@article{17006, keywords = {Cryptanalysis, FHE schemes, IND-CCA1}, author = {Martha Hovd and H{\r a}vard Raddum and Prastudy Fauzi}, title = {On the IND-CCA1 Security of FHE Schemes}, abstract = {Fully homomorphic encryption (FHE) is a powerful tool in cryptography that allows one to perform arbitrary computations on encrypted material without having to decrypt it first. There are numerous FHE schemes, all of which are expanded from somewhat homomorphic encryption (SHE) schemes, and some of which are considered viable in practice. However, while these FHE schemes are semantically (IND-CPA) secure, the question of their IND-CCA1 security is much less studied, and we therefore provide an overview of the IND-CCA1 security of all acknowledged FHE schemes in this paper. To give this overview, we group SHE schemes into broad categories based on their similarities and underlying hardness problems. For each category, we show that the SHE schemes are susceptible to either known adaptive key recovery attacks, a natural extension of known attacks, or our proposed attacks. Finally, we discuss the known techniques to achieve IND-CCA1 secure FHE and SHE schemes. We conclude that none of the proposed schemes are IND-CCA1 secure, and that the known general constructions all have their shortcomings.}, year = {2022}, journal = {MDPI Cryptography}, volume = {6}, number = {13}, month = {03/2022}, publisher = {MDPI}, address = {Online}, issn = {2410-387X}, url = {https://www.mdpi.com/2410-387X/6/1/13}, doi = {10.3390/cryptography6010013}, }