A Full RNS Variant of FV Like Somewhat Homomorphic Encryption Schemes

Since Gentry’s breakthrough work in 2009, homomorphic cryptography has received a widespread attention. Implementation of a fully homomorphic cryptographic scheme is however still highly expensive. Somewhat Homomorphic Encryption (SHE) schemes, on the other hand, allow only a limited number of arithmetical operations in the encrypted domain, but are more practical. Many SHE schemes have been proposed, among which the most competitive ones rely on Ring Learning With Errors (RLWE) and operations occur on high-degree polynomials with large coefficients. This work focuses in particular on the Chinese Remainder Theorem representation (a.k.a. Residue Number Systems) applied to the large coefficients. In SHE schemes like that of Fan and Vercauteren (FV), such a representation remains hardly compatible with procedures involving coefficient-wise division and rounding required in decryption and homomorphic multiplication. This paper suggests a way to entirely eliminate the need for multi-precision arithmetic, and presents techniques to enable a full RNS implementation of FV-like schemes. For dimensions between \(2^{11}\) and \(2^{15}\), we report speed-ups from \(5{\times }\) to \(20{\times }\) for decryption, and from \(2{\times }\) to \(4{\times }\) for multiplication.

[1]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[2]  Mitsuru Matsui,et al.  Advances in Cryptology - ASIACRYPT 2009, 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6-10, 2009. Proceedings , 2009, ASIACRYPT.

[3]  Léo Ducas,et al.  Lattice Signatures and Bimodal Gaussians , 2013, IACR Cryptol. ePrint Arch..

[4]  Joseph H. Silverman,et al.  NTRU: A Ring-Based Public Key Cryptosystem , 1998, ANTS.

[5]  Kazue Sako Topics in Cryptology - CT-RSA 2016 : The Cryptographers' Track at the RSA Conference 2016, San Francisco, CA, USA, February 29 - March 4, 2016, Proceedings , 2016 .

[6]  Frederik Vercauteren,et al.  Modular Hardware Architecture for Somewhat Homomorphic Function Evaluation , 2015, CHES.

[7]  Tancrède Lepoint,et al.  NFLlib: NTT-Based Fast Lattice Library , 2016, CT-RSA.

[8]  Michele Mosca,et al.  Post-quantum cryptography : 6th International Workshop, PQCrypto 2014 Waterloo, ON, Canada, October 1-3, 2014 : proceedings , 2014 .

[9]  Michael Naehrig,et al.  Improved Security for a Ring-Based Fully Homomorphic Encryption Scheme , 2013, IMACC.

[10]  Phong Q. Nguyen,et al.  Advances in cryptology - EUROCRYPT 2013 : 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques Athens, Greece, May 26-30, 2013 : proceedings , 2013 .

[11]  Léo Ducas,et al.  Efficient Identity-Based Encryption over NTRU Lattices , 2014, ASIACRYPT.

[12]  C. Moler,et al.  Advances in Cryptology , 2000, Lecture Notes in Computer Science.

[13]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[14]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[15]  Vadim Lyubashevsky,et al.  Lattice Signatures Without Trapdoors , 2012, IACR Cryptol. ePrint Arch..

[16]  Chris Peikert,et al.  Lattice Cryptography for the Internet , 2014, PQCrypto.

[17]  H. Garner The residue number system , 1959, IRE-AIEE-ACM '59 (Western).

[18]  Frederik Vercauteren,et al.  Somewhat Practical Fully Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[19]  David Pointcheval,et al.  Advances in Cryptology : EUROCRYPT 2012 : 31st annual international conference on the theory and applications of cryptographic techniques, Cambridge, UK, April 15-19, 2012 : Proceedings , 2012 .

[20]  Tim Güneysu,et al.  Beyond ECDSA and RSA: Lattice-based digital signatures on constrained devices , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[21]  Zvika Brakerski,et al.  Fully Homomorphic Encryption without Modulus Switching from Classical GapSVP , 2012, CRYPTO.

[22]  Michael Naehrig,et al.  CryptoNets: applying neural networks to encrypted data with high throughput and accuracy , 2016, ICML 2016.

[23]  Ron Steinfeld,et al.  Efficient Public Key Encryption Based on Ideal Lattices , 2009, ASIACRYPT.

[24]  David Pointcheval,et al.  Progress in cryptology : AFRICACRYPT 2014 : 7th international conference on cryptology in Africa Marrakesh, Morocco, May 28-30, 2014 : proceedings , 2014 .

[25]  Thomas Plantard,et al.  RNS Arithmetic Approach in Lattice-Based Cryptography: Accelerating the "Rounding-off" Core Procedure , 2015, 2015 IEEE 22nd Symposium on Computer Arithmetic.

[26]  Craig Gentry,et al.  Candidate Multilinear Maps from Ideal Lattices , 2013, EUROCRYPT.

[27]  Ramdas Kumaresan,et al.  Fast Base Extension Using a Redundant Modulus in RNS , 1989, IEEE Trans. Computers.

[28]  Martin R. Albrecht,et al.  A Subfield Lattice Attack on Overstretched NTRU Assumptions - Cryptanalysis of Some FHE and Graded Encoding Schemes , 2016, CRYPTO.

[29]  Elisabeth Oswald,et al.  Advances in cryptology - EUROCRYPT 2014 : 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques Copenhagen, Denmark, May 11-15, 2014 : proceedings , 2014 .

[30]  Ron Steinfeld,et al.  GGHLite: More Efficient Multilinear Maps from Ideal Lattices , 2014, IACR Cryptol. ePrint Arch..

[31]  Torbjrn Granlund,et al.  GNU MP 6.0 Multiple Precision Arithmetic Library , 2015 .

[32]  Michael Naehrig,et al.  A Comparison of the Homomorphic Encryption Schemes FV and YASHE , 2014, AFRICACRYPT.