Paper 2008/378

Additively Homomorphic Encryption with d-Operand Multiplications

Carlos Aguilar Melchor, Philippe Gaborit, and Javier Herranz


The search for encryption schemes that allow to evaluate functions (or circuits) over encrypted data has attracted a lot of attention since the seminal work on this subject by Rivest, Adleman and Dertouzos in 1978. In this work we define a theoretical object, chained encryption schemes, which allow an efficient evaluation of polynomials of degree d over encrypted data. Chained encryption schemes are generically constructed by concatenating cryptosystems with the appropriate homomorphic properties; such schemes are common in lattice-based cryptography. As a particular instantiation we propose a chained encryption scheme whose IND-CPA security is based on a worst-case/average-case reduction from uSVP.

Note: Added overview, applications, and cost evaluation.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
homomorphic encryptionsecure function evaluationlatttices
Contact author(s)
carlos aguilar @ unilim fr
2010-08-15: last of 3 revisions
2008-09-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Carlos Aguilar Melchor and Philippe Gaborit and Javier Herranz},
      title = {Additively Homomorphic Encryption with d-Operand Multiplications},
      howpublished = {Cryptology ePrint Archive, Paper 2008/378},
      year = {2008},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.