Table of contents

Description

  • Speaker

    Sergiu Carpov - Arcium

Fully homomorphic encryption (FHE) is an encryption scheme that enables the direct execution of arbitrary computations on encrypted data. The first generation of FHE schemes began with Gentry's groundbreaking work in 2019. It relies on a technique called bootstrapping, which reduces noise in FHE ciphertexts. This construction theoretically enables the execution of any arithmetic circuit, but remains slow in practice. A second generation of FHE schemes appeared in 2015 and is referred to as fast bootstrapping schemes. One limitation of the later schemes is that they can only bootstrap one message at a time, but the bootstrapping procedure is relatively fast.

 

This presentation aims to highlight some works on the optimisation of Boolean and arithmetic circuits in the context of FHE. The optimisation of the so-called multiplicative depth of circuits will be discussed. The multiplicative depth is an important metric for the first generation of FHE schemes, as ciphertext size and, consequently, execution performance depend heavily on it. In a second part, we will discuss a circuit mapping problem encountered in the practical application of fast-bootstrapping schemes. 
 

Practical infos

  • Date

    March 21, 2025 (13:45 - 14:45)

  • Location

    IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes Amphi Lebesgue
    Locate on Google Maps

  • Add this presentation to my calendar

  • Video meet

    The seminar is systematically visible by videoconference

    Access the meeting

Next sessions

  • Efficient zero-knowledge proofs and arguments in the CL framework

    • March 07, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Agathe Beaugrand - Institut de Mathématiques de Bordeaux

    The CL encryption scheme, proposed in 2015 by Castagnos and Laguillaumie, is a linearly homomorphic encryption scheme, based on class groups of imaginary quadratic fields. The specificity of these groups is that their order is hard to compute, which means it can be considered unknown. This particularity, while being key in the security of the scheme, brings technical challenges in working with CL,[…]

  • Constant-time lattice reduction for SQIsign

    • March 14, 2025 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Sina Schaeffler

    SQIsign is an isogeny-based signature scheme which has recently advanced to round 2 of NIST's call for additional post-quantum signatures. A central operation in SQIsign is lattice reduction of special full-rank lattices in dimension 4. As these input lattices are secret, this computation must be protected against side-channel attacks. However, known lattice reduction algorithms like the famous[…]

  • Journées C2

    • April 04, 2025 (00:00 - 18:00)

    • Pornichet

Show previous sessions
Page top