Evaluate (pk,C,[c.sub.1] [c.sub.2],...,[c.sub.t]) Given a circuit C with t input bits, and t ciphertexts
[c.sub.i], apply the addition and multiplication gates of C to the ciphertexts
, perform all the additions and multiplications over integers, and return the resulting in integers.
SEAL produces smaller sizes of ciphertexts
than HElib and it consumes few energy consumptions, though the massive energy is consumed in transmission due to the large ciphertexts
in both HElib and SEAL.
algorithms in common use, nearly all ciphertexts
can be decrypted to
We prove that our proposed scheme satisfies the ciphertext
and trapdoor indistinguishability in the random oracle .
The main idea of this attack is to collect pairs of correct and faulty ciphertexts
by injecting adequate faults and use them to distinguish where the faults are injected.
RSA can defend against Brute Force attacks, Mathematical attacks, Timing attacks and Chosen Ciphertext
However, in our case, there could be several ciphertexts
[c.sub.1], [c.sub.2], ..., [c.sub.L] encrypted under the same key.
Only the accessors with attributes that satisfy access policy can decrypt ciphertext
To be compatible with the data aggregation, we also propose a linearly homomorphic signature scheme which is used to sign the ciphertext
of metering data.
We define the security of our scheme as advantage, in other words, the distinguishing probability of l ciphertexts
and l random numbers.
In a KP-ABE system, ciphertexts
are labeled by the sender with a set of descriptive attributes, and users' private keys are issued by the trusted attribute authority are associated with access structures that specify which type of ciphertexts
the key can decrypt.