Star-specific Key-homomorphic PRFs from Learning with Linear Regression

TL;DR

This paper presents a new derandomization technique for the LWE problem using linear regression models and introduces star-specific key-homomorphic PRFs constructed from these derandomized instances, with security based on LWE hardness.

Contribution

It introduces a novel derandomization method for LWE using linear regression and constructs star-specific key-homomorphic PRFs with security reductions, along with bounds on set family sizes.

Findings

Derandomized LWE instances via linear regression models.

Construction of star-specific key-homomorphic PRFs.

Bounds on the size of intersecting set families.

Abstract

We introduce a novel method to derandomize the learning with errors (LWE) problem by generating deterministic yet sufficiently independent LWE instances that are constructed by using linear regression models, which are generated via (wireless) communication errors. We also introduce star-specific key-homomorphic (SSKH) pseudorandom functions (PRFs), which are defined by the respective sets of parties that construct them. We use our derandomized variant of LWE to construct a SSKH PRF family. The sets of parties constructing SSKH PRFs are arranged as star graphs with possibly shared vertices, i.e., the pairs of sets may have non-empty intersections. We reduce the security of our SSKH PRF family to the hardness of LWE. To establish the maximum number of SSKH PRFs that can be constructed -- by a set of parties -- in the presence of passive/active and external/internal adversaries, we prove several bounds on the size of maximally cover-free at most $t$-intersecting $k$-uniform family of sets $\mathcal{H}$, where the three properties are defined as: (i) $k$-uniform: $\forall A \in \mathcal{H}: |A| = k$, (ii) at most $t$-intersecting: $\forall A, B \in \mathcal{H}, B \neq A: |A \cap B| \leq t$, (iii) maximally cover-free: $\forall A \in \mathcal{H}: A \not\subseteq \bigcup\limits_{\substack{B \in \mathcal{H} \\ B \neq A}} B$. For the same purpose, we define and compute the mutual information between different linear regression hypotheses that are generated from overlapping training datasets.