Fully Homomorphic Encryption (FHE) supports computation on encrypted data without the need for decryption, thereby enabling secure outsourcing of computing to an untrusted cloud. Subsequently, motivated by application scenarios where private information is offered by different data owners, Multi-Key Fully Homomorphic Encryption (MKFHE) and Threshold Fully Homomorphic Encryption (ThFHE) were successively introduced. However, both MKFHE and ThFHE have some limitations: MKFHE requires the participation of all members during the decryption process and does not support decryption using a subset of members, while ThFHE requires pre-fixed participants and does not support dynamic joining or exiting.To address these limitations, in this paper, we propose a new notion called Hierarchical Threshold Multi-key Fully Homomorphic Encryption (HTM-FHE), which combines the features of MKFHE and ThFHE, incorporating the advantages of both. Then we provide the first construction of HTM-FHE based on lattice, denoted as HTM-TFHE. Our scheme can evaluate a binary gate on ciphertexts encrypted under different groups’ public keys followed by a bootstrapping procedure. The semantic and simulation security of HTM-TFHE is proven under the LWE assumption. Furthermore, HTM-TFHE supports fine-grained access control for encrypted data, which provides benefits in practical applications.
Read full abstract