above is called a group algebra. | ||
+ | |||
+ | If <math>M,N </math> are two monoids, a monoid homomorphism <math>\phi : M \to N </math> induces a natural <math>R</math>-algebra homomorphism <math>\phi_R : R[M] \to R[N] </math>. | ||
+ | |||
+ | We also remark that for any <math>R</math>-algebra <math> A </math>, there is a natural <math>R</math>-algebra homomorphism <math> \epsilon : R[A] \to A </math> given by | ||
+ | |||
+ | <center><math>\epsilon \left( \sum_{x \in R} r_x[x] \right) = \sum_{x \in R} r_x x</math>.</center> | ||
+ | |||
+ | === The patented blueprint === |
Revision as of 14:24, 21 December 2020
We will briefly describe here the contributions of the article[1], in which members of the certSign research group introduced a new method for producing the following:
- Starting with an encryption scheme which is homomorphic with respect to one operation (such as multiplication), the recipe of the authors produces another encryption scheme which is now homomorphic with respect to two operations (for example, addition and multiplication).
The authors use this technique to construct examples of encryption schemes that, theoretically can handle any algebraic function on encrypted data.
The homomorphic encryption scheme CSGN, a symmetric homomorphic encryption scheme with plaintext (the field with two elements) was introduced in the same article. The latter plays an essential role the architecture of a privacy-preserving contact tracing application, developed by certSign as part of the TAMEC project. [2]
The content of the article is protected under the law by two patents. [3]
Ring homomorphic encryption schemes from monoidal ones. The blueprint
Given a monoid and any commutative ring with unity, one can associate to these an algebra . As an -module, the monoid algebra is free with a basis consisting of the symbols , where .
The multiplication in this algebra is defined by extending in an -bilinear manner. Any element has a unique representation
where for all but finitely many . The product of two elements is given by
We note that the identity element with respect to multiplication is , where is the identity element of . If is a group then the monoid algebra described above is called a group algebra.
If are two monoids, a monoid homomorphism induces a natural -algebra homomorphism .
We also remark that for any -algebra , there is a natural -algebra homomorphism given by
The patented blueprint
- ↑ M. Barcau and V. Pasol, Bounded Fully Homomorphic Encryption from Monoid Algebras, https://eprint.iacr.org/2018/584
- ↑ https://www.certsign.ro/en/projects
- ↑ U.S. Patent Appln. No. 14/936,097 and European Patent Appln. No. EP 15193706.7