Sanitization of FHE ciphertexts
Presented at the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna
By definition, fully homomorphic encryption (FHE) schemes support homomorphic decryption, and all known FHE constructions are bootstrapped from a Somewhat Homomorphic Encryption (SHE) scheme via this technique. Additionally, when a public key is provided, ciphertexts are also re-randomizable, e.g., by adding to them fresh encryptions of 0. From those two operations we devise an algorithm to sanitize a ciphertext, by making its distribution canonical. In particular, the distribution of the ciphertext does not depend on the circuit that led to it via homomorphic evaluation, thus providing circuit privacy in the honest-but-curious model. Unlike the previous approach based on noise flooding, our approach does not degrade much the security/efficiency trade-off of the underlying FHE. The technique can be applied to all lattice-based FHE proposed so far, without substantially affecting their concrete parameters.
|M. Fischlin , J.S. Coron
|Lecture Notes in Computer Science
|Cryptanalysis of Widely-used Hash Function Standards and Beyond
|Annual International Conference on the Theory and Applications of Cryptographic Techniques
Ducas, L., & Stehlé, D. (2016). Sanitization of FHE ciphertexts. In M. Fischlin & J. S. Coron (Eds.), Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques 2016 (EUROCRYPT 0) (pp. 294–310). Springer. doi:10.1007/978-3-662-49890-3_12