With the rapid development of cloud computation and big data, the data storage and outsource computation are delegated to the untrusted cloud, which has led to a series of challenging security and privacy threats. Fully homomorphic encryption can be used to protect the privacy of cloud data and solve the trust problem of third party. The key problem of achieving fully homomorphic encryption is how to reduce the increasing noise during the ciphertext evaluation. Bootstrapping procedure can refresh ciphertext with large error, such that the resulting ciphertext has potentially smaller error and allows being continuous homomorphic evaluation. In this paper, we investigated the bootstrapping procedure used to construct fully homomorphic encryption scheme. We proposed a new concept of block homomorphic equality test algorithm and gave an instance based on the FH-SIMD scheme. Furthermore, based on the block homomorphic equality test algorithm, we proposed a faster bootstrapping procedure with smaller bootstrapping keys. Both theory analysis and experiment simulation validate high performance of our bootstrapping algorithm.
Rapidly developing cloud storage and computation platform allow user delegate data outsource to the cloud server. Cloud computing has the characteristics of data concentration, resource sharing, highly interconnecting, fully opening, etc. It breaks the information island of traditional IT field; meanwhile, it brings even more serious security problems. To protect the privacy of data and the confidential of business secret, it is necessary to encrypting the upload data. However, it is difficult to process ciphertext for traditional encryption algorithm, and this promoted the improvement and development of fully homomorphic encryption (FHE). The prominent advantage of the fully homomorphic encryption is that it can solve ciphertext evaluation problem.
In 2009, Gentry [
In PKC 2010, Smart and Vercauteren [
Gentry, Sahai and Waters [
Bootstrapping technique is a central technique on fully homomorphic encryption (FHE), which converts “somewhat homomorphic” encryption (SHE) scheme into a fully homomorphic one. That is, bootstrapping procedure homomorphically evaluating the SHE scheme’s decryption function on a ciphertext that cannot support any further homomorphic operations, and produces a new one that encrypts the same message and can handle more homomorphic operations.
Bootstrapping procedure is computationally very expensive, and it is becomes the main bottleneck of fully homomorphic encryption practicability. Therefore, there are lots of works try to improve its efficiency. Gentry, Halevi, and Smart [
Recently, Alperin-Sheriff and Peikert [
In Eurocrypt 2015, Ducas and Micciancio [
In AsiaCrypt2016, Chillotti et al. constructed an efficient bootstrapping fully homomorphic encryption scheme, called TFHE [
Let
Letting
For
According to CRT and the above homomorphic embedding, we can obtain a homomorphic embedding of
Gentry firstly proposed bootstrapping technique, which may transform a somewhat homomorphic encryption scheme to a fully homomorphic encryption scheme. Subsequently, Jacob Alperin-Sheriff and Chris Peikert [
The decryption of all fully homomorphic schemes based on LWE involved computing inner production and rounding, that is, input secret key
Now, we give the decryption algorithm of FHE based LWE in the ciphertext state. During the bootstrapping procedure, the ciphertext of secret
Assume that the binary ciphertext to be bootstrapped is
Jacob Alperin-Sheriff and Chris Peikert proposed the generalized bootstrapping method based on the GSW scheme. Homomorphic equality test is a key component of the generalized bootstrapping algorithm, that is, for the fixed
Homomorphic equality test.
We intend to proposed block homomorphic equality test algorithm, that is, it travels a block
Block homomorphic equality test.
Resort to the FH-SIMD homomorphic encryption scheme [
In this section, we describe our block homomorphic equality test algorithm, called B_Eq?.
Input: ciphertex
Output: if there exits a
We assume that
Then compute
And compute
According to the homomorphism of encryption scheme FH-SIMD, the
We can see that as long as the equation
From the above steps, we finish the block homomorphic equality test; then we can homomorphic compute
In this section, we construct faster bootstrapping procedure from the block homomorphic equality test algorithm B_Eq?. The bootstrapping procedure consists of two algorithms: BootKeyGen and Bootstrap. The procedure is used to refresh ciphertexts of all known standard LWE-based FHE. We get the input ciphertext
Output the bootstrapping public key
It follows that
For every block Then compute
We can see that
For
Firstly, the FH-SIMD ciphertext
By correctness of block homomorphic equality test algorithm B_Eq?, the homomorphic sum
Suppose that the FH-SIMD scheme secret key
For
In our bootstrapping procedure, for
Suppose that there is an adversary
Our block homomorphic equality test algorithm B_Eq? has a cost of
Compare of the performance of homomorphic equality test algorithm.
algorithm | Enc |
|
|
|
|
---|---|---|---|---|---|
Eq? [ |
0 | 0 |
|
0 | 0 |
B_Eq? | 2 | 2 |
|
2 | 1 |
In the work of Alperin-Sheriff and Peikert [
Suppose that LWE problem has 80 bits security when
The relation between the ciphertext multiplicative quantity and the modulus
On the other hand, for the fixed modulus
The relation between the ciphertext multiplicative quantity and the block size.
Fully homomorphic encryption scheme allows evaluating encrypted data, without decrypting the corresponding ciphertext. In fully homomorphic encryption scheme, the ciphertext has a noise that grows at each homomorphic evaluation. When the noise reaches a threshold, then the ciphertext cannot be decrypted correctly. The number of homomorphic operations can be made asymptotically large using bootstrapping technique.
In this paper, we further investigated the bootstrapping procedure. We proposed the concept of block homomorphic equality test algorithm and give an instance based on the FH-SIMD scheme. Furthermore, we give a faster bootstrapping procedure based on the block homomorphic equality test algorithm. Both theory analysis and experiment simulation validate the higher performance of our bootstrapping than that of the work [
Our underlying data related to the article is the paper as cited as in [
The authors declare that they have no conflicts of interest regarding the publication of this paper.
This work is supported by the National Nature Science Foundation of China under Grant no. 61601515 and Nature Science Foundation of Henan Province under Grant no. 162300410332.