Xiaojun Zhang,Chunxiang Xu,Chunhua Jin,Run Xie,Jining Zhao

DOI: https://doi.org/10.1016/j.future.2013.10.024

IF: 7.307

2014-01-01

Future Generation Computer Systems

Abstract:In this paper, we present an effective fully homomorphic encryption (FHE) from ring learning with errors (RLWE) assumption without using Gentry’s standard squashing and bootstrapping techniques. Our FHE scheme is to modify the recent FHE scheme of Brakerski. We use the re-linearization technique to reduce the length of ciphertext considerably, and use the modulus reduction technique to manage the noise level and decrease the decryption complexity without introducing additional assumptions. Furthermore, with the key-homomorphic property, we extend our FHE scheme to a threshold fully homomorphic encryption (TFHE), which allows parties to cooperatively decrypt a ciphertext without learning anything but the plaintext. The TFHE scheme can be protected from related-key attacks, as long as we add extra smudging noise during sensitive operations.

Fucai Luo,Haiyan Wang,Al-Kuwari Saif,Weihong Han

DOI: https://doi.org/10.1016/j.csi.2023.103742

2023-03-29

Abstract:Fully Homomorphic Encryption (FHE) is a powerful encryption system in cloud computing that allows homomorphic computations on encrypted data without decrypting them. Multi-key fully homomorphic encryption (MFHE), as an extension to FHE, allows homomorphic computations on ciphertexts encrypted under different keys. However, most MFHE schemes require a Common Random/Reference String (CRS), while the few that do not are based on the Learning With Errors (LWE) problem, which means that they can only deal with single bit plaintext. Consequently, MFHE schemes based on the Ring Learning With Errors (RLWE) problem are more desirable, as they can handle polynomial plaintext. Requiring the CRS seems to weaken the semantic definition of MFHE, where all users generate their own keys independently. In this paper, we study the RLWE-based MFHE in the CRS model and propose the first RLWE-based MFHE without a CRS. To this end, we remove the CRS by designing a relinearization algorithm without a CRS. Like previous MFHE schemes, our RLWE-based MFHE without CRS has a simple 1-round threshold decryption, which implies a 3-round secure MPC protocol in the plain model from the RLWE assumption.

computer science, software engineering, hardware & architecture

Linzhi Jiang,Chunxiang Xu,Xiaofang Wang,Chao Lin

DOI: https://doi.org/10.1007/s00500-016-2296-6

IF: 3.732

2016-01-01

Soft Computing

Abstract:Statistical learning has been widely used in many fields, such as science, engineering and finance, to extract important patterns, trends, and understand “what the data say”. Privacy of statistical learning, i.e., user and sensitive data, is significant problem of performing computation, especially outsourcing cloud computing. Some fully homomorphic encryption schemes can achieve computation on the encrypted data, but most of them are lack of efficiency. Fully homomorphic encryption based on learning with errors over rings (RLWE) supports a finite number of addition and multiplication on the encrypted data, thus can be viewed as the polynomial computation in cyclotomic fields. Computation on the encrypted data can be converted into computation associated with polynomial. So, fully homomorphic encryption from RLWE is very efficient relative to other schemes. Our contribution includes two aspects. Firstly, we show a scheme to represent the training and testing data for statistical learning. The proposed scheme firstly transforms the data into integer and then encodes them into polynomial so that the encryption, decryption and homomorphic operation can be performed efficiently. We also carefully choose the parameters of fully homomorphic encryption from RLWE to meet the requirement of efficiency. User only needs to upload the encrypted data to cloud server, and then the server trains and tests the encrypted data, returns the analysis and prediction results to user. Secondly, we present a comparison scheme on the encrypted data for statistical learning algorithms, which is security on the known plain-text attack and ciphertext only attack model.

Chen Yang,Fahong Zhang,Jianfei Wang,Yang Su

DOI: https://doi.org/10.1109/icsict55466.2022.9963328

2022-01-01

Abstract:With the expansion of cloud services and privacy security becomes more crucial, fully homomorphic encryption (FHE) scheme which operates data in ciphertext domain has been widely concerned. Lattice-based cryptography ring learning with errors (RLWE), together with its variants RLWE’ and RGSW, form the core component of main-stream homomorphic encryption schemes. This paper presents a universal RLWE encryption module supports ciphertext generation of three cryptographic schemes above. The design uses anti-circulant matrix to convert polynomial multiplication to N-level inner product between vector and anti-circulant matrix to wipe off additional modular reduction. Meanwhile, Montgomery reduction is used to realize multiplicationfree polynomial multiplication. The results show that the utilizations of LUT and FF are reduced by 51% and 30% respectively, as well as completely avoiding DSP usage.

Gang Du,Chunguang Ma,Zengpeng Li,Ding Wang

DOI: https://doi.org/10.1007/978-3-319-68542-7_21

2017-01-01

Abstract:Despite the convenience brought by cloud computing, internet users, meanwhile, are faced with risks of data theft, tampering, forgery, etc. Fully homomorphic encryption (FHE) has the ability to deal with the ciphertext directly, which can solve the problem of data security in cloud computing. Therefore, fully homomorphic encryption (FHE) has been widely used in cloud computing as well as multiparty computing, functional encryption and private information retrieval, etc. However, previous FHE schemes are based on standard (ring) learning with errors (LWE) assumption and the most typical schemes were created by Brakerski (CRYPTO2012) and Gentry-Sahai-Waters (GSW) (CRYPTO2013). Moreover, inspired by the work of Li et al. at ICPADS2016, they made use of Brakerski's scale-invariant technology and constructed a new FHE scheme with errorless key switching under Dual-First-is-errorless LWE (Dual-Ferr. LWE) problem. Hence, armed with Li et al.'s work, in this paper, we use Gentry-Peikert-Vaikuntanathan's scheme (i.e., under dual LWE assumption) as building block to construct a FHE scheme. Lastly, under the assumption of decisional learning with errors (LWE), we prove that our scheme is CPA (chosen-plaintext-attack) secure.

Xiaoliang Che,Longfei Liu,Baocang Wang,Yiliang Han,Xu An Wang,Xiaoyuan Yang,Tanping Zhou

DOI: https://doi.org/10.1016/j.jksuci.2023.101794

IF: 9.006

2023-10-12

Journal of King Saud University - Computer and Information Sciences

Abstract:Most previous RLWE-based multi-key homomorphic encryptions (MKHEs) need to perform complex relinearization operations on ciphertext products to complete the evaluation of circuits of bounded polynomial depth. In this process, many intermediate ciphertexts or keys are needed for computing, resulting in inefficient computing and redundant storage. We propose a more efficient RLWE-based MKHE without relinearization operations to squeeze the storage space provided for homomorphic computation. Firstly, a controllable factor is introduced into the party's ciphertexts, delineating the ciphertext as a component-like factor in preparation for concatenate operations. Secondly, we construct a tightened RGSW ciphertext extension algorithm that can be directly applied to the party's original ciphertext. The extended ciphertext no longer needs to be converted, so any conversion keys are no longer required. Again, by combining the concatenate and bit decomposition techniques, we construct new matching homomorphic computation algorithms, which ensure that the ciphertext product or sum is consistent in morphology with the extended ciphertext. The homomorphic multiplication algorithm allows the resultant ciphertext to directly participate in the next round of homomorphic operations without relinearization. Finally, we propose a specific RLWE-based MKHE scheme and provide the decryption process. Our analysis shows that our scheme guarantees IND-CPA security and performs efficient homomorphic computations correctly without relinearization operations.

computer science, information systems

xing li,jianping yu,peng zhang,xiaoqiang sun

DOI: https://doi.org/10.1109/ICEIEC.2015.7284526

2015-01-01

Abstract:Fully homomorphic encryption has been viewed as a mechanism that enables to do arbitrary computations on encrypted data, without ever decrypting it. So fully homomorphic encryption owns great value in cloud computing, secure multiparty computation and so on. To obtain a leveled fully homomorphic encryption scheme, we present a comparatively simple and natural method, that is the approximate eigenvector method. The homomorphic addition and multiplication involved are just matrix addition and multiplication, and the error growth is slow and linear. In this essay we show an approximate-eigenvector leveled fully homomorphic encryption scheme based on Error-Free Approximate GCD, whose plaintext is a diagonal matrix. So this scheme can encrypt l bits at a time.

Zengpeng Li,Chunguang Ma,Eduardo Morais,Gang Du

DOI: https://doi.org/10.1007/978-3-319-54705-3_14

2016-01-01

Abstract:Fully Homomorphic Encryption (\(\mathsf {FHE}\)) is a cryptographic primitive that allows computing over encrypted data without decrypting the corresponding ciphertexts. In general, existing \(\mathsf {FHE}\) schemes can be achieved using standard Learning with Errors (\(\mathsf {LWE}\)) assumption and most of the schemes are single-bit encryption. Hence, the construction of multi-bit \(\mathsf {FHE}\) with high efficiency remains an open problem in cryptography. In this paper, we propose multi-bit versions of Public Key Encryption (\(\mathsf {PKE}\)) via the dual \(\mathsf {LWE}\)-based firstly proposed by Gentry, Peikert, and Vaikuntanathan at STOC 2008. We initially develop an universal construction derived from a general structure of the underlying combined public matrix for constructing the multi-bit version which increases the size of ciphertexts linearly. Then, utilizing multi-bit \(\mathsf {PKE}\) scheme as building block, we propose a new multi-bit \(\mathsf {FHE}\) scheme under the assumption of decisional \(\mathsf {LWE}\) is hard and prove the scheme is \(\textsc {IND-CPA}\)-secure.

Zengpeng Li,Chunguang Ma,Gang Du,Weiping Ouyang

DOI: https://doi.org/10.1109/icpads.2016.0154

2016-01-01

Abstract:Cloud computing raises new challenges for how to protect user privacy. Fully homomorphic encryption is one way to solve the problem. In this paper, we show a useful property of Dual-LWE assumption to construct Key-Switching procedure compared with LWE assumption without extra error term. Hence, we propose to construct "Errorless Key Switching" fully homomorphic encryption (FHE) scheme based on dual learning with errors (Dual-LWE) assumption. Specifically, we compile the Dual-LWE problem proposed by Gentry et.al. at STOC2008 and First-is-errorless LWE (Ferr.LWE) problem proposed by Brakerski et al. at STOC2013 into Dual-First-is-errorless LWE (Dual-Ferr.LWE) problem. Then, utilizing Dual-Ferr.LWE assumption to construct a various GPV(vGPV) scheme, and we use vGPV scheme as the fundamental building block to construct FHE with errorless key switching scheme. Lastly, under the assumption of decisional learning with errors(DLWE), we prove that our scheme is CPA secure.

Chengjin Liu,Zoe L Jiang,Xin Zhao,Qian Chen,Junbin Fang,Daojing He,Jun Zhang,Xuan Wang

DOI: https://doi.org/10.1109/infocomwkshps54753.2022.9797933

2022-01-01

Abstract:In the era of big data, data are often outsourced at cloud for storage and computation. As data has become a highly valuable resource, data holder needs retain full privacy and control over it. Privacy-preserving machine learning (PPML) aims at extracting data value while preserving its privacy. Homomorphic encryption (HE), as a privacy-preserving technique, is increasingly used in PPML schemes. However, since bootstrapping is required in Fully Homomorphic Encryption (FHE) after a certain number of homomorphic operations to ensure the correctness of decryption, FHE-based PPML may perform a large number of bootstrappings, which greatly reduces the efficiency. Besides, FHE only supports homomorphic addition and multiplication operations. Most of the existing solutions use Taylor theorem to convert nonlinear function into linear polynomial function with sacrifice of model accuracy. To solve the two problems above, we propose to simulate bootstrapping operation in training phase by a pair of decryption and re-encryption operations, which is further transferred to trusted hardware to avoid information leakage after decryption. With this idea, the performance can be enhanced greatly. In addition, all the calculations of activation function (nonlinear) can be executed in plaintext form directly. In this paper, we propose and implement an efficient and privacy-preserving logistic regression scheme based on Leveled FHE, and deploy the bootstrapping simulation and activation function on Raspberry Pi (a simulated trusted hardware). The scheme achieves practical usability demonstrated on standard UCI datasets.

Xirong Ma,Chuan Li,Yuchang Hu,Yunting Tao,Yali Jiang,Yanbin Li,Fanyu Kong,Chunpeng Ge

2024-07-09

Abstract:The demand for processing vast volumes of data has surged dramatically due to the advancement of machine learning technology. Large-scale data processing necessitates substantial computational resources, prompting individuals and enterprises to turn to cloud services. Accompanying this trend is a growing concern regarding data leakage and misuse. Homomorphic encryption (HE) is one solution for safeguarding data privacy, enabling encrypted data to be processed securely in the cloud. However, the encryption and decryption routines of some HE schemes require considerable computational resources, presenting non-trivial work for clients. In this paper, we propose an outsourced decryption protocol for the prevailing RLWE-based fully homomorphic encryption schemes. The protocol splits the original decryption into two routines, with the computationally intensive part executed remotely by the cloud. Its security relies on an invariant of the NTRU-search problem with a newly designed blinding key distribution. Cryptographic analyses are conducted to configure protocol parameters across varying security levels. Our experiments demonstrate that the proposed protocol achieves up to a $67\%$ acceleration in the client's local decryption, accompanied by a $50\%$ reduction in space usage.

Cryptography and Security

Chao Liu,Zhongxiang Zheng,Keting Jia,Limin Tao

DOI: https://doi.org/10.1007/978-3-030-31919-9_1

2019-01-01

Abstract:Authenticated encryption (AE) is very suitable for a resources constrained environment for it needs less computational costs and AE has become one of the important technologies of modern communication security. Identity concealment is one of research focuses in design and analysis of current secure transport protocols (such as TLS1.3 and Google's QUIC). In this paper, we present a provably secure identity-concealed authenticated encryption in the public-key setting over ideal lattices, referred to as RLWE-ICAE. Our scheme can be regarded as a parallel extension of higncryption scheme proposed by Zhao (CCS 2016), but in the lattice-based setting. RLWE-ICAE can be viewed as a monolithic integration of public-key encryption, key agreement over ideal lattices, identity concealment and digital signature. The security of RLWE-ICAE is directly relied on the Ring Learning with Errors (RLWE) assumption. Two concrete choices of parameters are provided in the end.

Yuan Liu,Yun Pan,Lize Gu,Yuan Zhang,Dezhi An

DOI: https://doi.org/10.1155/2021/6656764

IF: 1.43

2021-01-01

Mathematical Problems in Engineering

Abstract:Attribute-based encryption (ABE) is a good choice for one-to-many communication and fine-grained access control of the encryption data in a cloud environment. Fully homomorphic encryption (FHE) allows cloud servers to make valid operations on encrypted data without decrypting. Attribute-based fully homomorphic encryption (ABFHE) from lattices not only combines the bilateral advantages/facilities of ABE and FHE but also can resist quantum attacks. However, in the most previous ABFHE schemes, the growth of ciphertext size usually depends on the total number of system’s attributes which leads to high communication overhead and long running time of encryption and decryption. In this paper, based on the LWE problem on lattices, we propose an attribute-based fully homomorphic scheme with short ciphertext. More specifically, by classifying the system’s attributes and using the special structure matrix in MP12, we remove the dependency of ciphertext size on system’s attributes ℓ and the ciphertext size is no longer increased with the total number of system’s attributes. In addition, by introducing the function G−1 in the homomorphic operations, we completely rerandomize the error term in the new ciphertext and have a very tight and simple error analysis using sub-Gaussianity. Besides, performance analysis shows that when ℓ=2 and n=284 according to the parameter suggestion given by Micciancio and Dai et al., the size of ciphertext in our scheme is reduced by at least 73.3%, not to mention ℓ>2. The larger the ℓ, the more observable of our scheme. The short ciphertext in our construction can not only reduce the communication overhead but also reduce the running time of encryption and decryption. Finally, our scheme is proved to be secure in the standard model.

Zhiyong Zheng,Fengxia Liu,Kun Tian

DOI: https://doi.org/10.48550/arXiv.2301.12060

2023-01-28

Abstract:We propose an unbounded fully homomorphic encryption scheme, i.e. a scheme that allows one to compute on encrypted data for any desired functions without needing to decrypt the data or knowing the decryption keys. This is a rational solution to an old problem proposed by Rivest, Adleman, and Dertouzos [42] in 1978, and to some new problems appeared in Peikert [38] as open questions 10 and open questions 11 a few years ago. Our scheme is completely different from the breakthrough work [21, 22] of Gentry in 2009. Gentry’s bootstrapping technique constructs a fully homomorphic encryption (FHE) scheme from a somewhat homomorphic one that is powerful enough to evaluate its own decryption function. To date, it remains the only known way of obtaining unbounded FHE. Our construction of unbounded FHE scheme is straightforward and noise-free that can handle unbounded homomorphic computation on any refreshed ciphertexts without bootstrapping transformation technique.

Jiaxang Tang,Zeshan Fayyaz,Mohammad A. Salahuddin,Raouf Boutaba,Zhi-Li Zhang,Ali Anwar

2024-09-12

Abstract:Federated Learning is a well-researched approach for collaboratively training machine learning models across decentralized data while preserving privacy. However, integrating Homomorphic Encryption to ensure data confidentiality introduces significant computational and communication overheads, particularly in heterogeneous environments where clients have varying computational capacities and security needs. In this paper, we propose HERL, a Reinforcement Learning-based approach that uses Q-Learning to dynamically optimize encryption parameters, specifically the polynomial modulus degree, $N$, and the coefficient modulus, $q$, across different client tiers. Our proposed method involves first profiling and tiering clients according to the chosen clustering approach, followed by dynamically selecting the most suitable encryption parameters using an RL-agent. Experimental results demonstrate that our approach significantly reduces the computational overhead while maintaining utility and a high level of security. Empirical results show that HERL improves utility by 17%, reduces the convergence time by up to 24%, and increases convergence efficiency by up to 30%, with minimal security loss.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Yan Ke,Min-Qing Zhang,Jia Liu,Ting-Ting Su,Xiao-Yuan Yang

DOI: https://doi.org/10.1109/tcsvt.2019.2963393

IF: 5.859

2020-08-01

IEEE Transactions on Circuits and Systems for Video Technology

Abstract:This paper proposes a fully homomorphic encryption encapsulated difference expansion (FHEE-DE) scheme for reversible data hiding in encrypted domain (RDH-ED). The homomorphic circuits and ciphertext operations are elaborated. Key-switching and bootstrapping techniques are introduced to control the ciphertext extension and decryption failure of homomorphic encryption. A key-switching based least-significant-bit (KS-LSB) data hiding method has been designed to realize data extraction directly from the encrypted domain without the private key. In application, the user first encrypts the plaintext and uploads ciphertext to the server. The server embeds additional data into the ciphertext by performing FHEE-DE data hiding and KS-LSB data hiding. Additional data can be extracted directly from the marked ciphertext by the server without the private key. The user owns the private key and can decrypt the marked ciphertext to obtain the marked plaintext. Then additional data or plaintext can be obtained from the marked plaintext by using the standard DE extraction or recovery. The server could also implement FHEE-DE recovery or extraction on the marked ciphertext to return the ciphertext of original plaintext or additional data to the user. Experimental results demonstrate that the embedding capacity and reversibility of the proposed scheme are superior to existing RDH-ED methods, and fully separability is achieved without reducing the security of encryption.

engineering, electrical & electronic

Ting Wang,Guoqiang Han,Jianping Yu,Peng Zhang,Xiaoqiang Sun

DOI: https://doi.org/10.1007/s11277-017-3979-8

IF: 2.017

2017-01-01

Wireless Personal Communications

Abstract:In order to construct efficient public-key encryption scheme that is secure against adaptive chosen-ciphertext attacks (CCA), an efficient signature scheme and an identity-based encryption (IBE) scheme from the learning with errors over rings are presented firstly in this paper, whose security are reducible to the hardness of the shortest vector problem in the worst case on ideal lattices. Secondly, a CCA-secure public key cryptosystem is constructed on the basis of the IBE and signature proposed above. The efficiency analysis indicates the proposed signature and encryption schemes are much more efficient than correlative cryptosystems. The security analysis shows that the IBE scheme is secure against chosen-plaintext attacks, and the public-key encryption scheme is CCA-secure in the random oracle model.

Yuqi Guo,Lin Li,Zhongxiang Zheng,Hanrui Yun,Ruoyan Zhang,Xiaolin Chang,Zhixuan Gao

2024-03-18

Abstract:Since the first theoretically feasible full homomorphic encryption (FHE) scheme was proposed in 2009, great progress has been achieved. These improvements have made FHE schemes come off the paper and become quite useful in solving some practical problems. In this paper, we propose a set of novel Federated Learning Schemes by utilizing the latest homomorphic encryption technologies, so as to improve the security, functionality and practicality at the same time. Comparisons have been given in four practical data sets separately from medical, business, biometric and financial fields, covering both horizontal and vertical federated learning scenarios. The experiment results show that our scheme achieves significant improvements in security, efficiency and practicality, compared with classical horizontal and vertical federated learning schemes.

Cryptography and Security

Parhat Abla,Feng-Hao Liu,Han Wang,Zhedong Wang

DOI: https://doi.org/10.1007/978-3-030-90456-2_6

2021-01-01

Abstract:This work constructs an identity based encryption from the ring learning with errors assumption (RLWE), with shorter master public keys and tighter security analysis. To achieve this, we develop three new methods: (1) a new homomorphic equality test method using nice algebraic structures of the rings, (2) a new family of hash functions with natural homomorphic evaluation algorithms, and (3) a new insight for tighter reduction analyses. These methods can be used to improve other important cryptographic tasks, and thus are of general interests. Particularly, our homomorphic equality test method can derive a new method for packing/unpacking GSW-style encodings, showing a new non-trivial advantage of RLWE over the plain LWE. Moreover, our new insight for tighter analyses can improve the analyses of all the currently known partition-based IBE designs, achieving the best of the both from prior analytical frameworks of Waters (Eurocrypt '05) and Bellare and Ristenpart (Eurocrypt '09).

Yi Huang,Junping Wan,Zoe L. Jiang,Jun Zhou,Junbin Fang,Zhenfu Cao

DOI: https://doi.org/10.1007/978-981-97-5025-2_9

2024-01-01

Abstract:Fully homomorphic encryption (FHE) enables users to process encrypted data, while preserving data privacy throughout the data computation process. It develops ways to privately execute neural networks. Although bit-wise FHE over the torus (TFHE) was originally proposed to support non-linear functions, such as ReLU operation which is often used in neural networks, the computational complexity of the homomorphic ReLU operation is linearly to data precision. Integer-wise TFHE enables integer bootstrapping with homomorphic addition. However, it leaves an open problem to support homomorphic multiplication and ReLU due to negacyclicity limitation. In this paper, we first propose the ExMultbyBin(x) algorithm for integer-wise multiplication by extending the data range from {0, ..., B/2 - 1} to {- B, ..., B - 1}. Then, we propose the idea of function transformation by equivalently transform the ReLU(x) function to a new function ExMultbyBin(x, f(id)(x), sign(x) - B/2). Finally, we achieve a privacy-preserving ReLU function IntReLU with integer-wise TFHE, resulting in computational complexity independent of data precision. That is, when the data precision is n-bit, IntReLU has a computational complexity of O(1). Experimental results in the TFHE library indicate that, the operation time of our intReLU is reduced by 17% when the data precision is 6-bit compared to the bit-wise TFHE scheme.