Paper 2016/381

FHE Circuit Privacy Almost For Free

Florian Bourse, Rafaël Del Pino, Michele Minelli, and Hoeteck Wee


Circuit privacy is an important property for many applications of fully homomorphic encryption. Prior approaches for achieving circuit privacy rely on superpolynomial noise flooding or on bootstrapping. In this work, we present a conceptually different approach to circuit privacy based on a novel characterization of the noise distribution. In particular, we show that a variant of the GSW FHE for branching programs already achieves circuit privacy; this immediately yields a circuit-private FHE for NC$^1$ circuits under the standard LWE assumption with polynomial modulus-to-noise ratio. Our analysis relies on a variant of the discrete Gaussian leftover hash lemma which states that $e^t \mathbf{G}^{-1}(v)+small$ $noise$ does not depend on $v$. We believe that this result is of independent interest.

Available format(s)
Publication info
A minor revision of an IACR publication in CRYPTO 2016
Homomorphic EncryptionCircuit PrivacyBranching ProgramNoise FloodingLearning With ErrorsRerandomization
Contact author(s)
fbourse @ di ens fr
2016-06-13: last of 4 revisions
2016-04-14: received
See all versions
Short URL
Creative Commons Attribution


      author = {Florian Bourse and Rafaël Del Pino and Michele Minelli and Hoeteck Wee},
      title = {FHE Circuit Privacy Almost For Free},
      howpublished = {Cryptology ePrint Archive, Paper 2016/381},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.