Skip to main content
Article thumbnail
Location of Repository

Instructor: Boaz Barak Fully Homomorphic Encryption- Part II

By Scribe Elette Boyle


We continue our discussion on the fully homomorphic encryption scheme of van Dijk, Gentry, Halevi, and Vaikuntanathan [vDGHV10]. Last week we constructed a weakly homomorphic encryption scheme such that for any pair of properly generated ciphertexts c ← Enc(b), c ← Enc(b), the sum or product of c, c yields a value that decrypts to the sum (resp, product) of the original underlying plaintexts. That is, Dec(Add(c, c)) = b ⊕ b and Dec(Mult(c, c)) = b · b. However, the scheme suffered from two problems: 1) the cipertext formed as the output of the Add or Mult operation does not have the same distribution as a ciphertext properly generated via the Enc algorithm, and 2) if we try to perform too many Add and Mult operations, we are no longer guaranteed decryption to the correct value (indeed, in the scheme, the noise in the ciphertext grows larger in each operation and will eventually lead to a nonempty intersection of the set of encryptions of 0 and 1). As we discussed last week, these two problems will be solved if we can construct the following two operations: • ReRand(X): takes as input any encryption of a bit b with noise ≤ 2n0.4 (for example, in our scheme this includes the bit b itself!) and outputs a ciphertext with noise ≤ 2n0.5 with the correct distribution ReRand(X) ≈s Enc 2n0.

Year: 2011
OAI identifier: oai:CiteSeerX.psu:
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.