Skip to main content
Springer Nature Link
Log in

Amortized Bootstrapping Revisited: Simpler, Asymptotically-Faster, Implemented

  • Conference paper
  • First Online:
Advances in Cryptology – ASIACRYPT 2023 (ASIACRYPT 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14443))

  • 709 Accesses

Abstract

Micciancio and Sorrel (ICALP 2018) proposed a bootstrapping algorithm that can refresh many messages at once with sublinearly many homomorphic operations per message. However, despite the attractive asymptotic cost, it is unclear if their algorithm could ever be practical, which reduces the impact of their results. In this work, we follow their general framework, but propose an amortized bootstrapping procedure that is conceptually simpler and asymptotically cheaper. We reduce the number of homomorphic multiplications per refreshed message from \(O(3^\rho \cdot n^{1/\rho } \cdot \log n)\) to \(O(\rho \cdot n^{1/\rho })\), and the noise overhead from \(\widetilde{O}(n^{2 + 3 \cdot \rho })\) to \(\widetilde{O}(n^{1 + \rho })\), where n is the security level and \(\rho \ge 1\) is a free parameter. We also make it more general, by handling non-binary messages and applying programmable bootstrapping. To obtain a concrete instantiation of our bootstrapping algorithm, we describe a double-CRT (aka RNS) version of the GSW scheme, including a new operation, called shrinking, used to speed-up homomorphic operations by reducing the dimension and ciphertext modulus of the ciphertexts. We also provide a C++ implementation of our algorithm, thus showing for the first time the practicability of the amortized bootstrapping. Moreover, it is competitive with existing bootstrapping algorithms, being even around 3.4 times faster than an equivalent non-amortized version of our bootstrapping.

This paper was mainly written while Hilder V. L. Pereira was in COSIC, KU Leuven.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    GitHub repository: https://github.com/antoniocgj/Amortized-Bootstrapping.

  2. 2.

    A double-CRT version of GSW is implemented in the Lattigo library, but there is no formal description and analysis of the scheme. Moreover, it only includes external products.

  3. 3.

    In [12], a homomorphic multiplication between two GSW ciphertexts is called internal product.

References

  1. zama-ai/tfhe-rs. (May 2023). https://github.com/zama-ai/tfhe-rs. Accessed 13 Oct 2022

  2. Albrecht, M.R., Player, R., Scott, S.: On the concrete hardness of learning with errors. Cryptology ePrint Archive, Report 2015/046 (2015). https://eprint.iacr.org/2015/046

  3. Alperin-Sheriff, J., Peikert, C.: Faster bootstrapping with polynomial error. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 297–314. Springer, Heidelberg (Aug 2014). https://doi.org/10.1007/978-3-662-44371-2_17

  4. Bergerat, L., et al.: Parameter optimization and larger precision for (T)FHE. Cryptology ePrint Archive, Report 2022/704 (2022). https://eprint.iacr.org/2022/704

  5. Boemer, F., Kim, S., Seifu, G., de Souza, F.D., Gopal, V.: Intel HEXL: accelerating homomorphic encryption with intel AVX512-IFMA52. Cryptology ePrint Archive, Report 2021/420 (2021). https://eprint.iacr.org/2021/420

  6. Bonnoron, G., Ducas, L., Fillinger, M.: Large FHE gates from tensored homomorphic accumulator. In: Joux, A., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 18. LNCS, vol. 10831, pp. 217–251. Springer, Heidelberg (May 2018). https://doi.org/10.1007/978-3-319-89339-6_13

  7. Bonte, C., Iliashenko, I., Park, J., Pereira, H.V.L., Smart, N.P.: FINAL: faster FHE instantiated with NTRU and LWE. In: Agrawal, S., Lin, D. (eds.) ASIACRYPT 2022, Part II. LNCS, vol. 13792, pp. 188–215. Springer, Heidelberg (Dec 2022). https://doi.org/10.1007/978-3-031-22966-4_7

  8. Boura, C., Gama, N., Georgieva, M., Jetchev, D.: Chimera: Combining ring-IWE-based fully homomorphic encryption schemes. J. Math. Cryptol. 14(1), 316–338 (2020). https://doi.org/10.1515/jmc-2019-0026

  9. Brakerski, Z., Gentry, C., Halevi, S.: Packed ciphertexts in LWE-based homomorphic encryption. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 1–13. Springer, Heidelberg (Feb/Mar 2013). https://doi.org/10.1007/978-3-642-36362-7_1

  10. Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: Goldwasser, S. (ed.) ITCS 2012, pp. 309–325. ACM (Jan 2012). https://doi.org/10.1145/2090236.2090262

  11. Chillotti, I., Gama, N., Georgieva, M., Izabachène, M.: Faster fully homomorphic encryption: bootstrapping in less than 0.1 seconds. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part I. LNCS, vol. 10031, pp. 3–33. Springer, Heidelberg (Dec 2016). https://doi.org/10.1007/978-3-662-53887-6_1

  12. Chillotti, I., Gama, N., Georgieva, M., Izabachène, M.: TFHE: fast fully homomorphic encryption over the torus. J. Cryptol. 33(1), 34–91 (2020). https://doi.org/10.1007/s00145-019-09319-x

    Article  MathSciNet  Google Scholar 

  13. Ducas, L., Micciancio, D.: FHEW: bootstrapping homomorphic encryption in less than a second. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part I. LNCS, vol. 9056, pp. 617–640. Springer, Heidelberg (Apr 2015). https://doi.org/10.1007/978-3-662-46800-5_24

  14. Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. Cryptology ePrint Archive, Report 2012/144 (2012). https://eprint.iacr.org/2012/144

  15. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) 41st ACM STOC, pp. 169–178. ACM Press (May/Jun 2009). https://doi.org/10.1145/1536414.1536440

  16. Gentry, C., Halevi, S., Smart, N.P.: Fully homomorphic encryption with polylog overhead. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 465–482. Springer, Heidelberg (Apr 2012). https://doi.org/10.1007/978-3-642-29011-4_28

  17. Gentry, C., Sahai, A., Waters, B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 75–92. Springer, Heidelberg (Aug 2013). https://doi.org/10.1007/978-3-642-40041-4_5

  18. Guimarães, A., Pereira, H.V.L., Leeuwen, B.V.: Amortized Bootstrapping Revisited: Simpler, Asymptotically-Faster, Implemented (2023). https://eprint.iacr.org/2023/014 Report Number: 014

  19. Halevi, S., Polyakov, Y., Shoup, V.: An improved RNS variant of the BFV homomorphic encryption scheme. In: Matsui, M. (ed.) CT-RSA 2019. LNCS, vol. 11405, pp. 83–105. Springer, Heidelberg (Mar 2019). https://doi.org/10.1007/978-3-030-12612-4_5

  20. Halevi, S., Shoup, V.: Bootstrapping for HElib. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part I. LNCS, vol. 9056, pp. 641–670. Springer, Heidelberg (Apr 2015). https://doi.org/10.1007/978-3-662-46800-5_25

  21. Kim, A., et al.: General bootstrapping approach for RLWE-based homomorphic encryption. Cryptology ePrint Archive, Report 2021/691 (2021). https://eprint.iacr.org/2021/691

  22. Kim, A., Polyakov, Y., Zucca, V.: Revisiting homomorphic encryption schemes for finite fields. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021, Part III. LNCS, vol. 13092, pp. 608–639. Springer, Heidelberg (Dec 2021). https://doi.org/10.1007/978-3-030-92078-4_21

  23. Lee, Y., et al.: Efficient FHEW bootstrapping with small evaluation keys, and applications to threshold homomorphic encryption. Cryptology ePrint Archive, Report 2022/198 (2022). https://eprint.iacr.org/2022/198

  24. Liu, F.H., Wang, H.: Batch bootstrapping I: a new framework for SIMD bootstrapping in polynomial modulus. In: EUROCRYPT 2023, Part III. LNCS, vol. 14006, pp. 321–352. Springer, Heidelberg (2023). https://doi.org/10.1007/978-3-031-30620-4_11

  25. Liu, F.H., Wang, H.: Batch bootstrapping II: bootstrapping polynomial modulus only requires Õ(1) the multiplications amortization. In: EUROCRYPT 2023, Part III. LNCS, vol. 14006, pp. 353–384. Springer, Heidelberg (2023). https://doi.org/10.1007/978-3-031-30620-4_12

  26. Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1–23. Springer, Heidelberg (May/Jun 2010). https://doi.org/10.1007/978-3-642-13190-5_1

  27. MATZOV: Report on the Security of LWE: Improved Dual Lattice Attack (Apr 2022). https://doi.org/10.5281/zenodo.6412487

  28. Micciancio, D., Sorrell, J.: Ring packing and amortized FHEW bootstrapping. In: Chatzigiannakis, I., Kaklamanis, C., Marx, D., Sannella, D. (eds.) ICALP 2018. LIPIcs, vol. 107, pp. 100:1–100:14. Schloss Dagstuhl (Jul 2018).https://doi.org/10.4230/LIPIcs.ICALP.2018.100

  29. Micheli, G.D., Kim, D., Micciancio, D., Suhl, A.: Faster Amortized FHEW bootstrapping using Ring Automorphisms (2023). https://eprint.iacr.org/2023/112. Report Number: 112

  30. Nussbaumer, H.: Fast polynomial transform algorithms for digital convolution. IEEE Trans. Acoust. Speech Signal Process. 28(2), 205–215 (1980)

    Google Scholar 

  31. Pereira, H.V.L.: Bootstrapping fully homomorphic encryption over the integers in less than one second. In: Garay, J. (ed.) PKC 2021, Part I. LNCS, vol. 12710, pp. 331–359. Springer, Heidelberg (May 2021). https://doi.org/10.1007/978-3-030-75245-3_13

  32. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) 37th ACM STOC, pp. 84–93. ACM Press (May 2005). https://doi.org/10.1145/1060590.1060603

Download references

Acknowledgments

This work has been supported in part by Cyber Security Research Flanders with reference number VR20192203, by the Defence Advanced Research Projects Agency (DARPA) under contract No. HR0011-21-C-0034 DARPA DPRIVE BASALISC, and by the FWO under an Odysseus project GOH9718N. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of DARPA, the US Government, or Cyber Security Research Flanders. The U.S. Government is authorized to reproduce and distribute reprints for governmental purposes notwithstanding any copyright annotation therein. This work was done while A. Guimarães was visiting the Department of Computer Science of Aarhus University. He is supported by the São Paulo Research Foundation under grants 2013/08293-7, 2019/12783-6, and 2021/09849-5.

Author information

Authors and Affiliations

  1. Institute of Computing, University of Campinas, Campinas, Brazil

    Antonio Guimarães & Hilder V. L. Pereira

  2. imec-COSIC, KU Leuven, Leuven, Belgium

    Barry van Leeuwen

Authors
  1. Antonio Guimarães
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hilder V. L. Pereira
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Barry van Leeuwen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hilder V. L. Pereira .

Editor information

Editors and Affiliations

  1. Nanyang Technological University, Singapore, Singapore

    Jian Guo

  2. Monash University, Melbourne, VIC, Australia

    Ron Steinfeld

Rights and permissions

Reprints and permissions

Copyright information

© 2023 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Guimarães, A., Pereira, H.V.L., van Leeuwen, B. (2023). Amortized Bootstrapping Revisited: Simpler, Asymptotically-Faster, Implemented. In: Guo, J., Steinfeld, R. (eds) Advances in Cryptology – ASIACRYPT 2023. ASIACRYPT 2023. Lecture Notes in Computer Science, vol 14443. Springer, Singapore. https://doi.org/10.1007/978-981-99-8736-8_1

Download citation

  • DOI: https://doi.org/10.1007/978-981-99-8736-8_1

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-99-8735-1

  • Online ISBN: 978-981-99-8736-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics