Difference between revisions of "Efficient FHE from (Standard) LWE"
(Created page with "== A Somewhat Homomorphic encryption Scheme SH == == The Bootstrappable Scheme BTS == == Bootstrapping BTS into a Fully Homomorphic encryption scheme ==") |
|||
| Line 1: | Line 1: | ||
| + | |||
| + | As anounced in the title, Brakerski and Vaikuntanathan (TODO: cite) introduced a fully homomorphic encryption scheme which is based only on the [[LWE]] assumption. They show that the security of the scheme can be reduced to the worst-case hardness of [[short vector problems]] on arbitrary latices. | ||
| + | |||
| + | They start by introducing a somewhat homomorphic encryption scheme SH, which is then transformed into a bootstrappable scheme BTS. In doing so, the authors deviate from previously known techniques of “squashing” the decryption algorithm of SH that has been used by Dijk, Gentry, Halevi and Vaikuntanathan in [[FHE over the integers]] and instead introduce a new “dimension-modulus reduction” technique, which shortens the ciphertexts and simplifies the decryption circuit of SH. This is all achieved without introducing additional assumptions, such as the hardness of the sparse subset-sum problem. | ||
| + | |||
| + | This scheme has particularly short ciphertexts and for this reasons the authors managed to use it for constructing an efficient single-server private information retrieval (PIR) protocol. | ||
| + | |||
== A Somewhat Homomorphic encryption Scheme SH == | == A Somewhat Homomorphic encryption Scheme SH == | ||
| Line 5: | Line 12: | ||
== Bootstrapping BTS into a Fully Homomorphic encryption scheme == | == Bootstrapping BTS into a Fully Homomorphic encryption scheme == | ||
| + | |||
| + | '''Efficiency of the Scheme''' | ||
Revision as of 13:38, 31 March 2020
As anounced in the title, Brakerski and Vaikuntanathan (TODO: cite) introduced a fully homomorphic encryption scheme which is based only on the LWE assumption. They show that the security of the scheme can be reduced to the worst-case hardness of short vector problems on arbitrary latices.
They start by introducing a somewhat homomorphic encryption scheme SH, which is then transformed into a bootstrappable scheme BTS. In doing so, the authors deviate from previously known techniques of “squashing” the decryption algorithm of SH that has been used by Dijk, Gentry, Halevi and Vaikuntanathan in FHE over the integers and instead introduce a new “dimension-modulus reduction” technique, which shortens the ciphertexts and simplifies the decryption circuit of SH. This is all achieved without introducing additional assumptions, such as the hardness of the sparse subset-sum problem.
This scheme has particularly short ciphertexts and for this reasons the authors managed to use it for constructing an efficient single-server private information retrieval (PIR) protocol.
A Somewhat Homomorphic encryption Scheme SH
The Bootstrappable Scheme BTS
Bootstrapping BTS into a Fully Homomorphic encryption scheme
Efficiency of the Scheme
