On lattices, learning with errors, random linear codes, and cryptography
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Evaluating branching programs on encrypted data
TCC'07 Proceedings of the 4th conference on Theory of cryptography
A fully homomorphic encryption scheme
A fully homomorphic encryption scheme
The Learning with Errors Problem (Invited Survey)
CCC '10 Proceedings of the 2010 IEEE 25th Annual Conference on Computational Complexity
Additively homomorphic encryption with d-operand multiplications
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Implementing Gentry's fully-homomorphic encryption scheme
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Fully homomorphic encryption over the integers with shorter public keys
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Fully homomorphic encryption from ring-LWE and security for key dependent messages
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Evaluating 2-DNF formulas on ciphertexts
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Fully homomorphic encryption with relatively small key and ciphertext sizes
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
On ideal lattices and learning with errors over rings
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Fully homomorphic encryption over the integers
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
Fully homomorphic encryption with polylog overhead
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Multiparty computation with low communication, computation and interaction via threshold FHE
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Securing cloud-based computations against malicious providers
ACM SIGOPS Operating Systems Review
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Shift-type homomorphic encryption and its application to fully homomorphic encryption
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Securing cloud-based computations against malicious providers
Proceedings of the 1st European Workshop on Dependable Cloud Computing
Towards an interpreter for efficient encrypted computation
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
Zero-Knowledge proofs with low amortized communication from lattice assumptions
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Implementing AES via an actively/covertly secure dishonest-majority MPC protocol
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Homomorphic encryption for multiplications and pairing evaluation
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Proceedings of the 4th conference on Innovations in Theoretical Computer Science
A fully homomorphic cryptosystem with approximate perfect secrecy
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
ML confidential: machine learning on encrypted data
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Reusable garbled circuits and succinct functional encryption
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
Classical hardness of learning with errors
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
Secure pattern matching using somewhat homomorphic encryption
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Private database queries using somewhat homomorphic encryption
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Cryptanalysis of Brenner et al.'s somewhat homomorphic encryption scheme
AISC '13 Proceedings of the Eleventh Australasian Information Security Conference - Volume 138
On Ideal Lattices and Learning with Errors over Rings
Journal of the ACM (JACM)
Lattice-based FHE as secure as PKE
Proceedings of the 5th conference on Innovations in theoretical computer science
Fully homomorphic SIMD operations
Designs, Codes and Cryptography
Field switching in BGV-style homomorphic encryption
Journal of Computer Security - Advances in Security for Communication Networks
Hi-index | 0.01 |
We present a novel approach to fully homomorphic encryption (FHE) that dramatically improves performance and bases security on weaker assumptions. A central conceptual contribution in our work is a new way of constructing leveled fully homomorphic encryption schemes (capable of evaluating arbitrary polynomial-size circuits), without Gentry's bootstrapping procedure. Specifically, we offer a choice of FHE schemes based on the learning with error (LWE) or ring-LWE (RLWE) problems that have 2λ security against known attacks. For RLWE, we have: • A leveled FHE scheme that can evaluate L-level arithmetic circuits with Õ(λ · L3) per-gate computation -- i.e., computation quasi-linear in the security parameter. Security is based on RLWE for an approximation factor exponential in L. This construction does not use the bootstrapping procedure. • A leveled FHE scheme that uses bootstrapping as an optimization, where the per-gate computation (which includes the bootstrapping procedure) is Õ(λ2), independent of L. Security is based on the hardness of RLWE for quasi-polynomial factors (as opposed to the sub-exponential factors needed in previous schemes). We obtain similar results to the above for LWE, but with worse performance. Based on the Ring LWE assumption, we introduce a number of further optimizations to our schemes. As an example, for circuits of large width -- e.g., where a constant fraction of levels have width at least λ -- we can reduce the per-gate computation of the bootstrapped version to Õ(λ), independent of L, by batching the bootstrapping operation. Previous FHE schemes all required Ω(λ3.5) computation per gate. At the core of our construction is a much more effective approach for managing the noise level of lattice-based ciphertexts as homomorphic operations are performed, using some new techniques recently introduced by Brakerski and Vaikuntanathan (FOCS 2011).