Faster Homomorphic Function Evaluation Using Non-integral Base Encoding

  • Charlotte Bonte
  • Carl Bootland
  • Joppe W. Bos
  • Wouter Castryck
  • Ilia Iliashenko
  • Frederik VercauterenEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10529)


In this paper we present an encoding method for real numbers tailored for homomorphic function evaluation. The choice of the degree of the polynomial modulus used in all popular somewhat homomorphic encryption schemes is dominated by security considerations, while with the current encoding techniques the correctness requirement allows for much smaller values. We introduce a generic encoding method using expansions with respect to a non-integral base, which exploits this large degree at the benefit of reducing the growth of the coefficients when performing homomorphic operations. This allows one to choose a smaller plaintext coefficient modulus which results in a significant reduction of the running time. We illustrate our approach by applying this encoding in the setting of homomorphic electricity load forecasting for the smart grid which results in a speed-up by a factor 13 compared to previous work, where encoding was done using balanced ternary expansions.


  1. 1.
    Albrecht, M.R.: On dual lattice attacks against small-secret LWE and parameter choices in HElib and SEAL. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 103–129. Springer, Cham (2017). doi: 10.1007/978-3-319-56614-6_4 CrossRefGoogle Scholar
  2. 2.
    Aliev, I.: Siegel’s lemma and sum-distinct sets. Discrete Comput. Geom. 39(1–3), 59–66 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange - a new hope. In: USENIX Security Symposium. USENIX Association (2016)Google Scholar
  4. 4.
    Arora, S., Ge, R.: New algorithms for learning in presence of errors. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011. LNCS, vol. 6755, pp. 403–415. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22006-7_34 CrossRefGoogle Scholar
  5. 5.
    Bootland, C.: Central Extended Binomial Coefficients and Sums of Powers. In preparationGoogle Scholar
  6. 6.
    Bos, J.W., Castryck, W., Iliashenko, I., Vercauteren, F.: Privacy-friendly forecasting for the smart grid using homomorphic encryption and the group method of data handling. In: Joye, M., Nitaj, A. (eds.) AFRICACRYPT 2017. LNCS, vol. 10239, pp. 184–201. Springer, Cham (2017). doi: 10.1007/978-3-319-57339-7_11 CrossRefGoogle Scholar
  7. 7.
    Bos, J.W., Costello, C., Naehrig, M., Stebila, D.: Post-quantum key exchange for the TLS protocol from the ring learning with errors problem. In: IEEE S&P, pp. 553–570. IEEE Computer Society (2015)Google Scholar
  8. 8.
    Bos, J.W., Lauter, K., Loftus, J., Naehrig, M.: Improved security for a ring-based fully homomorphic encryption scheme. In: Stam, M. (ed.) IMACC 2013. LNCS, vol. 8308, pp. 45–64. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-45239-0_4 CrossRefGoogle Scholar
  9. 9.
    Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: Goldwasser, S. (ed.) ITCS 2012, pp. 309–325. ACM, Janary 2012Google Scholar
  10. 10.
    Brakerski, Z., Vaikuntanathan, V.: Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 505–524. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22792-9_29 CrossRefGoogle Scholar
  11. 11.
    Cheon, J.H., Jeong, J., Lee, J., Lee, K.: Privacy-preserving computations of predictive medical models with minimax approximation and non-adjacent form. In: Proceedings of WAHC 2017. LNCS (2017)Google Scholar
  12. 12.
    Cheon, J.H., Kim, A., Kim, M., Song, Y.: Homomorphic encryption for arithmetic of approximate numbers. Cryptology ePrint Archive, Report 2016/421 (2016).
  13. 13.
    Cohen, H., Miyaji, A., Ono, T.: Efficient elliptic curve exponentiation using mixed coordinates. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 51–65. Springer, Heidelberg (1998). doi: 10.1007/3-540-49649-1_6 CrossRefGoogle Scholar
  14. 14.
    Commission for Energy Regulation. Electricity smart metering customer behaviour trials (CBT) findings report. Technical Report CER11080a (2011).
  15. 15.
    Costache, A., Smart, N.P., Vivek, S.: Faster homomorphic evaluation of Discrete Fourier Transforms. IACR Cryptology ePrint Archive (2016)Google Scholar
  16. 16.
    Costache, A., Smart, N.P., Vivek, S., Waller, A.: Fixed point arithmetic in SHE schemes. In SAC 2016. LNCS. Springer (2016)Google Scholar
  17. 17.
    CryptoExperts. FV-NFLlib (2016).
  18. 18.
    de Moivre, A.: The Doctrine of Chances. Woodfall, London (1738)zbMATHGoogle Scholar
  19. 19.
    Dowlin, N., Gilad-Bachrach, R., Laine, K., Lauter, K., Naehrig, M., Wernsing, J.: Manual for using homomorphic encryption for bioinformatics. Technical report, MSR-TR-2015-87, Microsoft Research (2015)Google Scholar
  20. 20.
    Dowlin, N., Gilad-Bachrach, R., Laine, K., Lauter, K.E., Naehrig, M., Wernsing, J.: Cryptonets: Applying neural networks to encrypted data with high throughput and accuracy. In: Balcan, M., Weinberger, K.Q. (eds.) International Conference on Machine Learning, vol. 48, pp. 201–210 (2016).
  21. 21.
    Eger, S.: Stirling’s approximation for central extended binomial coefficients. Am. Math. Mon. 121, 344–349 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  22. 22.
    Euler, L.: De evolutione potestatis polynomialis cuiuscunque \((1+x+x^2+x^3+x^4+\text{etc.})^n\). Nova Acta Academiae Scientarum Imperialis Petropolitinae, vol. 12, pp. 47–57 (1801)Google Scholar
  23. 23.
    Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. IACR Cryptology ePrint Archive 2012/144 (2012)Google Scholar
  24. 24.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) 41st ACM STOC, pp. 169–178. ACM Press, May/June (2009)Google Scholar
  25. 25.
    Göttert, N., Feller, T., Schneider, M., Buchmann, J., Huss, S.: On the design of hardware building blocks for modern lattice-based encryption schemes. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 512–529. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-33027-8_30 CrossRefGoogle Scholar
  26. 26.
    Güneysu, T., Oder, T., Pöppelmann, T., Schwabe, P.: Software speed records for lattice-based signatures. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 67–82. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38616-9_5 CrossRefGoogle Scholar
  27. 27.
    Lauter, K., López-Alt, A., Naehrig, M.: Private computation on encrypted genomic data. In: Aranha, D.F., Menezes, A. (eds.) LATINCRYPT 2014. LNCS, vol. 8895, pp. 3–27. Springer, Cham (2015). doi: 10.1007/978-3-319-16295-9_1 Google Scholar
  28. 28.
    Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 515–534 (1982)MathSciNetCrossRefzbMATHGoogle Scholar
  29. 29.
    Lyubashevsky, V., Micciancio, D., Peikert, C., Rosen, A.: SWIFFT: A modest proposal for FFT hashing. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 54–72. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-71039-4_4 CrossRefGoogle Scholar
  30. 30.
    Mattner, L., Roos, B.: Maximal probabilities of convolution powers of discrete uniform distributions. Stat. Probab. Lett. 78(17), 2992–2996 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  31. 31.
    Naehrig, M., Lauter, K.E., Vaikuntanathan, V.: Can homomorphic encryption be practical? In: Cachin, C., Ristenpart, T. (eds.) ACM Cloud Computing Security Workshop - CCSW, pp. 113–124. ACM (2011)Google Scholar
  32. 32.
    Pöppelmann, T., Güneysu, T.: Towards practical lattice-based public-key encryption on reconfigurable hardware. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 68–85. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-43414-7_4 CrossRefGoogle Scholar
  33. 33.
    Reitwiesner, G.W.: Binary arithmetic. In: Advances in Computers, vol. 1, pp. 231–308. Academic Press (1960)Google Scholar
  34. 34.
    Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 27–47. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-20465-4_4 CrossRefGoogle Scholar
  35. 35.
    Swanepoel, J.W.: On a generalization of a theorem by Euler. J. Number Theory 149, 46–56 (2015)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2017

Authors and Affiliations

  • Charlotte Bonte
    • 1
  • Carl Bootland
    • 1
  • Joppe W. Bos
    • 2
  • Wouter Castryck
    • 1
    • 3
  • Ilia Iliashenko
    • 1
  • Frederik Vercauteren
    • 1
    • 4
    Email author
  1. 1.imec-Cosic, Department of Electrical EngineeringKU LeuvenLeuvenBelgium
  2. 2.NXP SemiconductorsLeuvenBelgium
  3. 3.Laboratoire Paul PainlevéUniversité de Lille-1Villeneuve-d’AscqFrance
  4. 4.Open Security ResearchShenzhenChina

Personalised recommendations