### Faster Bootstrapping with Polynomial Error

Jacob Alperin-Sheriff and Chris Peikert

##### Abstract

\emph{Bootstrapping} is a technique, originally due to Gentry (STOC 2009), for refreshing'' ciphertexts of a somewhat homomorphic encryption scheme so that they can support further homomorphic operations. To date, bootstrapping remains the only known way of obtaining fully homomorphic encryption for arbitrary unbounded computations. Over the past few years, several works have dramatically improved the efficiency of bootstrapping and the hardness assumptions needed to implement it. Recently, Brakerski and Vaikuntanathan~(ITCS~2014) reached the major milestone of a bootstrapping algorithm based on Learning With Errors for \emph{polynomial} approximation factors. Their method uses the Gentry-Sahai-Waters~(GSW) cryptosystem~(CRYPTO~2013) in conjunction with Barrington's circuit sequentialization'' theorem~(STOC~1986). This approach, however, results in \emph{very large} polynomial runtimes and approximation factors. (The approximation factors can be improved, but at even greater costs in runtime and space.) In this work we give a new bootstrapping algorithm whose runtime and associated approximation factor are both \emph{small} polynomials. Unlike most previous methods, ours implements an elementary and efficient \emph{arithmetic} procedure, thereby avoiding the inefficiencies inherent to the use of boolean circuits and Barrington's Theorem. For $2^{\lambda}$ security under conventional lattice assumptions, our method requires only a \emph{quasi-linear} $\Otil(\lambda)$ number of homomorphic operations on GSW ciphertexts, which is optimal (up to polylogarithmic factors) for schemes that encrypt just one bit per ciphertext. As a contribution of independent interest, we also give a technically simpler variant of the GSW system and a tighter error analysis for its homomorphic operations.

Available format(s)
Publication info
A major revision of an IACR publication in CRYPTO 2014
Keywords
bootstrappingfully homomorphic encryption
Contact author(s)
cpeikert @ cc gatech edu
History
2014-06-14: revised
See all versions
Short URL
https://ia.cr/2014/094

CC BY

BibTeX

@misc{cryptoeprint:2014/094,
author = {Jacob Alperin-Sheriff and Chris Peikert},
title = {Faster Bootstrapping with Polynomial Error},
howpublished = {Cryptology ePrint Archive, Paper 2014/094},
year = {2014},
note = {\url{https://eprint.iacr.org/2014/094}},
url = {https://eprint.iacr.org/2014/094}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.