By definition, fully homomorphic encryption (FHE) schemes support homomorphic decryption, and all known FHE constructions are bootstrapped from a Somewhat Homomorphic Encryption (SHE) scheme via this technique. Additionally, when a public key is provided, ciphertexts are also re-randomizable, e.g., by adding to them fresh encryptions of 0. From those two operations we devise an algorithm to sanitize a ciphertext, by making its distribution canonical. In particular, the distribution of the ciphertext does not depend on the circuit that led to it via homomorphic evaluation, thus providing circuit privacy in the honest-but-curious model. Unlike the previous approach based on noise flooding, our approach does not degrade much the security/efficiency trade-off of the underlying FHE. The technique can be applied to all lattice-based FHE proposed so far, without substantially affecting their concrete parameters.
Additional Metadata
Keywords public-key cryptography
THEME Information (theme 2)
Publisher Springer
Editor M. Fischlin , J.S. Coron
Persistent URL dx.doi.org/10.1007/978-3-662-49890-3_12
Series Lecture Notes in Computer Science
Project Cryptanalysis of Widely-used Hash Function Standards and Beyond
Conference Annual International Conference on the Theory and Applications of Cryptographic Techniques
Grant This work was funded by the The Netherlands Organisation for Scientific Research (NWO); grant id nwo/617.001.201 - Cryptanalysis of Widely-used Hash Function Standards and Beyond
Citation
Ducas, L, & Stehle, D. (2016). Sanitization of FHE ciphertexts. In M Fischlin & J.S Coron (Eds.), Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques 2016 (EUROCRYPT 0) (pp. 294–310). Springer. doi:10.1007/978-3-662-49890-3_12