In this paper we introduce the notion of a Public-Key Encryption Scheme that is also a Locally-Decodable Error-Correcting Code (PKLDC). In particular, we allow any polynomial-time adversary to read the entire ciphertext, and corrupt a constant fraction of the bits of the entire ciphertext. Nevertheless, the decoding algorithm can recover any bit of the plaintext with all but negligible probability by reading only a sublinear number of bits of the (corrupted) ciphertext. We give a general construction of a PKLDC from any Semantically-Secure Public Key Encryption (SS-PKE) and any Private Information Retrieval (PIR) protocol. Since Homomorphic encryption implies PIR, we also show a reduction from any Homomorphic encryption protocol to PKLDC. Applying our construction to the best known PIR protocol (that of Gentry and Ramzan), we obtain a PKLDC, which for messages of size n and security parameter k achieves ciphertexts of size , public key of size , and locality of size . This means that for messages of length n∈=∈ω(k 2∈+∈ε ), we can decode a bit of the plaintext from a corrupted ciphertext while doing computation sublinear in n. © International Association for Cryptologic Research 2008.
CITATION STYLE
Hemenway, B., & Ostrovsky, R. (2008). Public-key locally-decodable codes. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5157 LNCS, pp. 126–143). https://doi.org/10.1007/978-3-540-85174-5_8
Mendeley helps you to discover research relevant for your work.