Bultel, Xavier; Das, Manik Lal; Gajera, Hardik; Gérault, David; Giraud, Matthieu; Lafourcade, Pascal Verifiable private polynomial evaluation. (English) Zbl 1439.94021 Okamoto, Tatsuaki (ed.) et al., Provable security. 11th international conference, ProvSec 2017, Xi’an, China, October 23–25, 2017. Proceedings. Cham: Springer. Lect. Notes Comput. Sci. 10005, 487-506 (2017). Summary: Delegating the computation of a polynomial to a server in a verifiable way is challenging. An even more challenging problem is ensuring that this polynomial remains hidden to clients who are able to query such a server. In this paper, we formally define the notion of Private Polynomial Evaluation (PPE). Our main contribution is to design a rigorous security model along with relations between the different security properties. We define polynomial protection (PP), proof unforgeability (UNF), and indistinguishability against chosen function attack (IND-CFA), which formalizes the resistance of a PPE against attackers trying to guess which polynomial is used among two polynomials of their choice. As a second contribution, we give a cryptanalysis of two PPE schemes of the literature. Finally, we design a PPE scheme called PIPE and we prove that it is PP, UNF- and IND-CFA-secure under the decisional Diffie-Hellman assumption in the random oracle model.For the entire collection see [Zbl 1426.94002]. Cited in 1 ReviewCited in 1 Document MSC: 94A60 Cryptography 68P25 Data encryption (aspects in computer science) 68P27 Privacy of data PDFBibTeX XMLCite \textit{X. Bultel} et al., Lect. Notes Comput. Sci. 10005, 487--506 (2017; Zbl 1439.94021) Full Text: DOI HAL