Fully Homomorphic Encryption over the Integers

We construct a simple fully homomorphic encryption scheme, using only elementary modular arithmetic. We use Gentry’s technique to construct a fully homomorphic scheme from a “bootstrappable” somewhat homomorphic scheme. However, instead of using ideal lattices over a polynomial ring, our bootstrappable encryption scheme merely uses addition and multiplication over the integers. The main appeal of our scheme is the conceptual simplicity. We reduce the security of our scheme to finding an approximate integer gcd – i.e., given a list of integers that are near-multiples of a hidden integer, output that hidden integer. We investigate the hardness of this task, building on earlier work of Howgrave-Graham.

[1]  Phong Q. Nguyen The Two Faces of Lattices in Cryptology , 2001, Selected Areas in Cryptography.

[2]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[3]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[4]  Nick Howgrave-Graham,et al.  Approximate Integer Common Divisors , 2001, CaLC.

[5]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[6]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[7]  Chunsheng Gu,et al.  Attack on Fully Homomorphic Encryption over the Integers , 2012, 1202.3321.

[8]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.

[9]  Jeffrey C. Lagarias,et al.  The computational complexity of simultaneous Diophantine approximation problems , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[10]  Don Coppersmith,et al.  Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities , 1997, Journal of Cryptology.

[11]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[12]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[13]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[14]  Anat Paskin-Cherniavsky,et al.  Evaluating Branching Programs on Encrypted Data , 2007, TCC.

[15]  Richard M. Karp,et al.  A Survey of Parallel Algorithms for Shared-Memory Machines , 1988 .

[16]  Joan Boyar,et al.  On the multiplicative complexity of Boolean functions over the basis (cap, +, 1) , 2000, Theor. Comput. Sci..

[17]  Oded Regev,et al.  New lattice based cryptographic constructions , 2003, STOC '03.

[18]  Igor E. Shparlinski,et al.  On the Insecurity of a Server-Aided RSA Protocol , 2001, ASIACRYPT.

[19]  Jeffrey C. Lagarias The Computational Complexity of Simultaneous Diophantine Approximation Problems , 1985, SIAM J. Comput..

[20]  David Naccache,et al.  Cryptographic Test Correction , 2008, IEEE Security & Privacy.

[21]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[22]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[23]  Paul S. Wang Factoring multivariate polynomials over algebraic number fields , 1976 .

[24]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[25]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[26]  Jacques Stern,et al.  Adapting Density Attacks to Low-Weight Knapsacks , 2005, ASIACRYPT.

[27]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .