Abstract
Amortized bootstrapping offers a way to simultaneously refresh many ciphertexts of a fully homomorphic encryption scheme, at a total cost comparable to that of refreshing a single ciphertext. An amortization method for FHEW-style cryptosystems was first proposed by (Micciancio and Sorrell, ICALP 2018), who showed that the amortized cost of bootstrapping n FHEW-style ciphertexts can be reduced from \(\tilde{O}(n)\) basic cryptographic operations to just \(\tilde{O}(n^{\epsilon })\), for any constant \(\epsilon >0\). However, despite the promising asymptotic saving, the algorithm was rather impractical due to a large constant (exponential in \(1/\epsilon \)) hidden in the asymptotic notation. In this work, we propose an alternative amortized bootstrapping method with much smaller overhead, still achieving \(O(n^\epsilon )\) asymptotic amortized cost, but with a hidden constant that is only linear in \(1/\epsilon \), and with reduced noise growth. This is achieved following the general strategy of (Micciancio and Sorrell), but replacing their use of the Nussbaumer transform, with a much more practical Number Theoretic Transform, with multiplication by twiddle factors implemented using ring automorphisms. A key technical ingredient to do this is a new “scheme switching” technique proposed in this paper which may be of independent interest.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
In general, it holds that \(\textsf {cov}(XY,XZ)= E(X^2)E(Y)E(Z)- E(X)^2E(Y)E(Z)\) for any random variables X, Y and Z. Therefore, if \(E(Y)=E(Z)=0\), then \(\textsf {cov}(XY,XZ)=0\).
- 2.
When \(i=0\), it starts with a single input polynomial modulo \(X^N-\omega ^0\).
References
Al Badawi, A., et al.: OpenFHE: open-source fully homomorphic encryption library. In: Proceedings of the 10th Workshop on Encrypted Computing & Applied Homomorphic Cryptography, pp. 53–63 (2022)
Alperin-Sheriff, J., Peikert, C.: Practical bootstrapping in quasilinear time. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 1–20. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_1
Bonnoron, G., Ducas, L., Fillinger, M.: Large FHE gates from tensored homomorphic accumulator. In: Joux, A., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2018. LNCS, vol. 10831, pp. 217–251. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89339-6_13
Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. ACM Trans. Comput. Theory 6(3), 13:1–13:36 (2014). https://doi.org/10.1145/2633600
Chillotti, I., Gama, N., Georgieva, M., Izabachène, M.: TFHE: fast fully homomorphic encryption over the torus. J. Cryptol. 33(1), 34–91 (2020)
DeMicheli, G., Kim, D., Micciancio, D., Suhl, A.: Faster amortized fhew bootstrapping using ring automorphisms. Cryptology ePrint Archive, Paper 2023/112 (2023). https://eprint.iacr.org/2023/112
Ducas, L., Micciancio, D.: FHEW: bootstrapping homomorphic encryption in less than a second. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 617–640. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_24
Gentry, C.: A fully homomorphic encryption scheme. Stanford university (2009)
Gentry, C., Halevi, S., Smart, N.P.: Fully homomorphic encryption with polylog overhead. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 465–482. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_28
Gentry, C., Halevi, S., Smart, N.P.: Homomorphic evaluation of the AES circuit. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 850–867. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_49
Guimarães, A., Pereira, H.V.L., van Leeuwen, B.: Amortized bootstrapping revisited: simpler, asymptotically-faster, implemented. In: Guo, J., Steinfeld, R. (eds.) Advances in Cryptology – ASIACRYPT 2023. ASIACRYPT 2023. LNCS, vol. 14443, pp. 3–35. Springer, Singapore (2023). https://doi.org/10.1007/978-981-99-8736-8_1
Halevi, S., Shoup, V.: Algorithms in HElib. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 554–571. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_31
Halevi, S., Shoup, V.: Faster homomorphic linear transformations in HElib. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 93–120. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96884-1_4
Kim, A., et al.: General bootstrapping approach for RLWE-based homomorphic encryption. IEEE Trans. Comput. (2023)
Lee, Y., et al.: Efficient FHEW bootstrapping with small evaluation keys, and applications to threshold homomorphic encryption. Cryptology ePrint Archive (2022)
Liu, F.H., Wang, H.: Batch bootstrapping I: a new framework for SIMD bootstrapping in polynomial modulus. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology – EUROCRYPT 2023. EUROCRYPT 2023. LNCS, vol. 14006, pp. 321–352. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30620-4_11
Liu, F.H., Wang, H.: Batch bootstrapping II: bootstrapping in polynomial modulus only requires \(\widetilde{O}\)(1) FHE multiplications in amortization. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology – EUROCRYPT 2023. EUROCRYPT 2023. LNCS, vol. 14006, pp. 353–384. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30620-4_12
Liu, Z., Wang, Y.: Amortized functional bootstrapping in less than 7 ms, with \(\widetilde{O}\)(1) polynomial multiplications. In: Guo, J., Steinfeld, R. (eds.) Advances in Cryptology – ASIACRYPT 2023. ASIACRYPT 2023. LNCS, vol. 14443, pp. 101–132. Springer, Singapore (2023). https://doi.org/10.1007/978-981-99-8736-8_4
Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. J. ACM 60(6), 43:1–43:35 (2013). https://doi.org/10.1145/2535925
Micciancio, D., Polyakov, Y.: Bootstrapping in FHEW-like cryptosystems. In: Proceedings of the 9th on Workshop on Encrypted Computing & Applied Homomorphic Cryptography, pp. 17–28 (2021)
Micciancio, D., Sorrell, J.: Ring packing and amortized FHEW bootstrapping. In: Chatzigiannakis, I., Kaklamanis, C., Marx, D., Sannella, D. (eds.) 45th International Colloquium on Automata, Languages, and Programming, ICALP 2018, 9–13 July 2018, Prague, Czech Republic. LIPIcs, vol. 107, pp. 100:1–100:14. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2018). https://doi.org/10.4230/LIPIcs.ICALP.2018.100
Stehlé, D., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 617–635. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_36
Acknowledgement
Research supported in part by the Swiss National Science Foundation Early Postdoc Mobility Fellowship, Intel Cryptographic Frontiers award, NSF Award CNS-1936703, and SAIT Global Research Cluster.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 International Association for Cryptologic Research
About this paper
Cite this paper
De Micheli, G., Kim, D., Micciancio, D., Suhl, A. (2024). Faster Amortized FHEW Bootstrapping Using Ring Automorphisms. In: Tang, Q., Teague, V. (eds) Public-Key Cryptography – PKC 2024. PKC 2024. Lecture Notes in Computer Science, vol 14604. Springer, Cham. https://doi.org/10.1007/978-3-031-57728-4_11
Download citation
DOI: https://doi.org/10.1007/978-3-031-57728-4_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-57727-7
Online ISBN: 978-3-031-57728-4
eBook Packages: Computer ScienceComputer Science (R0)
