Homomorphic Encryption for Finite Automata

Genise, Nicholas; Gentry, Craig; Halevi, Shai; Li, Baiyu; Micciancio, Daniele

doi:10.1007/978-3-030-34621-8_17

Cited by 24 publications

(23 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The inhomogeneous NTRU (decision) problem (iNTRU) introduced in [6] consists in distinguishing between a random and a synthetically constructed (ℓ+1)-tuple.…”

Section: Contribution 1: Breaking the Integer Intru Assumptionmentioning

confidence: 99%

“…After introducing the one dimensional version of the inhomogeneous NTRU problem, the authors of [6] generalize it to matrices. The matrix inhomogeneous NTRU (decision) problem (MiNTRU) consists in distinguishing between a randomly sampled and a synthetically constructed matrix.…”

Section: Contribution 2: Generalizing the One-dimensional Attack To Thementioning

confidence: 99%

“…In this work, we consider two novel versions of the NTRU assumption from [6]. We show a practical attack against the one-dimensional version and generalize it to the multidimensional version with small dimension or small noise.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

On the (M)iNTRU Assumption in the Integer Case

Barthel

Müller

Roşie³

2021

Provable and Practical Security

View full text Add to dashboard Cite

In AsiaCrypt 2019, Genise, Gentry, Halevi, Li and Micciancio put forth two novel and intriguing computational hardness hypotheses: The inhomogeneous NTRU (iNTRU) assumption and its matrix version MiNTRU. In this work, we break the integer case of the iNTRU assumption through elementary lattice reduction, and we describe how the attack might be generalized to polynomial rings and to the low dimensional MiNTRU assumption with small noise.

show abstract

“…The inhomogeneous NTRU (decision) problem (iNTRU) introduced in [6] consists in distinguishing between a random and a synthetically constructed (ℓ+1)-tuple.…”

Section: Contribution 1: Breaking the Integer Intru Assumptionmentioning

confidence: 99%

Section: Contribution 2: Generalizing the One-dimensional Attack To Thementioning

confidence: 99%

See 1 more Smart Citation

On the (M)iNTRU Assumption in the Integer Case

Barthel

Müller

Roşie³

2021

Provable and Practical Security

View full text Add to dashboard Cite

show abstract

“…Additional developments include a somewhat homomorphic variation on the GSΩ scheme presented by Genise et al [97]. This scheme uses an inhomogeneous variant of the NTRU assumption (iNTRU) for security, a stronger assumption than LΩE.…”

Section: Implementation and Standardizationmentioning

confidence: 99%

Homomorphic Encryption for Machine Learning in Medicine and Bioinformatics

2020

View full text Add to dashboard Cite

Machine learning and statistical techniques are powerful tools for analyzing large amounts of medical and genomic data. On the other hand, ethical concerns and privacy regulations prevent free sharing of this data. Encryption techniques such as fully homomorphic encryption (FHE) enable evaluation over encrypted data. Using FHE, machine learning models such as deep learning, decision trees, and naive Bayes have been implemented for privacy-preserving applications using medical data. These applications include classifying encrypted data and training models on encrypted data. FHE has also been shown to enable secure genomic algorithms, such as paternity and ancestry testing and privacy-preserving applications of genome-wide association studies. This survey provides an overview of fully homomorphic encryption and its applications in medicine and bioinformatics. The high-level concepts behind FHE and its history are introduced and details on current open-source implementations are provided. The state of fully homomorphic encryption for privacy-preserving techniques in machine learning and bioinformatics is reviewed, along with descriptions of how these methods can be implemented in the encrypted domain. CCS Concepts: • Security and privacy → Cryptography; Usability in security and privacy; • Social and professional topics → Medical information policy.

show abstract

“…Some works managed to partly improve the inefficiency by using the "dimension-modulus reduction" technique [16,17] to make ciphertexts have smaller dimensions and coefficients, and some by using the "ciphertext packing" technique [18][19][20] managed to encrypt an array of plaintexts in a single ciphertext and even encrypt a matrix of plaintexts in a single ciphertext [21,22]. But none of them achieved a "sufficiently high" rate; that is, none of them break the rate-1/2 bottleneck.…”

Section: Introductionmentioning

confidence: 99%

Compressible Multikey and Multi-Identity Fully Homomorphic Encryption

Shen

Wang

Chen

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

With the development of new computing models such as cloud computing, user’s data are at the risk of being leaked. Fully homomorphic encryption (FHE) provides a possible way to fundamentally solve the problem. It enables a third party who does not know anything about the secret key and plaintexts to homomorphically perform any computable functions on the corresponding ciphertexts. In 2009, Gentry proposed the first FHE scheme. After that, its inefficiency has always been a bottleneck of the development of practical schemes and applications. At TCC 2019, Gentry and Halevi proposed the first compressible FHE scheme that enables the ratio of plaintext size to the ciphertext size (i.e., the compression rate) to reach 1 − ε for any small ε > 0 under the standard learning with errors (LWE) assumption. However, it is only a single-key one, where the homomorphic evaluation can only be performed over ciphertexts encrypted under the same key. Compared with single-key FHE, multikey FHE is more practical. Multikey FHE enables ciphertexts encrypted under different public keys to be homomorphically computed without having to decrypt these ciphertexts using their own private keys. In addition, in a multi-identity FHE scheme, only identity information and public parameters are required when encrypting, which simplifies certificate-based key management in public key infrastructure. In this paper, a new compressible ciphertext expansion technique is proposed. Then, we use this technique to construct a compressible multikey FHE scheme and a compressible multi-identity FHE scheme to overcome the bottleneck of bandwidth inefficiency in the multikey and multi-identity settings. The two schemes proposed in this paper make it possible that the objects of homomorphic operation can be the ciphertexts encrypted under different keys or different identities before compression, thus solving the single-key defect of the work of Gentry and Halevi.

show abstract

Homomorphic Encryption for Finite Automata

Cited by 24 publications

References 39 publications

On the (M)iNTRU Assumption in the Integer Case

On the (M)iNTRU Assumption in the Integer Case

Homomorphic Encryption for Machine Learning in Medicine and Bioinformatics

Compressible Multikey and Multi-Identity Fully Homomorphic Encryption

Contact Info

Product

Resources

About