Packed Ciphertexts in LWE-Based Homomorphic Encryption
In this short note we observe that the Peikert-Vaikuntanathan-Waters (PVW) method of packing many plaintext elements in a single Regev-type ciphertext, can be used for performing SIMD homomorphic operations on packed ciphertext. This provides an alternative to the Smart-Vercauteren (SV) ciphertext-packing technique that relies on polynomial-CRT. While the SV technique is only applicable to schemes that rely on ring-LWE (or other hardness assumptions in ideal lattices), the PVW method can be used also for cryptosystems whose security is based on standard LWE (or more broadly on the hardness of “General-LWE”).
Although using the PVW method with LWE-based schemes leads to worse asymptotic efficiency than using the SV technique with ring-LWE schemes, the simplicity of this method may still offer some practical advantages. Also, the two techniques can be used in tandem with “general-LWE” schemes, suggesting yet another tradeoff that can be optimized for different settings.
KeywordsPolynomial Ring Integer Vector Homomorphic Encryption Oblivious Transfer Hide Vector
Unable to display preview. Download preview PDF.
- [BGV12]Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: Goldwasser, S. (ed.) Innovations in Theoretical Computer Science – ITCS 2012, pp. 309–325. ACM (2012), http://eprint.iacr.org/2011/277
- [BV11a]Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. In: Ostrovsky, R. (ed.) FOCS, pp. 97–106. IEEE (2011)Google Scholar
- [Gen09]Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) Proceedings of the 41st Annual Symposium on Theory of Computing, STOC 2009, pp. 169–178. ACM (2009)Google Scholar
- [Pei09]Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem: extended abstract. In: Mitzenmacher, M. (ed.) Proceedings of the 41st Annual Symposium on Theory of Computing, STOC 2009, pp. 333–342. ACM (2009)Google Scholar
- [Reg09]Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6) (2009)Google Scholar
- [SV11]Smart, N.P., Vercauteren, F.: Fully homomorphic SIMD operations (2011), manuscript at http://eprint.iacr.org/2011/133