microsoft / SEAL

Microsoft SEAL is an easy-to-use and powerful homomorphic encryption library.
https://www.microsoft.com/en-us/research/group/cryptography-research/
MIT License
3.6k stars 709 forks source link

solve cca attack ? #584

Open pedroelbanquero opened 2 years ago

pedroelbanquero commented 2 years ago

Is this attack solved ?

image

https://arxiv.org/pdf/1906.07127.pdf

V

WeiDaiWD commented 2 years ago

HE schemes are not CCA secure. See "correct use of Microsoft SEAL".

pedroelbanquero commented 2 years ago

ciphertexts should be treated as private information only available to the secret key owner, as sharing decryptions of ciphertexts may in some cases lead to leaking the secret key. If it is absolutely necessary to share information about the decryption of a ciphertext, for example when building a protocol of some kind, the number of bits shared should be kept to a minimum, and secret keys should be rotated regularly. .....

what protects , if somebody read the cypher text and you can read extracting the secret key ?, seems no many sense in this case this scheme , if you read a cypher text and you have computation key you can derive directly secret key, or encrypt something you know the decrypted result, and no secret , if you assume something is 0 or word "cake" or anything else you can crack database to leak keys

what kind of sense have just protect who knows the secret key .... ? and is not true because who know the public know the secret ....

WeiDaiWD commented 1 year ago

Sorry, would you please rephrase your question? I didn't understand most of your reply.