LWR-Based Fully Homomorphic Encryption, Revisited

被引:9
作者
Luo, Fucai [1 ,2 ,3 ]
Wang, Fuqun [4 ,5 ]
Wang, Kunpeng [1 ,2 ,3 ]
Li, Jie [1 ,2 ,3 ]
Chen, Kefei [4 ,5 ]
机构
[1] Univ Chinese Acad Sci, Sch Cyber Secur, Beijing, Peoples R China
[2] Chinese Acad Sci, Inst Informat Engn, State Key Lab Informat Secur, Beijing, Peoples R China
[3] Chinese Acad Sci, Data Assurance & Commun Secur Res Ctr, Beijing, Peoples R China
[4] Hangzhou Normal Univ, Coll Sci, Hangzhou, Zhejiang, Peoples R China
[5] Westone Cryptol Res Ctr, Beijing, Peoples R China
基金
中国国家自然科学基金;
关键词
KEY;
D O I
10.1155/2018/5967635
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Very recently, Costache and Smart proposed a fully homomorphic encryption (FHE) scheme based on the Learning with Rounding (LWR) problem, which removes the noise (typically, Gaussian noise) sampling needed in the previous lattices-based FHEs. But their scheme did not work, since the noise of homomorphic multiplication is complicated and large, which leads to failure of decryption. More specifically, they chose LWR instances as a public key and the private key therein as a secret key and then used the tensor product to implement homomorphic multiplication, which resulted in a tangly modulus problem. Recall that there are two moduli in the LWR instances, and then the moduli will tangle together due to the tensor product. Inspired by their work, we built the first workable LWR-based FHE scheme eliminating the tangly modulus problem by cleverly adopting the celebrated approximate eigenvector method proposed by Gentry et al. at Crypto 2013. Roughly speaking, we use a specific matrix multiplication to perform the homomorphic multiplication, hence no tangly modulus problem. Furthermore, we also extend the LWR-based FHE scheme to the multikey setting using the tricks used to construct LWE-based multikey FHE by Mukherjee and Wichs at Eurocrypt 2016. Our LWR-based multikey FHE construction provides an alternative to the existing multikey FHEs and can also be applied to multiparty computation with higher efficiency.
引用
收藏
页数:12
相关论文
共 31 条
[1]  
] Alperin-Sheriff J., 2016, IACR Cryptol. ePrint Arch., V2016, P589
[2]  
ALPERINSHERIFF J, 2014, P INT CRYPT C, V8616, P297
[3]  
Alwen J, 2013, LECT NOTES COMPUT SC, V8042, P57, DOI 10.1007/978-3-642-40041-4_4
[4]  
[Anonymous], 2009, STANFORD U
[5]  
[Anonymous], 2013, P 44 ANN ACM S THEOR
[6]  
[Anonymous], 1978, FDN SEC COMPUT
[7]  
Asharov G, 2012, LECT NOTES COMPUT SC, V7237, P483, DOI 10.1007/978-3-642-29011-4_29
[8]  
Banerjee A, 2012, LECT NOTES COMPUT SC, V7237, P719, DOI 10.1007/978-3-642-29011-4_42
[9]   On the Hardness of Learning with Rounding over Small Modulus [J].
Bogdanov, Andrej ;
Guo, Siyao ;
Masny, Daniel ;
Richelson, Silas ;
Rosen, Alon .
THEORY OF CRYPTOGRAPHY, TCC 2016-A, PT I, 2016, 9562 :209-224
[10]  
Brakerski Zvika, 2014, ACM Transactions on Computation Theory, V6, DOI 10.1145/2633600