Cryptology ePrint Archive: Report 2016/164

Sanitization of FHE Ciphertexts

Léo Ducas and Damien Stehle

Abstract: By definition, fully homomorphic encryption (FHE) schemes support homomorphic decryption, and all known FHE constructions are bootstrapped from a Somewhat Homomorphic Encryption (SHE) scheme via this technique. Additionally, when a public key is provided, ciphertexts are also re-randomizable, e.g., by adding to them fresh encryptions of 0. From those two operations we devise an algorithm to sanitize a ciphertext, by making its distribution canonical. In particular, the distribution of the ciphertext does not depend on the circuit that led to it via homomorphic evaluation, thus providing circuit privacy in the honest-but-curious model. Unlike the previous approach based on noise flooding, our approach does not degrade much the security/efficiency trade-off of the underlying FHE. The technique can be applied to all lattice-based FHE proposed so far, without substantially affecting their concrete parameters.

Category / Keywords: public-key cryptography /

Original Publication (in the same form): IACR-EUROCRYPT-2016

Date: received 18 Feb 2016

Contact author: damien stehle at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20160219:201636 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]