A Comparison of the Homomorphic Encryption Schemes FV and YASHE
Tancrède Lepoint,Michael Naehrig +1 more
- Vol. 8469, pp 318-335
Reads0
Chats0
TLDR
Fan and Vercauteren as mentioned in this paper proposed a ring-LWE-based, scale-invariant, leveled homomorphic encryption scheme based on BGV and the YASHE scheme.Abstract:
We conduct a theoretical and practical comparison of two Ring-LWE-based, scale-invariant, leveled homomorphic encryption schemes – Fan and Vercauteren’s adaptation of BGV and the YASHE scheme proposed by Bos, Lauter, Loftus and Naehrig. In particular, we explain how to choose parameters to ensure correctness and security against lattice attacks. Our parameter selection improves the approach of van de Pol and Smart to choose parameters for schemes based on the Ring-LWE problem by using the BKZ-2.0 simulation algorithm.read more
Citations
More filters
Proceedings ArticleDOI
The SIMON and SPECK lightweight block ciphers
TL;DR: Simplicity, security, and flexibility are ever-present yet conflicting goals in cryptographic design and these goals were balanced in the design of Simon and Speck.
Journal ArticleDOI
A Survey on Homomorphic Encryption Schemes: Theory and Implementation
TL;DR: The basics of HE and the details of the well-known Partially Homomorphic Encryption and Somewhat Homomorphic encryption schemes, which are important pillars for achieving FHE, are presented and the implementations and recent improvements in Gentry-type FHE schemes are surveyed.
Posted Content
A Survey on Homomorphic Encryption Schemes: Theory and Implementation
TL;DR: The basics of HE and the details of the well-known Partially Homomorphic Encryption and Somewhat HomomorphicEncryption, which are important pillars of achieving FHE, are presented and the main FHE families, which have become the base for the other follow-up FHE schemes are presented.
Proceedings ArticleDOI
Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem
TL;DR: This work demonstrates the practicality of post-quantum key exchange by constructing cipher suites for the Transport Layer Security (TLS) protocol that provide key exchange based on the ring learning with errors (R-LWE) problem, and accompanies these cipher suites with a rigorous proof of security.
Posted Content
On the concrete hardness of Learning with Errors.
TL;DR: In this article, the authors present hardness results for concrete instances of LWE and give concrete estimates for various families of instances, provide a Sage module for computing these estimates and highlight gaps in the knowledge about algorithms for solving the Learning with Errors problem.
References
More filters
Proceedings ArticleDOI
Fully homomorphic encryption using ideal lattices
TL;DR: This work proposes a fully homomorphic encryption scheme that allows one to evaluate circuits over encrypted data without being able to decrypt, and describes a public key encryption scheme using ideal lattices that is almost bootstrappable.
Journal ArticleDOI
Factoring Polynomials with Rational Coefficients
TL;DR: This paper presents a polynomial-time algorithm to solve the following problem: given a non-zeroPolynomial fe Q(X) in one variable with rational coefficients, find the decomposition of f into irreducible factors in Q (X).
Proceedings ArticleDOI
Leveled) fully homomorphic encryption without bootstrapping
TL;DR: A novel approach to fully homomorphic encryption (FHE) that dramatically improves performance and bases security on weaker assumptions, using some new techniques recently introduced by Brakerski and Vaikuntanathan (FOCS 2011).
Book ChapterDOI
Fully homomorphic encryption over the integers
TL;DR: A fully homomorphic encryption scheme, using only elementary modular arithmetic, that reduces the security of the scheme to finding an approximate integer gcd, and investigates the hardness of this task, building on earlier work of Howgrave-Graham.
Journal ArticleDOI
Lattice basis reduction: improved practical algorithms and solving subset sum problems
Claus-Peter Schnorr,M. Euchner +1 more
TL;DR: Empirical tests show that the strongest of these algorithms solves almost all subset sum problems with up to 66 random weights of arbitrary bit length within at most a few hours on a UNISYS 6000/70 or within a couple of minutes on a SPARC1 + computer.