Abstract
With the development of new computing models such as cloud computing, user’s data are at the risk of being leaked. Fully homomorphic encryption (FHE) provides a possible way to fundamentally solve the problem. It enables a third party who does not know anything about the secret key and plaintexts to homomorphically perform any computable functions on the corresponding ciphertexts. In 2009, Gentry proposed the first FHE scheme. After that, its inefficiency has always been a bottleneck of the development of practical schemes and applications. At TCC 2019, Gentry and Halevi proposed the first compressible FHE scheme that enables the ratio of plaintext size to the ciphertext size (i.e., the compression rate) to reach1−εfor any smallε>0under the standard learning with errors (LWE) assumption. However, it is only a single-key one, where the homomorphic evaluation can only be performed over ciphertexts encrypted under the same key. Compared with single-key FHE, multikey FHE is more practical. Multikey FHE enables ciphertexts encrypted under different public keys to be homomorphically computed without having to decrypt these ciphertexts using their own private keys. In addition, in a multi-identity FHE scheme, only identity information and public parameters are required when encrypting, which simplifies certificate-based key management in public key infrastructure. In this paper, a new compressible ciphertext expansion technique is proposed. Then, we use this technique to construct a compressible multikey FHE scheme and a compressible multi-identity FHE scheme to overcome the bottleneck of bandwidth inefficiency in the multikey and multi-identity settings. The two schemes proposed in this paper make it possible that the objects of homomorphic operation can be the ciphertexts encrypted under different keys or different identities before compression, thus solving the single-key defect of the work of Gentry and Halevi.
Highlights
We are quickly entering a new digital era where huge amounts of data will be stored and operated remotely in powerful cloud servers
A natural question is the following: how can we extend their idea of compressible single-key Fully homomorphic encryption (FHE) into compressible multikey FHE (MKFHE) or compressible Multi-identity FHE (MIFHE) to achieve an optimal compression rate even in the multikey and multi-identity cases? In other words, we want to construct a compressible MKFHE scheme and a compressible MIFHE scheme that enable ciphertexts encrypted under different public keys and different identities to perform homomorphic operations without having to decrypt these ciphertexts using their own private keys
We prove the semantic security of our construction by relying on the semantic security of the underlying matrix version of GSW-FHE scheme. e proof consists of the following hybrids: (1) Firstly, we alter each of the ciphertexts (V(i,1x,y,b), V(i,2x,y,b)), where x ∈ [t], y ∈ [m], b ∈ [rl] so that, instead of being GSW ciphertexts of Ri[y, b], we change them to GSW ciphertexts of 0
Summary
We are quickly entering a new digital era where huge amounts of data will be stored and operated remotely in powerful cloud servers. A natural question is the following: how can we extend their idea of compressible single-key FHE into compressible MKFHE or compressible MIFHE to achieve an optimal compression rate even in the multikey and multi-identity cases? A new compressible expansion algorithm is proposed, which makes it possible to construct the first compressible MKFHE scheme, as well as the first compressible MIFHE scheme, while the construction of Gentry and Halevi only works for compressible single-key FHE. Their approach is based on two ideas: Using matrix versions of LWE and GSW-FHE [4] They noticed that the conventional GSW-FHE uses only one “slot” when decrypting, i.e., b [1, −s]C μ[1, −s]G +[1, −s] R ≈ [μ, −μs]G. E additional compression algorithm does not compromise security and the key-generation, encryption, and evaluation algorithms are basically the same as the ones of matrix version of GSW-FHE. Please refer to [23]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
