Paper 2023/979

Faster Secret Keys for (T)FHE

Loris Bergerat, Zama
Ilaria Chillotti, Zama
Damien Ligier, Zama
Jean-Baptiste Orfila, Zama
Adeline Roux-Langlois, Normandie Univ, UNICAEN, ENSICAEN, CNRS, GREYC, 14000 Caen, France
Samuel Tap, Zama

GLWE secret keys come with some associated public information, like their size or the distribution probability of their coefficients. Those information have an impact on the FHE algorithms, their computational cost, their noise growth, and the overall security level. In this paper, we identify two limitations with (T)FHE: there is no fine-grained control over the size of a GLWE secret key, and there is a minimal noise variance which leads to an unnecessary increment of the level of security with large GLWE secret keys. We introduce two (non exclusive) new types of secret keys for GLWE-based cryptosystems, that are designed to overcome the aforementioned limitations. We explain why these are as secure as the traditional ones, and detail all the improvements that they brought to the FHE algorithms. We provide many comparisons with state-of-the-art TFHE techniques, and benchmarks showing computational speed-ups between $1.3$ and $2.4$ while keeping the same level of security and failure probability. Furthermore, the size of the public material (i.e., key switching and bootstrapping keys) is also reduced by factors from $1.5$ and $2.7$.

Available format(s)
Public-key cryptography
Publication info
FHESecret KeyCryptographic Parameters
Contact author(s)
loris bergerat @ zama ai
ilaria chillotti @ zama ai
damien ligier @ gmail com
jb orfila @ zama ai
adeline roux-langlois @ cnrs fr
samuel tap @ zama ai
2023-06-23: approved
2023-06-23: received
See all versions
Short URL
Creative Commons Attribution


      author = {Loris Bergerat and Ilaria Chillotti and Damien Ligier and Jean-Baptiste Orfila and Adeline Roux-Langlois and Samuel Tap},
      title = {Faster Secret Keys for (T)FHE},
      howpublished = {Cryptology ePrint Archive, Paper 2023/979},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.