Security Guidelines for Implementing Homomorphic Encryption
Authors
Jean-Philippe Bossuat, Rosario Cammarota, Ilaria Chillotti, Benjamin R. Curtis, Wei Dai, Huijing Gong, Erin Hales, Duhyeong Kim, Bryan Kumara, Changmin Lee, Xianhui Lu, Carsten Maple, Alberto Pedrouzo-Ulloa, Rachel Player, Yuriy Polyakov, Luis Antonio Ruiz Lopez, Yongsoo Song, Donggeon Yhee
Jean-Philippe Bossuat
Independent, Switzerland
jeanphilippe dot bossuat at gmail dot com
jeanphilippe dot bossuat at gmail dot com
Rosario Cammarota
Intel Labs, USA
rosario dot cammarota at intel dot com
rosario dot cammarota at intel dot com
Ilaria Chillotti
Benjamin R. Curtis
Zama, France
ben dot curtis at zama dot ai
ben dot curtis at zama dot ai
Wei Dai
TikTok Inc., USA
weidai3141 at gmail dot com
weidai3141 at gmail dot com
Huijing Gong
Intel Labs, USA
huijing dot gong at intel dot com
huijing dot gong at intel dot com
Erin Hales
Royal Holloway, University of London, UK
erin dot hales dot 2018 at live dot rhul dot ac dot uk
erin dot hales dot 2018 at live dot rhul dot ac dot uk
Duhyeong Kim
Intel Labs, USA
duhyeong dot kim at intel dot com
duhyeong dot kim at intel dot com
Bryan Kumara
The Alan Turing Institute, UK
bkumara at turing dot ac dot uk
bkumara at turing dot ac dot uk
Changmin Lee
Korea Institute for Advanced Study, South Korea
changminlee at kias dot re dot kr
changminlee at kias dot re dot kr
Xianhui Lu
Chinese Academy of Sciences, China
luxianhui at iie dot ac dot cn
luxianhui at iie dot ac dot cn
Carsten Maple
The Alan Turing Institute, UK
University of Warwick, UK
CM at warwick dot ac dot uk
University of Warwick, UK
CM at warwick dot ac dot uk
Alberto Pedrouzo-Ulloa
atlanTTic, Universidade de Vigo, Spain
apedrouzo at gts dot uvigo dot es
apedrouzo at gts dot uvigo dot es
Rachel Player
Royal Holloway, University of London, UK
rachel dot player at rhul dot ac dot uk
rachel dot player at rhul dot ac dot uk
Yuriy Polyakov
Duality Technologies, USA
ypolyakov at dualitytech dot com
ypolyakov at dualitytech dot com
Luis Antonio Ruiz Lopez
Lorica Cybersecurity, USA
luis at loricacyber dot com
luis at loricacyber dot com
Yongsoo Song
Seoul National University, South Korea
y dot song at snu dot ac dot kr
y dot song at snu dot ac dot kr
Keywords:
Fully Homomorphic Encryption
Homomorphic Encryption
Learning With Errors
Parameter Selection
Concrete Security
BFV
BGV
CKKS
DM
CGGI
Abstract
Fully Homomorphic Encryption (FHE) is a cryptographic primitive that allows performing arbitrary operations on encrypted data. Since the conception of the idea in [RAD78], it has been considered a holy grail of cryptography. After the first construction in 2009 [Gen09], it has evolved to become a practical primitive with strong security guarantees. Most modern constructions are based on well-known lattice problems such as Learning With Errors (LWE). Besides its academic appeal, in recent years FHE has also attracted significant attention from industry, thanks to its applicability to a considerable number of real-world use-cases. An upcoming standardization effort by ISO/IEC aims to support the wider adoption of these techniques. However, one of the main challenges that standards bodies, developers, and end users usually encounter is establishing parameters. This is particularly hard in the case of FHE because the parameters are not only related to the security level of the system, but also to the type of operations that the system is able to handle. In this paper we provide examples of parameter sets for LWE targeting particular security levels, that can be used in the context of FHE constructions. We also give examples of complete FHE parameter sets, including the parameters relevant for correctness and performance, alongside those relevant for security. As an additional contribution, we survey the parameter selection support offered in open-source FHE libraries.
References
[AA22]
Furkan Aydin and Aydin Aysu. Exposing Side-Channel Leakage of SEAL Homomorphic Encryption Library. In Chip-Hong Chang, Ulrich Rührmair, Debdeep Mukhopadhyay, and Domenic Forte, editors, Proceedings of the 2022 Workshop on Attacks and Solutions in Hardware Security, ASHES 2022, Los Angeles, CA, USA, 11 November 2022, pages 95–100. 2022. ACM. DOI: 10.1145/3560834.3563833
[ABD16]
Martin R. Albrecht, Shi Bai, and Léo Ducas. A Subfield Lattice Attack on Overstretched NTRU Assumptions - Cryptanalysis of Some FHE and Graded Encoding Schemes. In Matthew Robshaw and Jonathan Katz, editors, Advances in Cryptology - CRYPTO 2016 - 36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14-18, 2016, Proceedings, Part I, volume 9814 of Lecture Notes in Computer Science, pages 153–178. 2016. Springer. DOI: 10.1007/978-3-662-53018-4_6
[ABD+20]
Roberto Avanzi, Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Peter Schwabe, Gregor Seiler, and Damien Stehlé. CRYSTALS-Kyber, Algorithm Specifications And Supporting Documentation (version 3.0). (Accessed on 04/18/2023). https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf. October 2020.
[ABMP24]
Andreea Alexandru, Ahmad Al Badawi, Daniele Micciancio, and Yuriy Polyakov. Application-Aware Approximate Homomorphic Encryption: Configuring FHE for Practical Use. IACR Cryptol. ePrint Arch., 2024.
[ACC+19]
Martin R. Albrecht, Melissa Chase, Hao Chen, Jintai Ding, Shafi Goldwasser, Sergey Gorbunov, Shai Halevi, Jeffrey Hoffstein, Kim Laine, Kristin E. Lauter, Satya Lokam, Daniele Micciancio, Dustin Moody, Travis Morrison, Amit Sahai, and Vinod Vaikuntanathan. Homomorphic Encryption Standard. IACR Cryptol. ePrint Arch., 2019.
[ACC+21]
Martin Albrecht, Melissa Chase, Hao Chen, Jintai Ding, Shafi Goldwasser, Sergey Gorbunov, Shai Halevi, Jeffrey Hoffstein, Kim Laine, Kristin Lauter, Satya Lokam, Daniele Micciancio, Dustin Moody, Travis Morrison, Amit Sahai, and Vinod Vaikuntanathan. Homomorphic Encryption Standard. In Kristin Lauter, Wei Dai, and Kim Laine, editors, Protecting Privacy through Homomorphic Encryption, pages 31–62. Springer International Publishing, Cham 2021. DOI: 10.1007/978-3-030-77287-1_2
[ACD+18]
Martin R. Albrecht, Benjamin R. Curtis, Amit Deo, Alex Davidson, Rachel Player, Eamonn W. Postlethwaite, Fernando Virdia, and Thomas Wunderer. Estimate All the {LWE, NTRU} Schemes!. In Dario Catalano and Roberto De Prisco, editors, Security and Cryptography for Networks - 11th International Conference, SCN 2018, Amalfi, Italy, September 5-7, 2018, Proceedings, volume 11035 of Lecture Notes in Computer Science, pages 351–367. 2018. Springer. DOI: 10.1007/978-3-319-98113-0_19
[ACF+15]
Martin R. Albrecht, Carlos Cid, Jean-Charles Faugère, Robert Fitzpatrick, and Ludovic Perret. Algebraic algorithms for LWE problems. ACM Commun. Comput. Algebra, 49(2):62, 2015. DOI: 10.1145/2815111.2815158
[ACPS09]
Benny Applebaum, David Cash, Chris Peikert, and Amit Sahai. Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems. In Shai Halevi, editor, Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings, volume 5677 of Lecture Notes in Computer Science, pages 595–618. 2009. Springer. DOI: 10.1007/978-3-642-03356-8_35
[ACW19]
Martin R. Albrecht, Benjamin R. Curtis, and Thomas Wunderer. Exploring Trade-offs in Batch Bounded Distance Decoding. In Kenneth G. Paterson and Douglas Stebila, editors, Selected Areas in Cryptography - SAC 2019 - 26th International Conference, Waterloo, ON, Canada, August 12-16, 2019, Revised Selected Papers, volume 11959 of Lecture Notes in Computer Science, pages 467–491. 2019. Springer. DOI: 10.1007/978-3-030-38471-5_19
[ADPS16]
Erdem Alkim, Léo Ducas, Thomas Pöppelmann, and Peter Schwabe. Post-quantum Key Exchange - A New Hope. In Thorsten Holz and Stefan Savage, editors, 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016, pages 327–343. 2016. USENIX Association.
[AG11]
Sanjeev Arora and Rong Ge. New Algorithms for Learning in Presence of Errors. In Luca Aceto, Monika Henzinger, and Jirí Sgall, editors, Automata, Languages and Programming - 38th International Colloquium, ICALP 2011, Zurich, Switzerland, July 4-8, 2011, Proceedings, Part I, volume 6755 of Lecture Notes in Computer Science, pages 403–415. 2011. Springer. DOI: 10.1007/978-3-642-22006-7_34
[AGHV22]
Adi Akavia, Craig Gentry, Shai Halevi, and Margarita Vald. Achievable CCA2 Relaxation for Homomorphic Encryption. In Eike Kiltz and Vinod Vaikuntanathan, editors, Theory of Cryptography - 20th International Conference, TCC 2022, Chicago, IL, USA, November 7-10, 2022, Proceedings, Part II, volume 13748 of Lecture Notes in Computer Science, pages 70–99. 2022. Springer. DOI: 10.1007/978-3-031-22365-5_3
[AGPS20]
Martin R. Albrecht, Vlad Gheorghiu, Eamonn W. Postlethwaite, and John M. Schanck. Estimating Quantum Speedups for Lattice Sieves. In Shiho Moriai and Huaxiong Wang, editors, Advances in Cryptology - ASIACRYPT 2020 - 26th International Conference on the Theory and Application of Cryptology and Information Security, Daejeon, South Korea, December 7-11, 2020, Proceedings, Part II, volume 12492 of Lecture Notes in Computer Science, pages 583–613. 2020. Springer. DOI: 10.1007/978-3-030-64834-3_20
[AKP+22]
Furkan Aydin, Emre Karabulut, Seetal Potluri, Erdem Alkim, and Aydin Aysu. RevEAL: Single-Trace Side-Channel Leakage of the SEAL Homomorphic Encryption Library. In Cristiana Bolchini, Ingrid Verbauwhede, and Elena-Ioana Vatajelu, editors, 2022 Design, Automation & Test in Europe Conference & Exhibition, DATE 2022, Antwerp, Belgium, March 14-23, 2022, pages 1527–1532. 2022. IEEE. DOI: 10.23919/DATE54114.2022.9774724
[Alb17]
Martin R. Albrecht. On Dual Lattice Attacks Against Small-Secret LWE and Parameter Choices in HElib and SEAL. In Jean-Sébastien Coron and Jesper Buus Nielsen, editors, Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30 - May 4, 2017, Proceedings, Part II, volume 10211 of Lecture Notes in Computer Science, pages 103–129. 2017. DOI: 10.1007/978-3-319-56614-6_4
[APS15a]
Martin R. Albrecht, Rachel Player, and Sam Scott. On the concrete hardness of Learning with Errors. J. Math. Cryptol., 9(3):169–203, 2015. DOI: 10.1515/jmc-2015-0016
[APS15b]
Martin R. Albrecht, Rachel Player, and Sam Scott. On the concrete hardness of Learning with Errors. J. Math. Cryptol., 9(3):169–203, 2015. DOI: 10.1515/jmc-2015-0016
[AS22]
Martin R. Albrecht and Yixin Shen. Quantum Augmented Dual Attack. CoRR, abs/2205.13983, 2022. DOI: 10.48550/ARXIV.2205.13983
[Bar20]
Elaine Barker. Recommendation for Key Management: Part 1 – General. Technical report number NIST Special Publication 800-57 Part 1, Revision 5, U.S. Department of Commerce. 2020.
[BBB+22]
Ahmad Al Badawi, Jack Bates, Flávio Bergamaschi, David Bruce Cousins, Saroja Erabelli, Nicholas Genise, Shai Halevi, Hamish Hunt, Andrey Kim, Yongwoo Lee, Zeyu Liu, Daniele Micciancio, Ian Quah, Yuriy Polyakov, R. V. Saraswathy, Kurt Rohloff, Jonathan Saylor, Dmitriy Suponitsky, Matthew Triplett, Vinod Vaikuntanathan, and Vincent Zucca. OpenFHE: Open-Source Fully Homomorphic Encryption Library. In Michael Brenner, Anamaria Costache, and Kurt Rohloff, editors, Proceedings of the 10th Workshop on Encrypted Computing & Applied Homomorphic Cryptography, Los Angeles, CA, USA, 7 November 2022, pages 53–63. 2022. ACM. DOI: 10.1145/3560827.3563379
[BBB+23]
Loris Bergerat, Anas Boudi, Quentin Bourgerie, Ilaria Chillotti, Damien Ligier, Jean-Baptiste Orfila, and Samuel Tap. Parameter Optimization and Larger Precision for (T)FHE. J. Cryptol., 36(3):28, 2023. DOI: 10.1007/s00145-023-09463-5
[BCC+22]
Youngjin Bae, Jung Hee Cheon, Wonhee Cho, Jaehyung Kim, and Taekyung Kim. META-BTS: Bootstrapping Precision Beyond the Limit. In Heng Yin, Angelos Stavrou, Cas Cremers, and Elaine Shi, editors, Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022, pages 223–234. 2022. ACM. DOI: 10.1145/3548606.3560696
[BCM+24]
Jean-Philippe Bossuat, Anamaria Costache, Christian Mouchet, Lea Nürnberger, and Juan Ramón Troncoso-Pastoriza. Practical q-IND-CPA-D-Secure Approximate Homomorphic Encryption. IACR Cryptol. ePrint Arch., 2024.
[BDF18]
Guillaume Bonnoron, Léo Ducas, and Max Fillinger. Large FHE Gates from Tensored Homomorphic Accumulator. In Antoine Joux, Abderrahmane Nitaj, and Tajjeeddine Rachidi, editors, Progress in Cryptology - AFRICACRYPT 2018 - 10th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 7-9, 2018, Proceedings, volume 10831 of Lecture Notes in Computer Science, pages 217–251. 2018. Springer. DOI: 10.1007/978-3-319-89339-6_13
[BDGL16]
Anja Becker, Léo Ducas, Nicolas Gama, and Thijs Laarhoven. New directions in nearest neighbor searching with applications to lattice sieving. In Robert Krauthgamer, editor, Proceedings of the Twenty-Seventh Annual ACM-SIAM Symposium on Discrete Algorithms, SODA 2016, Arlington, VA, USA, January 10-12, 2016, pages 10–24. 2016. SIAM. DOI: 10.1137/1.9781611974331.ch2
[BDPS13]
Alexandra Boldyreva, Jean Paul Degabriele, Kenneth G. Paterson, and Martijn Stam. On Symmetric Encryption with Distinguishable Decryption Failures. In Shiho Moriai, editor, Fast Software Encryption - 20th International Workshop, FSE 2013, Singapore, March 11-13, 2013. Revised Selected Papers, volume 8424 of Lecture Notes in Computer Science, pages 367–390. 2013. Springer. DOI: 10.1007/978-3-662-43933-3_19
[BG14]
Shi Bai and Steven D. Galbraith. Lattice Decoding Attacks on Binary LWE. In Willy Susilo and Yi Mu, editors, Information Security and Privacy - 19th Australasian Conference, ACISP 2014, Wollongong, NSW, Australia, July 7-9, 2014. Proceedings, volume 8544 of Lecture Notes in Computer Science, pages 322–337. 2014. Springer. DOI: 10.1007/978-3-319-08344-5_21
[BGV12]
Zvika Brakerski, Craig Gentry, and Vinod Vaikuntanathan. (Leveled) fully homomorphic encryption without bootstrapping. In Shafi Goldwasser, editor, Innovations in Theoretical Computer Science 2012, Cambridge, MA, USA, January 8-10, 2012, pages 309–325. 2012. ACM. DOI: 10.1145/2090236.2090262
[BIP+22]
Charlotte Bonte, Ilia Iliashenko, Jeongeun Park, Hilder V. L. Pereira, and Nigel P. Smart. FINAL: Faster FHE Instantiated with NTRU and LWE. In Shweta Agrawal and Dongdai Lin, editors, Advances in Cryptology - ASIACRYPT 2022 - 28th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, December 5-9, 2022, Proceedings, Part II, volume 13792 of Lecture Notes in Computer Science, pages 188–215. 2022. Springer. DOI: 10.1007/978-3-031-22966-4_7
[BL21]
Daniel J. Bernstein and Tanja Lange. Non-randomness of S-unit lattices. IACR Cryptol. ePrint Arch., 2021.
[BLLN13]
Joppe W. Bos, Kristin E. Lauter, Jake Loftus, and Michael Naehrig. Improved Security for a Ring-Based Fully Homomorphic Encryption Scheme. In Martijn Stam, editor, Cryptography and Coding - 14th IMA International Conference, IMACC 2013, Oxford, UK, December 17-19, 2013. Proceedings, volume 8308 of Lecture Notes in Computer Science, pages 45–64. 2013. Springer. DOI: 10.1007/978-3-642-45239-0_4
[BLLW22]
Lei Bi, Xianhui Lu, Junjie Luo, and Kunpeng Wang. Hybrid Dual and Meet-LWE Attack. In Khoa Nguyen, Guomin Yang, Fuchun Guo, and Willy Susilo, editors, Information Security and Privacy - 27th Australasian Conference, ACISP 2022, Wollongong, NSW, Australia, November 28-30, 2022, Proceedings, volume 13494 of Lecture Notes in Computer Science, pages 168–188. 2022. Springer. DOI: 10.1007/978-3-031-22301-3_9
[BLP+13]
Zvika Brakerski, Adeline Langlois, Chris Peikert, Oded Regev, and Damien Stehlé. Classical hardness of learning with errors. In Dan Boneh, Tim Roughgarden, and Joan Feigenbaum, editors, Symposium on Theory of Computing Conference, STOC'13, Palo Alto, CA, USA, June 1-4, 2013, pages 575–584. 2013. ACM. DOI: 10.1145/2488608.2488680
[BMTH21]
Jean-Philippe Bossuat, Christian Mouchet, Juan Ramón Troncoso-Pastoriza, and Jean-Pierre Hubaux. Efficient Bootstrapping for Approximate Homomorphic Encryption with Non-sparse Keys. In Anne Canteaut and François-Xavier Standaert, editors, Advances in Cryptology - EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, October 17-21, 2021, Proceedings, Part I, volume 12696 of Lecture Notes in Computer Science, pages 587–617. 2021. Springer. DOI: 10.1007/978-3-030-77870-5_21
[BR15]
Jean-François Biasse and Luis Ruiz. FHEW with Efficient Multibit Bootstrapping. In Kristin E. Lauter and Francisco Rodríguez-Henríquez, editors, Progress in Cryptology - LATINCRYPT 2015 - 4th International Conference on Cryptology and Information Security in Latin America, Guadalajara, Mexico, August 23-26, 2015, Proceedings, volume 9230 of Lecture Notes in Computer Science, pages 119–135. 2015. Springer. DOI: 10.1007/978-3-319-22174-8_7
[Bra12]
Zvika Brakerski. Fully Homomorphic Encryption without Modulus Switching from Classical GapSVP. In Reihaneh Safavi-Naini and Ran Canetti, editors, Advances in Cryptology - CRYPTO 2012 - 32nd Annual Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2012. Proceedings, volume 7417 of Lecture Notes in Computer Science, pages 868–886. 2012. Springer. DOI: 10.1007/978-3-642-32009-5_50
[BSW12]
Dan Boneh, Gil Segev, and Brent Waters. Targeted malleability: homomorphic encryption for restricted computations. In Shafi Goldwasser, editor, Innovations in Theoretical Computer Science 2012, Cambridge, MA, USA, January 8-10, 2012, pages 350–366. 2012. ACM. DOI: 10.1145/2090236.2090264
[BTH22]
Jean-Philippe Bossuat, Juan Ramón Troncoso-Pastoriza, and Jean-Pierre Hubaux. Bootstrapping for Approximate Homomorphic Encryption with Negligible Failure-Probability by Using Sparse-Secret Encapsulation. In Giuseppe Ateniese and Daniele Venturi, editors, Applied Cryptography and Network Security - 20th International Conference, ACNS 2022, Rome, Italy, June 20-23, 2022, Proceedings, volume 13269 of Lecture Notes in Computer Science, pages 521–541. 2022. Springer. DOI: 10.1007/978-3-031-09234-3_26
[BY87]
Ernest F. Brickell and Yacov Yacobi. On Privacy Homomorphisms (Extended Abstract). In David Chaum and Wyn L. Price, editors, Advances in Cryptology - EUROCRYPT '87, Workshop on the Theory and Application of of Cryptographic Techniques, Amsterdam, The Netherlands, April 13-15, 1987, Proceedings, volume 304 of Lecture Notes in Computer Science, pages 117–125. 1987. Springer. DOI: 10.1007/3-540-39118-5_12
[CCP+24]
Jung Hee Cheon, Hyeongmin Choe, Alain Passelègue, Damien Stehlé, and Elias Suvanto. Attacks Against the IND-CPA\({}^{\mbox{D}}\) Security of Exact FHE Schemes. In Bo Luo, Xiaojing Liao, Jun Xu, Engin Kirda, and David Lie, editors, Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, CCS 2024, Salt Lake City, UT, USA, October 14-18, 2024, pages 2505–2519. 2024. ACM. DOI: 10.1145/3658644.3690341
[CCS19]
Hao Chen, Ilaria Chillotti, and Yongsoo Song. Improved Bootstrapping for Approximate Homomorphic Encryption. In Yuval Ishai and Vincent Rijmen, editors, Advances in Cryptology - EUROCRYPT 2019 - 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19-23, 2019, Proceedings, Part II, volume 11477 of Lecture Notes in Computer Science, pages 34–54. 2019. Springer. DOI: 10.1007/978-3-030-17656-3_2
[CDPR16]
Ronald Cramer, Léo Ducas, Chris Peikert, and Oded Regev. Recovering Short Generators of Principal Ideals in Cyclotomic Rings. In Marc Fischlin and Jean-Sébastien Coron, editors, Advances in Cryptology - EUROCRYPT 2016 - 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, May 8-12, 2016, Proceedings, Part II, volume 9666 of Lecture Notes in Computer Science, pages 559–585. 2016. Springer. DOI: 10.1007/978-3-662-49896-5_20
[CGGI16]
Ilaria Chillotti, Nicolas Gama, Mariya Georgieva, and Malika Izabachène. Faster Fully Homomorphic Encryption: Bootstrapping in Less Than 0.1 Seconds. In Jung Hee Cheon and Tsuyoshi Takagi, editors, Advances in Cryptology - ASIACRYPT 2016 - 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4-8, 2016, Proceedings, Part I, volume 10031 of Lecture Notes in Computer Science, pages 3–33. 2016. DOI: 10.1007/978-3-662-53887-6_1
[CGGI17]
Ilaria Chillotti, Nicolas Gama, Mariya Georgieva, and Malika Izabachène. Faster Packed Homomorphic Operations and Efficient Circuit Bootstrapping for TFHE. In Tsuyoshi Takagi and Thomas Peyrin, editors, Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3-7, 2017, Proceedings, Part I, volume 10624 of Lecture Notes in Computer Science, pages 377–408. 2017. Springer. DOI: 10.1007/978-3-319-70694-8_14
[CH18]
Hao Chen and Kyoohyung Han. Homomorphic Lower Digits Removal and Improved FHE Bootstrapping. In Jesper Buus Nielsen and Vincent Rijmen, editors, Advances in Cryptology - EUROCRYPT 2018 - 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29 - May 3, 2018 Proceedings, Part I, volume 10820 of Lecture Notes in Computer Science, pages 315–337. 2018. Springer. DOI: 10.1007/978-3-319-78381-9_12
[CHHS19]
Jung Hee Cheon, Minki Hhan, Seungwan Hong, and Yongha Son. A Hybrid of Dual and Meet-in-the-Middle Attack on Sparse and Ternary Secret LWE. IEEE Access, 7:89497–89506, 2019. DOI: 10.1109/ACCESS.2019.2925425
[CHK+16]
Jung Hee Cheon, Kyoohyung Han, Jinsu Kim, Changmin Lee, and Yongha Son. A Practical Post-Quantum Public-Key Cryptosystem Based on \textsf spLWE. In Seokhie Hong and Jong Hwan Park, editors, Information Security and Cryptology - ICISC 2016 - 19th International Conference, Seoul, South Korea, November 30 - December 2, 2016, Revised Selected Papers, volume 10157 of Lecture Notes in Computer Science, pages 51–74. 2016. DOI: 10.1007/978-3-319-53177-9_3
[CHK+18]
Jung Hee Cheon, Kyoohyung Han, Andrey Kim, Miran Kim, and Yongsoo Song. Bootstrapping for Approximate Homomorphic Encryption. In Jesper Buus Nielsen and Vincent Rijmen, editors, Advances in Cryptology - EUROCRYPT 2018 - 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29 - May 3, 2018 Proceedings, Part I, volume 10820 of Lecture Notes in Computer Science, pages 360–384. 2018. Springer. DOI: 10.1007/978-3-319-78381-9_14
[CHK20]
Jung Hee Cheon, Seungwan Hong, and Duhyeong Kim. Remark on the Security of CKKS Scheme in Practice. IACR Cryptol. ePrint Arch., 2020.
[CJL16]
Jung Hee Cheon, Jinhyuck Jeong, and Changmin Lee. An algorithm for NTRU problems and cryptanalysis of the GGH multilinear map without a low-level encoding of zero. LMS J. Comput. Math., 19(A):255–266, 2016. DOI: 10.1112/S1461157016000371
[CKKS17]
Jung Hee Cheon, Andrey Kim, Miran Kim, and Yong Soo Song. Homomorphic Encryption for Arithmetic of Approximate Numbers. In Tsuyoshi Takagi and Thomas Peyrin, editors, Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3-7, 2017, Proceedings, Part I, volume 10624 of Lecture Notes in Computer Science, pages 409–437. 2017. Springer. DOI: 10.1007/978-3-319-70694-8_15
[CL21]
André Chailloux and Johanna Loyer. Lattice Sieving via Quantum Random Walks. In Mehdi Tibouchi and Huaxiong Wang, editors, Advances in Cryptology - ASIACRYPT 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6-10, 2021, Proceedings, Part IV, volume 13093 of Lecture Notes in Computer Science, pages 63–91. 2021. Springer. DOI: 10.1007/978-3-030-92068-5_3
[CP19]
Benjamin R. Curtis and Rachel Player. On the Feasibility and Impact of Standardising Sparse-secret LWE Parameter Sets for Homomorphic Encryption. In Michael Brenner, Tancrède Lepoint, and Kurt Rohloff, editors, Proceedings of the 7th ACM Workshop on Encrypted Computing & Applied Homomorphic Cryptography, WAHC@CCS 2019, London, UK, November 11-15, 2019, pages 1–10. 2019. ACM. DOI: 10.1145/3338469.3358940
[CP23]
José Cabrero-Holgueras and Sergio Pastrana. Towards automated homomorphic encryption parameter selection with fuzzy logic and linear programming. Expert Syst. Appl., 229(Part A):120460, 2023. DOI: 10.1016/J.ESWA.2023.120460
[CSBB24]
Marina Checri, Renaud Sirdey, Aymen Boudguiga, and Jean-Paul Bultel. On the Practical CPA\({}^{\mbox{D}}\) Security of "exact" and Threshold FHE Schemes and Libraries. In Leonid Reyzin and Douglas Stebila, editors, Advances in Cryptology - CRYPTO 2024 - 44th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2024, Proceedings, Part III, volume 14922 of Lecture Notes in Computer Science, pages 3–33. 2024. Springer. DOI: 10.1007/978-3-031-68382-4_1
[CST22]
Kévin Carrier, Yixin Shen, and Jean-Pierre Tillich. Faster Dual Lattice Attacks by Using Coding Theory. IACR Cryptol. ePrint Arch., 2022.
[CSY22]
Jung Hee Cheon, Yongha Son, and Donggeon Yhee. Practical FHE parameters against lattice attacks. Journal of the Korean Mathematical Society, 59:35-51, 2022. DOI: 10.4134/JKMS.J200650
[DDGR20]
Dana Dachman-Soled, Léo Ducas, Huijing Gong, and Mélissa Rossi. LWE with Side Information: Attacks and Concrete Security Estimation. In Daniele Micciancio and Thomas Ristenpart, editors, Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17-21, 2020, Proceedings, Part II, volume 12171 of Lecture Notes in Computer Science, pages 329–358. 2020. Springer. DOI: 10.1007/978-3-030-56880-1_12
[DGHK23]
Dana Dachman-Soled, Huijing Gong, Tom Hanson, and Hunter Kippen. Revisiting Security Estimation for LWE with Hints from a Geometric Perspective. In Helena Handschuh and Anna Lysyanskaya, editors, Advances in Cryptology - CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Santa Barbara, CA, USA, August 20-24, 2023, Proceedings, Part V, volume 14085 of Lecture Notes in Computer Science, pages 748–781. 2023. Springer. DOI: 10.1007/978-3-031-38554-4_24
[DGJ+19]
Jan-Pieter D'Anvers, Qian Guo, Thomas Johansson, Alexander Nilsson, Frederik Vercauteren, and Ingrid Verbauwhede. Decryption Failure Attacks on IND-CCA Secure Lattice-Based Schemes. In Dongdai Lin and Kazue Sako, editors, Public-Key Cryptography - PKC 2019 - 22nd IACR International Conference on Practice and Theory of Public-Key Cryptography, Beijing, China, April 14-17, 2019, Proceedings, Part II, volume 11443 of Lecture Notes in Computer Science, pages 565–598. 2019. Springer. DOI: 10.1007/978-3-030-17259-6_19
[DKS+20]
Roshan Dathathri, Blagovesta Kostova, Olli Saarikivi, Wei Dai, Kim Laine, and Madan Musuvathi. EVA: an encrypted vector arithmetic language and compiler for efficient homomorphic computation. In Alastair F. Donaldson and Emina Torlak, editors, Proceedings of the 41st ACM SIGPLAN International Conference on Programming Language Design and Implementation, PLDI 2020, London, UK, June 15-20, 2020, pages 546–561. 2020. ACM. DOI: 10.1145/3385412.3386023
[DM15]
Léo Ducas and Daniele Micciancio. FHEW: Bootstrapping Homomorphic Encryption in Less Than a Second. In Elisabeth Oswald and Marc Fischlin, editors, Advances in Cryptology - EUROCRYPT 2015 - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part I, volume 9056 of Lecture Notes in Computer Science, pages 617–640. 2015. Springer. DOI: 10.1007/978-3-662-46800-5_24
[DP22]
Nir Drucker and Tomer Pelleg. Timing Leakage Analysis of Non-constant-time NTT Implementations with Harvey Butterflies. In Shlomi Dolev, Jonathan Katz, and Amnon Meisels, editors, Cyber Security, Cryptology, and Machine Learning - 6th International Symposium, CSCML 2022, Be'er Sheva, Israel, June 30 - July 1, 2022, Proceedings, volume 13301 of Lecture Notes in Computer Science, pages 99–117. 2022. Springer. DOI: 10.1007/978-3-031-07689-3_8
[DP23a]
Léo Ducas and Ludo N. Pulles. Accurate Score Prediction for Dual-Sieve Attacks. IACR Cryptol. ePrint Arch., 2023.
[DP23b]
Léo Ducas and Ludo N. Pulles. Does the Dual-Sieve Attack on Learning with Errors Even Work?. In Helena Handschuh and Anna Lysyanskaya, editors, Advances in Cryptology - CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Santa Barbara, CA, USA, August 20-24, 2023, Proceedings, Part III, volume 14083 of Lecture Notes in Computer Science, pages 37–69. 2023. Springer. DOI: 10.1007/978-3-031-38548-3_2
[DvW21]
Léo Ducas and Wessel P. J. van Woerden. NTRU Fatigue: How Stretched is Overstretched?. In Mehdi Tibouchi and Huaxiong Wang, editors, Advances in Cryptology - ASIACRYPT 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6-10, 2021, Proceedings, Part IV, volume 13093 of Lecture Notes in Computer Science, pages 3–32. 2021. Springer. DOI: 10.1007/978-3-030-92068-5_1
[EGMS23]
Andre Esser, Rahul Girme, Arindam Mukherjee, and Santanu Sarkar. Memory-Efficient Attacks on Small LWE Keys. In Jian Guo and Ron Steinfeld, editors, Advances in Cryptology - ASIACRYPT 2023 - 29th International Conference on the Theory and Application of Cryptology and Information Security, Guangzhou, China, December 4-8, 2023, Proceedings, Part IV, volume 14441 of Lecture Notes in Computer Science, pages 72–105. 2023. Springer. DOI: 10.1007/978-981-99-8730-6_3
[EJK20]
Thomas Espitau, Antoine Joux, and Natalia Kharchenko. On a Dual/Hybrid Approach to Small Secret LWE - A Dual/Enumeration Technique for Learning with Errors and Application to Security Estimates of FHE Schemes. In Karthikeyan Bhargavan, Elisabeth Oswald, and Manoj Prabhakaran, editors, Progress in Cryptology - INDOCRYPT 2020 - 21st International Conference on Cryptology in India, Bangalore, India, December 13-16, 2020, Proceedings, volume 12578 of Lecture Notes in Computer Science, pages 440–462. 2020. Springer. DOI: 10.1007/978-3-030-65277-7_20
[EL23]
Tune Insight EPFL-LDS. Lattigo v5. https://github.com/tuneinsight/lattigo. 2023.
[FHR22]
Prastudy Fauzi, Martha Norberg Hovd, and Håvard Raddum. On the IND-CCA1 Security of FHE Schemes. Cryptography, 6(1):13, 2022. DOI: 10.3390/CRYPTOGRAPHY6010013
[FV12]
Junfeng Fan and Frederik Vercauteren. Somewhat Practical Fully Homomorphic Encryption. IACR Cryptol. ePrint Arch., 2012.
[Gee24]
Robin Geelen. Revisiting the Slot-to-Coefficient Transformation for BGV and BFV. IACR Commun. Cryptol., 1(3):37, 2024. DOI: 10.62056/A01ZOGY4E-
[Gen09]
Craig Gentry. Fully homomorphic encryption using ideal lattices. In Michael Mitzenmacher, editor, Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, Bethesda, MD, USA, May 31 - June 2, 2009, pages 169–178. 2009. ACM. DOI: 10.1145/1536414.1536440
[GIKV23]
Robin Geelen, Ilia Iliashenko, Jiayi Kang, and Frederik Vercauteren. On Polynomial Functions Modulo p\({}^{\mbox{e}}\) and Faster Bootstrapping for Homomorphic Encryption. In Carmit Hazay and Martijn Stam, editors, Advances in Cryptology - EUROCRYPT 2023 - 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Lyon, France, April 23-27, 2023, Proceedings, Part III, volume 14006 of Lecture Notes in Computer Science, pages 257–286. 2023. Springer. DOI: 10.1007/978-3-031-30620-4_9
[GJ21]
Qian Guo and Thomas Johansson. Faster Dual Lattice Attacks for Solving LWE with Applications to CRYSTALS. In Mehdi Tibouchi and Huaxiong Wang, editors, Advances in Cryptology - ASIACRYPT 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6-10, 2021, Proceedings, Part IV, volume 13093 of Lecture Notes in Computer Science, pages 33–62. 2021. Springer. DOI: 10.1007/978-3-030-92068-5_2
[GJS15]
Qian Guo, Thomas Johansson, and Paul Stankovski. Coded-BKW: Solving LWE Using Lattice Codes. In Rosario Gennaro and Matthew Robshaw, editors, Advances in Cryptology - CRYPTO 2015 - 35th Annual Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2015, Proceedings, Part I, volume 9215 of Lecture Notes in Computer Science, pages 23–42. 2015. Springer. DOI: 10.1007/978-3-662-47989-6_2
[GKPV10]
Shafi Goldwasser, Yael Tauman Kalai, Chris Peikert, and Vinod Vaikuntanathan. Robustness of the Learning with Errors Assumption. In Andrew Chi-Chih Yao, editor, Innovations in Computer Science - ICS 2010, Tsinghua University, Beijing, China, January 5-7, 2010. Proceedings, pages 230–240. 2010. Tsinghua University Press.
[GNSJ24]
Qian Guo, Denis Nabokov, Elias Suvanto, and Thomas Johansson. Key Recovery Attacks on Approximate Homomorphic Encryption with Non-Worst-Case Noise Flooding Countermeasures. In Davide Balzarotti and Wenyuan Xu, editors, 33rd USENIX Security Symposium, USENIX Security 2024, Philadelphia, PA, USA, August 14-16, 2024. 2024. USENIX Association.
[GV23]
Robin Geelen and Frederik Vercauteren. Bootstrapping for BGV and BFV Revisited. J. Cryptol., 36(2):12, 2023. DOI: 10.1007/S00145-023-09454-6
[HGS99]
Chris Hall, Ian Goldberg, and Bruce Schneier. Reaction Attacks against several Public-Key Cryptosystems. In Vijay Varadharajan and Yi Mu, editors, Information and Communication Security, Second International Conference, ICICS'99, Sydney, Australia, November 9-11, 1999, Proceedings, volume 1726 of Lecture Notes in Computer Science, pages 2–12. 1999. Springer. DOI: 10.1007/978-3-540-47942-0_2
[HK20]
Kyoohyung Han and Dohyeong Ki. Better Bootstrapping for Approximate Homomorphic Encryption. In Stanislaw Jarecki, editor, Topics in Cryptology - CT-RSA 2020 - The Cryptographers' Track at the RSA Conference 2020, San Francisco, CA, USA, February 24-28, 2020, Proceedings, volume 12006 of Lecture Notes in Computer Science, pages 364–390. 2020. Springer. DOI: 10.1007/978-3-030-40186-3_16
[HKLS22]
Minki Hhan, Jiseung Kim, Changmin Lee, and Yongha Son. How to Meet Ternary LWE Keys on Babai's Nearest Plane. IACR Cryptol. ePrint Arch., 2022.
[How07]
Nick Howgrave-Graham. A Hybrid Lattice-Reduction and Meet-in-the-Middle Attack Against NTRU. In Alfred Menezes, editor, Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007, Proceedings, volume 4622 of Lecture Notes in Computer Science, pages 150–169. 2007. Springer. DOI: 10.1007/978-3-540-74143-5_9
[HPS98]
Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman. NTRU: A Ring-Based Public Key Cryptosystem. In Joe Buhler, editor, Algorithmic Number Theory, Third International Symposium, ANTS-III, Portland, Oregon, USA, June 21-25, 1998, Proceedings, volume 1423 of Lecture Notes in Computer Science, pages 267–288. 1998. Springer. DOI: 10.1007/BFb0054868
[HS20]
Shai Halevi and Victor Shoup. Design and implementation of HElib: a homomorphic encryption library. IACR Cryptol. ePrint Arch., 2020.
[HS21]
Shai Halevi and Victor Shoup. Bootstrapping for HElib. J. Cryptol., 34(1):7, 2021. DOI: 10.1007/S00145-020-09368-7
[HSS23]
Patrick Hough, Caroline Sandsbråten, and Tjerand Silde. Concrete NTRU Security and Advances in Practical Lattice-Based Electronic Voting. IACR Cryptol. ePrint Arch., 2023.
[JR23]
Samuel Jaques and Arthur G. Rattew. QRAM: A Survey and Critique. 2023.
[JVC18]
Chiraag Juvekar, Vinod Vaikuntanathan, and Anantha P. Chandrakasan. GAZELLE: A Low Latency Framework for Secure Neural Network Inference. In William Enck and Adrienne Porter Felt, editors, 27th USENIX Security Symposium, USENIX Security 2018, Baltimore, MD, USA, August 15-17, 2018, pages 1651–1669. 2018. USENIX Association.
[KDE+24]
Andrey Kim, Maxim Deryabin, Jieun Eom, Rakyong Choi, Yongwoo Lee, Whan Ghang, and Donghoon Yoo. General Bootstrapping Approach for RLWE-Based Homomorphic Encryption. IEEE Trans. Computers, 73(1):86–96, 2024. DOI: 10.1109/TC.2023.3318405
[KF15]
Paul Kirchner and Pierre-Alain Fouque. An Improved BKW Algorithm for LWE with Applications to Cryptography and Lattices. In Rosario Gennaro and Matthew Robshaw, editors, Advances in Cryptology - CRYPTO 2015 - 35th Annual Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2015, Proceedings, Part I, volume 9215 of Lecture Notes in Computer Science, pages 43–62. 2015. Springer. DOI: 10.1007/978-3-662-47989-6_3
[KF17]
Paul Kirchner and Pierre-Alain Fouque. Revisiting Lattice Attacks on Overstretched NTRU Parameters. In Jean-Sébastien Coron and Jesper Buus Nielsen, editors, Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30 - May 4, 2017, Proceedings, Part I, volume 10210 of Lecture Notes in Computer Science, pages 3–26. 2017. DOI: 10.1007/978-3-319-56620-7_1
[KL21]
Kim Laine Kristin Lauter Wei Dai, editor. Protecting Privacy through Homomorphic Encryption. Springer 2021. DOI: 10.1007/978-3-030-77287-1
[Klu22]
Kamil Kluczniak. NTRU-v-um: Secure Fully Homomorphic Encryption from NTRU with Small Modulus. In Heng Yin, Angelos Stavrou, Cas Cremers, and Elaine Shi, editors, Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022, pages 1783–1797. 2022. ACM. DOI: 10.1145/3548606.3560700
[KMR24]
Elena Kirshanova, Chiara Marcolla, and Sergi Rovira. Guidance for Efficient Selection of Secure Parameters for Fully Homomorphic Encryption. In Serge Vaudenay and Christophe Petit, editors, Progress in Cryptology - AFRICACRYPT 2024 - 15th International Conference on Cryptology in Africa, Douala, Cameroon, July 10-12, 2024, Proceedings, volume 14861 of Lecture Notes in Computer Science, pages 376–400. 2024. Springer. DOI: 10.1007/978-3-031-64381-1_17
[KPZ21]
Andrey Kim, Yuriy Polyakov, and Vincent Zucca. Revisiting Homomorphic Encryption Schemes for Finite Fields. In Mehdi Tibouchi and Huaxiong Wang, editors, Advances in Cryptology - ASIACRYPT 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6-10, 2021, Proceedings, Part III, volume 13092 of Lecture Notes in Computer Science, pages 608–639. 2021. Springer. DOI: 10.1007/978-3-030-92078-4_21
[KS23]
Kamil Kluczniak and Leonard Schild. FDFB: Full Domain Functional Bootstrapping Towards Practical Fully Homomorphic Encryption. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2023(1):501–537, 2023. DOI: 10.46586/TCHES.V2023.I1.501-537
[KSS24]
Jaehyung Kim, Jinyeong Seo, and Yongsoo Song. Simpler and Faster BFV Bootstrapping for Arbitrary Plaintext Modulus from CKKS. In Bo Luo, Xiaojing Liao, Jun Xu, Engin Kirda, and David Lie, editors, Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, CCS 2024, Salt Lake City, UT, USA, October 14-18, 2024, pages 2535–2546. 2024. ACM. DOI: 10.1145/3658644.3670302
[LCK+23]
Yongwoo Lee, Seonyoung Cheon, Dongkwan Kim, Dongyoon Lee, and Hanjun Kim. ELASM: Error-Latency-Aware Scale Management for Fully Homomorphic Encryption. In Joseph A. Calandrino and Carmela Troncoso, editors, 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023, pages 4697–4714. 2023. USENIX Association.
[LHC+22]
Yongwoo Lee, Seonyeong Heo, Seonyoung Cheon, Shinnung Jeong, Changsu Kim, Eunkyung Kim, Dongyoon Lee, and Hanjun Kim. HECATE: Performance-Aware Scale Optimization for Homomorphic Encryption Compiler. In Jae W. Lee, Sebastian Hack, and Tatiana Shpeisman, editors, IEEE/ACM International Symposium on Code Generation and Optimization, CGO 2022, Seoul, Korea, Republic of, April 2-6, 2022, pages 193–204. 2022. IEEE. DOI: 10.1109/CGO53902.2022.9741265
[LLW24]
Eunmin Lee, Joohee Lee, and Yuntao Wang. Improved Meet-LWE Attack via Ternary Trees. IACR Cryptol. ePrint Arch., 2024.
[LM21]
Baiyu Li and Daniele Micciancio. On the Security of Homomorphic Encryption on Approximate Numbers. In Anne Canteaut and François-Xavier Standaert, editors, Advances in Cryptology - EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, October 17-21, 2021, Proceedings, Part I, volume 12696 of Lecture Notes in Computer Science, pages 648–677. 2021. Springer. DOI: 10.1007/978-3-030-77870-5_23
[LMK+23]
Yongwoo Lee, Daniele Micciancio, Andrey Kim, Rakyong Choi, Maxim Deryabin, Jieun Eom, and Donghoon Yoo. Efficient FHEW Bootstrapping with Small Evaluation Keys, and Applications to Threshold Homomorphic Encryption. In Carmit Hazay and Martijn Stam, editors, Advances in Cryptology - EUROCRYPT 2023 - 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Lyon, France, April 23-27, 2023, Proceedings, Part III, volume 14006 of Lecture Notes in Computer Science, pages 227–256. 2023. Springer. DOI: 10.1007/978-3-031-30620-4_8
[LMSS22]
Baiyu Li, Daniele Micciancio, Mark Schultz, and Jessica Sorrell. Securing Approximate Homomorphic Encryption Using Differential Privacy. In Yevgeniy Dodis and Thomas Shrimpton, editors, Advances in Cryptology - CRYPTO 2022 - 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, Proceedings, Part I, volume 13507 of Lecture Notes in Computer Science, pages 560–589. 2022. Springer. DOI: 10.1007/978-3-031-15802-5_20
[LMSV11]
Jake Loftus, Alexander May, Nigel P. Smart, and Frederik Vercauteren. On CCA-Secure Somewhat Homomorphic Encryption. In Ali Miri and Serge Vaudenay, editors, Selected Areas in Cryptography - 18th International Workshop, SAC 2011, Toronto, ON, Canada, August 11-12, 2011, Revised Selected Papers, volume 7118 of Lecture Notes in Computer Science, pages 55–72. 2011. Springer. DOI: 10.1007/978-3-642-28496-0_4
[LN13]
Mingjie Liu and Phong Q. Nguyen. Solving BDD by Enumeration: An Update. In Ed Dawson, editor, Topics in Cryptology - CT-RSA 2013 - The Cryptographers' Track at the RSA Conference 2013, San Francisco,CA, USA, February 25-March 1, 2013. Proceedings, volume 7779 of Lecture Notes in Computer Science, pages 293–309. 2013. Springer. DOI: 10.1007/978-3-642-36095-4_19
[LPR10]
Vadim Lyubashevsky, Chris Peikert, and Oded Regev. On Ideal Lattices and Learning with Errors over Rings. In Henri Gilbert, editor, Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings, volume 6110 of Lecture Notes in Computer Science, pages 1–23. 2010. Springer. DOI: 10.1007/978-3-642-13190-5_1
[LPR13]
Vadim Lyubashevsky, Chris Peikert, and Oded Regev. On Ideal Lattices and Learning with Errors over Rings. J. ACM, 60(6):43:1–43:35, 2013. DOI: 10.1145/2535925
[LS15]
Adeline Langlois and Damien Stehlé. Worst-case to average-case reductions for module lattices. Des. Codes Cryptogr., 75(3):565–599, 2015. DOI: 10.1007/S10623-014-9938-4
[LSW+23]
Cathy Yuanchen Li, Jana Sotáková, Emily Wenger, Mohamed Malhou, Evrard Garcelon, François Charton, and Kristin E. Lauter. SalsaPicante: A Machine Learning Attack on LWE with Binary Secrets. In Weizhi Meng, Christian Damsgaard Jensen, Cas Cremers, and Engin Kirda, editors, Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, November 26-30, 2023, pages 2606–2620. 2023. ACM. DOI: 10.1145/3576915.3623076
[LTV12]
Adriana López-Alt, Eran Tromer, and Vinod Vaikuntanathan. On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In Howard J. Karloff and Toniann Pitassi, editors, Proceedings of the 44th Symposium on Theory of Computing Conference, STOC 2012, New York, NY, USA, May 19 - 22, 2012, pages 1219–1234. 2012. ACM. DOI: 10.1145/2213977.2214086
[LW25]
Zeyu Liu and Yunhao Wang. Relaxed Functional Bootstrapping: A New Perspective on BGV/BFV Bootstrapping. In Kai-Min Chung and Yu Sasaki, editors, Advances in Cryptology – ASIACRYPT 2024, pages 208–240, Singapore. 2025. Springer Nature Singapore. DOI: 10.1007/978-981-96-0875-1_7
[LWA+23]
Cathy Yuanchen Li, Emily Wenger, Zeyuan Allen-Zhu, François Charton, and Kristin E. Lauter. SALSA VERDE: a machine learning attack on LWE with sparse small secrets. In Alice Oh, Tristan Naumann, Amir Globerson, Kate Saenko, Moritz Hardt, and Sergey Levine, editors, Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, NeurIPS 2023, New Orleans, LA, USA, December 10 - 16, 2023. 2023.
[MAT22]
MATZOV. Report on the Security of LWE: Improved Dual Lattice Attack. 2022.
[May21]
Alexander May. How to Meet Ternary LWE Keys. In Tal Malkin and Chris Peikert, editors, Advances in Cryptology - CRYPTO 2021 - 41st Annual International Cryptology Conference, CRYPTO 2021, Virtual Event, August 16-20, 2021, Proceedings, Part II, volume 12826 of Lecture Notes in Computer Science, pages 701–731. 2021. Springer. DOI: 10.1007/978-3-030-84245-1_24
[MCR21]
Muhammad Haris Mughees, Hao Chen, and Ling Ren. OnionPIR: Response Efficient Single-Server PIR. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pages 2292–2306, New York, NY, USA. 2021. Association for Computing Machinery. DOI: 10.1145/3460120.3485381
[MHWW24]
Shihe Ma, Tairong Huang, Anyu Wang, and Xiaoyun Wang. Accelerating BGV Bootstrapping for Large $p$ Using Null Polynomials over $\mathbb{Z}_{p^e}$. In Marc Joye and Gregor Leander, editors, Advances in Cryptology - EUROCRYPT 2024 - 43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zurich, Switzerland, May 26-30, 2024, Proceedings, Part II, volume 14652 of Lecture Notes in Computer Science, pages 403–432. 2024. Springer. DOI: 10.1007/978-3-031-58723-8_14
[ML24]
Guangsheng Ma and Hongbo Li. On the Security of Homomorphic Encryption Schemes with Restricted Decryption Oracles. J. Syst. Sci. Complex., 37(5):2240–2261, 2024. DOI: 10.1007/S11424-024-3221-1
[MML+23]
Johannes Mono, Chiara Marcolla, Georg Land, Tim Güneysu, and Najwa Aaraj. Finding and Evaluating Parameters for BGV. In Nadia El Mrabet, Luca De Feo, and Sylvain Duquesne, editors, Progress in Cryptology - AFRICACRYPT 2023 - 14th International Conference on Cryptology in Africa, Sousse, Tunisia, July 19-21, 2023, Proceedings, volume 14064 of Lecture Notes in Computer Science, pages 370–394. 2023. Springer. DOI: 10.1007/978-3-031-37679-5_16
[MN24]
Mark Manulis and Jérôme Nguyen. Fully Homomorphic Encryption Beyond IND-CCA1 Security: Integrity Through Verifiability. In Marc Joye and Gregor Leander, editors, Advances in Cryptology - EUROCRYPT 2024 - 43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zurich, Switzerland, May 26-30, 2024, Proceedings, Part II, volume 14652 of Lecture Notes in Computer Science, pages 63–93. 2024. Springer. DOI: 10.1007/978-3-031-58723-8_3
[MP21]
Daniele Micciancio and Yuriy Polyakov. Bootstrapping in FHEW-like Cryptosystems. In WAHC '21: Proceedings of the 9th on Workshop on Encrypted Computing & Applied Homomorphic Cryptography, Virtual Event, Korea, 15 November 2021, pages 17–28. 2021. WAHC@ACM. DOI: 10.1145/3474366.3486924
[MR09]
Daniele Micciancio and Oded Regev. Lattice-based Cryptography. In Daniel J. Bernstein, Johannes Buchmann, and Erik Dahmen, editors, Post-Quantum Cryptography, pages 147–191. Springer Berlin Heidelberg, Berlin, Heidelberg 2009. DOI: 10.1007/978-3-540-88702-7_5
[NIS24]
National Institute of Standards NIST and Technology. Module-Lattice-based Key-Encapsulation Mechanism Standard. Technical report number Federal Information Processing Standards Publications (FIPS PUBS) 203 August 13, 2024, U.S. Department of Commerce. 2024.
[NMW+24]
Niklas Nolte, Mohamed Malhou, Emily Wenger, Samuel Stevens, Cathy Yuanchen Li, François Charton, and Kristin E. Lauter. The Cool and the Cruel: Separating Hard Parts of LWE Secrets. In Serge Vaudenay and Christophe Petit, editors, Progress in Cryptology - AFRICACRYPT 2024 - 15th International Conference on Cryptology in Africa, Douala, Cameroon, July 10-12, 2024, Proceedings, volume 14861 of Lecture Notes in Computer Science, pages 428–453. 2024. Springer. DOI: 10.1007/978-3-031-64381-1_19
[OPP23]
Hiroki Okada, Rachel Player, and Simon Pohmann. Homomorphic Polynomial Evaluation Using Galois Structure and Applications to BFV Bootstrapping. In Jian Guo and Ron Steinfeld, editors, Advances in Cryptology - ASIACRYPT 2023 - 29th International Conference on the Theory and Application of Cryptology and Information Security, Guangzhou, China, December 4-8, 2023, Proceedings, Part VI, volume 14443 of Lecture Notes in Computer Science, pages 69–100. 2023. Springer. DOI: 10.1007/978-981-99-8736-8_3
[Pei09]
Chris Peikert. Public-key cryptosystems from the worst-case shortest vector problem: extended abstract. In Michael Mitzenmacher, editor, Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, Bethesda, MD, USA, May 31 - June 2, 2009, pages 333–342. 2009. ACM. DOI: 10.1145/1536414.1536461
[PHS19]
Alice Pellet-Mary, Guillaume Hanrot, and Damien Stehlé. Approx-SVP in Ideal Lattices with Pre-processing. In Yuval Ishai and Vincent Rijmen, editors, Advances in Cryptology - EUROCRYPT 2019 - 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19-23, 2019, Proceedings, Part II, volume 11477 of Lecture Notes in Computer Science, pages 685–716. 2019. Springer. DOI: 10.1007/978-3-030-17656-3_24
[PPM17]
Robert Primas, Peter Pessl, and Stefan Mangard. Single-Trace Side-Channel Attacks on Masked Lattice-Based Encryption. In Wieland Fischer and Naofumi Homma, editors, Cryptographic Hardware and Embedded Systems - CHES 2017 - 19th International Conference, Taipei, Taiwan, September 25-28, 2017, Proceedings, volume 10529 of Lecture Notes in Computer Science, pages 513–533. 2017. Springer. DOI: 10.1007/978-3-319-66787-4_25
[PRS17]
Chris Peikert, Oded Regev, and Noah Stephens-Davidowitz. Pseudorandomness of ring-LWE for any ring and modulus. In Hamed Hatami, Pierre McKenzie, and Valerie King, editors, Proceedings of the 49th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2017, Montreal, QC, Canada, June 19-23, 2017, pages 461–473. 2017. ACM. DOI: 10.1145/3055399.3055489
[PS24]
Amaury Pouly and Yixin Shen. Provable Dual Attacks on Learning with Errors. In Marc Joye and Gregor Leander, editors, Advances in Cryptology - EUROCRYPT 2024 - 43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zurich, Switzerland, May 26-30, 2024, Proceedings, Part VI, volume 14656 of Lecture Notes in Computer Science, pages 256–285. 2024. Springer. DOI: 10.1007/978-3-031-58754-2_10
[RAD78]
Ronald L Rivest, Len Adleman, and Michael L Dertouzos. On data banks and privacy homomorphisms. Foundations of secure computation, 4(11):169–180, 1978.
[Reg05]
Oded Regev. On lattices, learning with errors, random linear codes, and cryptography. In Harold N. Gabow and Ronald Fagin, editors, Proceedings of the 37th Annual ACM Symposium on Theory of Computing, Baltimore, MD, USA, May 22-24, 2005, pages 84–93. 2005. ACM. DOI: 10.1145/1060590.1060603
[Reg09]
Oded Regev. On lattices, learning with errors, random linear codes, and cryptography. J. ACM, 56(6):34:1–34:40, 2009. DOI: 10.1145/1568318.1568324
[SC19]
Yongha Son and Jung Hee Cheon. Revisiting the Hybrid Attack on Sparse Secret LWE and Application to HE Parameters. In Michael Brenner, Tancrède Lepoint, and Kurt Rohloff, editors, Proceedings of the 7th ACM Workshop on Encrypted Computing & Applied Homomorphic Cryptography, WAHC@CCS 2019, London, UK, November 11-15, 2019, pages 11–20. 2019. ACM. DOI: 10.1145/3338469.3358941
[SEA23]
Microsoft SEAL (release 4.1). Microsoft Research, Redmond, WA.. https://github.com/Microsoft/SEAL. January 2023.
[SS11]
Damien Stehlé and Ron Steinfeld. Making NTRU as Secure as Worst-Case Problems over Ideal Lattices. In Kenneth G. Paterson, editor, Advances in Cryptology - EUROCRYPT 2011 - 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings, volume 6632 of Lecture Notes in Computer Science, pages 27–47. 2011. Springer. DOI: 10.1007/978-3-642-20465-4_4
[SSTX09]
Damien Stehlé, Ron Steinfeld, Keisuke Tanaka, and Keita Xagawa. Efficient Public Key Encryption Based on Ideal Lattices. In Mitsuru Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6-10, 2009. Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 617–635. 2009. Springer. DOI: 10.1007/978-3-642-10366-7_36
[SWL+24]
Samuel Stevens, Emily Wenger, Cathy Yuanchen Li, Niklas Nolte, Eshika Saxena, François Charton, and Kristin E. Lauter. SALSA FRESCA: Angular Embeddings and Pre-Training for ML Attacks on Learning With Errors. IACR Cryptol. ePrint Arch., 2024.
[VJH21]
Alexander Viand, Patrick Jattke, and Anwar Hithnawi. SoK: Fully Homomorphic Encryption Compilers. In 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24-27 May 2021, pages 1092–1108. 2021. IEEE. DOI: 10.1109/SP40001.2021.00068
[WCCL22]
Emily Wenger, Mingjie Chen, François Charton, and Kristin E. Lauter. SALSA: Attacking Lattice Cryptography with Transformers. In Sanmi Koyejo, S. Mohamed, A. Agarwal, Danielle Belgrave, K. Cho, and A. Oh, editors, Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, NeurIPS 2022, New Orleans, LA, USA, November 28 - December 9, 2022. 2022.
[XWW+24]
Wenwen Xia, Leizhang Wang, Geng Wang, Dawu Gu, and Baocang Wang. A Refined Hardness Estimation of LWE in Two-Step Mode. In Qiang Tang and Vanessa Teague, editors, Public-Key Cryptography - PKC 2024 - 27th IACR International Conference on Practice and Theory of Public-Key Cryptography, Sydney, NSW, Australia, April 15-17, 2024, Proceedings, Part III, volume 14603 of Lecture Notes in Computer Science, pages 3–35. 2024. Springer. DOI: 10.1007/978-3-031-57725-3_1
[XZD+23]
Binwu Xiang, Jiang Zhang, Yi Deng, Yiran Dai, and Dengguo Feng. Fast Blind Rotation for Bootstrapping FHEs. In Helena Handschuh and Anna Lysyanskaya, editors, Advances in Cryptology - CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Santa Barbara, CA, USA, August 20-24, 2023, Proceedings, Part IV, volume 14084 of Lecture Notes in Computer Science, pages 3–36. 2023. Springer. DOI: 10.1007/978-3-031-38551-3_1
[Zam22a]
Zama. Concrete: TFHE Compiler that converts python programs into FHE equivalent. https://github.com/zama-ai/concrete. 2022.
[Zam22b]
Zama. TFHE-rs: A Pure Rust Implementation of the TFHE Scheme for Boolean and Integer Arithmetics Over Encrypted Data. https://github.com/zama-ai/tfhe-rs. 2022.
PDF
History
Submitted: 2024-10-08
Accepted: 2024-12-03
Published: 2025-01-13
Accepted: 2024-12-03
Published: 2025-01-13
How to cite
Jean-Philippe Bossuat, Rosario Cammarota, Ilaria Chillotti, Benjamin R. Curtis, Wei Dai, Huijing Gong, Erin Hales, Duhyeong Kim, Bryan Kumara, Changmin Lee, Xianhui Lu, Carsten Maple, Alberto Pedrouzo-Ulloa, Rachel Player, Yuriy Polyakov, Luis Antonio Ruiz Lopez, Yongsoo Song, and Donggeon Yhee, Security Guidelines for Implementing Homomorphic Encryption. IACR Communications in Cryptology, vol. 1, no. 4, Jan 13, 2025, doi: 10.62056/anxra69p1.
Citations
There is at least one citation.
License
Copyright is held by the author(s)
This work is licensed under a Creative Commons Attribution (CC BY) license.