International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

ModHE: Modular Homomorphic Encryption Using Module Lattices: Potentials and Limitations

Authors:
Anisha Mukherjee , Graz University of Technology, Graz, Austria
Aikata Aikata , Graz University of Technology, Graz, Austria
Ahmet Can Mert , Graz University of Technology, Graz, Austria
Yongwoo Lee , Inha University, Incheon, Republic of Korea
Sunmin Kwon , Samsung Advanced Institute of Technology, Suwon, Republic of Korea
Maxim Deryabin , Samsung Advanced Institute of Technology, Suwon, Republic of Korea
Sujoy Sinha Roy , Graz University of Technology, Graz, Austria
Download:
DOI: 10.46586/tches.v2024.i1.527-562
URL: https://tches.iacr.org/index.php/TCHES/article/view/11261
Search ePrint
Search Google
Abstract: The promising field of homomorphic encryption enables functions to be evaluated on encrypted data and produce results for the same computations done on plaintexts. It, therefore, comes as no surprise that many ventures at constructing homomorphic encryption schemes have come into the limelight in recent years. Most popular are those that rely on the hard lattice problem, called the Ring Learning with Errors problem (RLWE). One major limitation of these homomorphic encryption schemes is that in order to securely increase the maximum multiplicative depth, they need to increase the polynomial-size (degree of the polynomial ring) thereby also ncreasing the complexity of the design. We aim to bridge this gap by proposing a homomorphic encryption (HE) scheme based on the Module Learning with Errors problem (MLWE), ModHE that allows us to break the big computations into smaller ones. Given the popularity of module lattice-based post-quantum schemes, it is an evidently interesting research endeavor to also formulate module lattice-based homomorphic encryption schemes. While our proposed scheme is general, as a case study, we port the well-known RLWE-based CKKS scheme to the MLWE setting. The module version of the scheme completely stops the polynomial-size blowups when aiming for a greater circuit depth. Additionally, it presents greater opportunities for designing flexible, reusable, and parallelizable hardware architecture. A hardware implementation is provided to support our claims. We also acknowledge that as we try to decrease the complexity of computations, the amount of computations (such as relinearizations) increases. We hope that the potential and limitations of using such a hardware-friendly scheme will spark further research.
BibTeX
@article{tches-2023-33677,
  title={ModHE: Modular Homomorphic Encryption Using Module Lattices: Potentials and Limitations},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={024 No. 1},
  pages={527-562},
  url={https://tches.iacr.org/index.php/TCHES/article/view/11261},
  doi={10.46586/tches.v2024.i1.527-562},
  author={Anisha Mukherjee and Aikata Aikata and Ahmet Can Mert and Yongwoo Lee and Sunmin Kwon and Maxim Deryabin and Sujoy Sinha Roy},
  year=2023
}