MétaCan
← all works

Efficient Fully Homomorphic Encryption from (Standard) LWE

2011· article· en· 1,462 citations· W1992282993 on OpenAlex· 10.1109/focs.2011.12

Why is this work in the frame?

A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.

Canadian affiliationAn author listed a Canadian institution. This is the only route the usual frame has.

Machine scores (provisional)

Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.

The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.

Opus teacher head0.023
GPT teacher head0.206
Teacher spread
0.183 · how far apart the two teachers sit on this one work
Validation status
score_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it

Abstract

We present a fully homomorphic encryption scheme that is based solely on the (standard) learning with errors (LWE) assumption. Applying known results on LWE, the security of our scheme is based on the worst-case hardness of "short vector problems" on arbitrary lattices. Our construction improves on previous works in two aspects: 1) We show that "somewhat homomorphic" encryption can be based on LWE, using a new re-linearization technique. In contrast, all previous schemes relied on complexity assumptions related to ideals in various rings. 2) We deviate from the "squashing paradigm" used in all previous works. We introduce a new dimension-modulus reduction technique, which shortens the ciphertexts and reduces the decryption complexity of our scheme, without introducing additional assumptions. Our scheme has very short ciphertexts and we therefore use it to construct an asymptotically efficient LWE-based single-server private information retrieval (PIR) protocol. The communication complexity of our protocol (in the public-key model) is k · polylog(k) + log |DB| bits per single-bit query (here, A; is a security parameter).

Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.

The record

Venue
Topic
Cryptography and Data Security
Field
Computer Science
Canadian institutions
University of Toronto
Funders
Keywords
Homomorphic encryptionLearning with errorsSecurity parameterEncryptionTheoretical computer scienceComputer scienceHomomorphic secret sharingCommunication complexityScheme (mathematics)Public-key cryptographyCommitment schemeLattice problemDiscrete logarithmProtocol (science)Reduction (mathematics)CryptographyMathematicsAlgorithmSecret sharingComputer security
Has abstract in OpenAlex
yes