Paper 2021/1383

MHz2k: MPC from HE over $\mathbb{Z}_{2^k}$ with New Packing, Simpler Reshare, and Better ZKP

Jung Hee Cheon, Dongwoo Kim, and Keewoo Lee


We propose a multi-party computation (MPC) protocol over $\mathbb{Z}_{2^k}$ secure against actively corrupted majority from somewhat homomorphic encryption. The main technical contributions are: (i) a new efficient packing method for $\mathbb{Z}_{2^k}$-messages in lattice-based somewhat homomorphic encryption schemes, (ii) a simpler reshare protocol for level-dependent packings, (iii) a more efficient zero-knowledge proof of plaintext knowledge on cyclotomic rings $\mathbb{Z}[X]/\Phi_M(X)$ with $M$ being a prime. Integrating them, our protocol shows from 2.2x upto 4.8x improvements in amortized communication costs compared to the previous best results. Our techniques not only improve the efficiency of MPC over $\mathbb{Z}_{2^k}$ considerably, but also provide a toolkit that can be leveraged when designing other cryptographic primitives over $\mathbb{Z}_{2^k}$.

Available format(s)
Cryptographic protocols
Publication info
A major revision of an IACR publication in CRYPTO 2021
Multi-party computationDishonest majorityHomomorphic encryptionPacking methodZero-knowledge proof
Contact author(s)
activecondor @ snu ac kr
Dongwoo Kim @ wdc com
2021-10-15: received
Short URL
Creative Commons Attribution


      author = {Jung Hee Cheon and Dongwoo Kim and Keewoo Lee},
      title = {MHz2k: MPC from HE over $\mathbb{Z}_{2^k}$ with New Packing, Simpler Reshare, and Better ZKP},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1383},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.