CN110855421A - Improved fully homomorphic encryption method - Google Patents

Improved fully homomorphic encryption method Download PDF

Info

Publication number
CN110855421A
CN110855421A CN201911053718.6A CN201911053718A CN110855421A CN 110855421 A CN110855421 A CN 110855421A CN 201911053718 A CN201911053718 A CN 201911053718A CN 110855421 A CN110855421 A CN 110855421A
Authority
CN
China
Prior art keywords
vector
epk
key
ciphertext
homomorphic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911053718.6A
Other languages
Chinese (zh)
Other versions
CN110855421B (en
Inventor
袁巍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gao Xiufen
Original Assignee
Gao Xiufen
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gao Xiufen filed Critical Gao Xiufen
Publication of CN110855421A publication Critical patent/CN110855421A/en
Application granted granted Critical
Publication of CN110855421B publication Critical patent/CN110855421B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Lock And Its Accessories (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses an improved fully homomorphic encryption method, which comprises the following steps: s1, system initialization: setting the maximum multiplication times L and the value of the vector length L, selecting a plaintext space p, and then selecting L prime numbers p according to the requirement of the security parameter0,...,pL‑1So that p is0,...,pL‑1All values of (a) satisfy pi1mod p; calculating parameters
Figure DDA0002255983860000011
Disclosure of all piAnd q isi(ii) a S2, generating a key; s3, generating a public key; s4, encryption calculation: inputting a public key PK and an l-dimensional plaintext vector m, and selecting an l-dimensional random vector v ∈ { -1, 0, 1}lAnd two l-dimensional error vectors e0,e1Calculating c0=vbpk+pe0+m,c1=vapk+pe1 c0=bv+pe0+m,c1=av+pe1Ciphertext CT ═ c0,c1L-1); s5, according to the need, using the public calculation key to perform homomorphic addition and/or homomorphic multiplication operation on the ciphertext CT for any time to obtain CT'; s6, decryption: input ciphertext CT ═ c0,c1I), based on the key SK, m ═ c is calculated0‑sc1)mod qimod p, output plaintext m', where i represents the i-th layer operation. The invention can eliminate error items in decryption and improve the decryption precision.

Description

Improved fully homomorphic encryption method
Technical Field
The invention relates to an improved homomorphic encryption method, and belongs to the technical field of homomorphic encryption.
Background
The fully homomorphic encryption allows a third-party platform to carry out random calculation on a ciphertext under the condition of no decryption, and a plaintext obtained after the calculation result is decrypted is the same as a result obtained by directly carrying out the same calculation on the plaintext. From a security point of view, the homomorphic encryption is based on a difficult problem called learn with error, which is still difficult for quantum computers, and therefore its life cycle is longer than that of encryption methods based on discrete logarithm or factorization. Compared to a non-homomorphic encryption scheme, it removes trust from third party platforms, making it easier to utilize external computing resources, so homomorphic encryption has a wide range of application spaces. Since 2009 Gentry proved that homomorphism is theoretically possible, many researchers proposed various homomorphic schemes, wherein Brakerskyi, Gentry and vaikunttanahan [ BGV12] the scheme proposed by KeySwitch and modulesawitch technologies (BGV for short) (such as "z. brakerski, c. Gentry, and v. vaikunttanahan. (leveled) full homomorphic encryption with outboots mapping. in ITCS, pages 309-325.ACM, 2012") received the most extensive attention, BGV-based algorithms implementing "s. halevi and v. shore. algos in crto 2014, pages 554-571, Sprin, 2014 [ 14] have been used more widely in homomorphic applications. However, the BGV type homomorphic encryption algorithm still has the following problems:
1. accumulated errors are introduced in the process of executing homomorphic multiplication, so that after the multiplication is executed for a certain number of times, the errors are too large, and the decrypted ciphertext can obtain wrong results;
2. in order to enable the BGV ciphertext to execute multiplication, a calculation public key must be provided for each multiplication, so that the storage space for storing the public key is in direct proportion to the expected maximum multiplication number, and the storage cost of the system is relatively large;
the maximum multiplication times of the BGV type algorithm are preset during system initialization, and the multiplication times exceeding the set values cause decryption failure; in addition, in the BGV type algorithm, after each multiplication operation, the ciphertext is mapped from one ciphertext space to another ciphertext space, and each ciphertext space is defined as
Figure BDA0002255983840000011
When i is increased to a certain degree, because qi is too large, the ciphertext calculation time becomes extremely slow, so that the maximum multiplication times executable by BGV are limited due to efficiency, and the maximum multiplication times can be executed only dozens of times.
Disclosure of Invention
The invention aims to provide an improved fully homomorphic encryption method which can effectively solve the problems existing in the prior art, in particular to the problem of low decryption precision caused by the fact that error control cannot be carried out when decryption calculation is carried out.
In order to solve the technical problems, the invention adopts the following technical scheme: an improved fully homomorphic encryption method comprising the steps of: s1, system initialization: setting the maximum multiplication times L and the value of the vector length L, selecting a plaintext space p, and then selecting L prime numbers p according to the requirement of the security parameter0,...,pL-1So that p is0,...,pL-1All values of (a) satisfy pi1mod p; calculating parametersDisclosure of all piAnd q isi
S2, generating a key: selecting an l-dimensional vector s as a key SK;
s3, generating a public key: select a vector a of dimension lpkAnd an l-dimensional error vector ∈pkCalculating the vector bpk=sapk+p∈pkLet PK be (a)pk,bpk) As a public key;
s4, encryption calculation: inputting a public key PK and an l-dimensional plaintext vector m, and selecting an l-dimensional random vector v ∈ { -1, 0, 1}lAnd two l-dimensional error vectors e0,e1Calculating c0=vbpk+pe0+m,c1=vapk+pe1The ciphertext CT ═ c0,c1,L-1);
S5, according to the need, using the public calculation key to perform homomorphic addition and/or homomorphic multiplication operation on the ciphertext CT for any time to obtain CT';
s6, decryption: input ciphertext CT ═ c'0,c′1I), based on the key SK, m ═ c is calculated0′-sc1′)mod qimod p, output plaintext m', where i represents the i-th layer operation.
Preferably, when homomorphic multiplication is performed on the ciphertext, in step S5, the computation public key is generated by the following method: select a vector a of dimension lepkAnd an l-dimensional error vector ∈epkCalculating the vector bpk=saepk+p∈epk-s2(pr +1), r is an arbitrary number, EPK ═ aepk,bepk) As a computed public key for all layers. Because the invention selects L prime numbers p0,...,pL-1So that p is0,...,pL-1All values of (a) satisfy pi1mod p, so the computation public key can be modified, EPK (a)epk,bepk) As a computing public key of all layers, thereby greatly reducing the storage overhead of the system.
Preferably, in step S5, the method for performing homomorphic multiplication on the ciphertext includes the steps of: inputting two ciphertexts of the same layer
Figure BDA0002255983840000021
First calling Switchmodules to get
Figure BDA0002255983840000022
And
Figure BDA0002255983840000023
wherein the content of the first and second substances,
Figure BDA0002255983840000024
Figure BDA0002255983840000025
(not an integer, but can be obtained by an extended Euclidean algorithm, document GHS122]A computing process is described); then calling SwithchKey to obtain CT1' and CT2' product CT ' ═ c '0,c′1I) wherein, c'0=d0pi-bepkd2mod qi,c′1=d1pi-aepkd2mod qi
Figure BDA0002255983840000027
The invention is due to the limitation of p1,…,pL-1Each of p iniThe condition of 1mod p can make the value of an error item constant to 0, and eliminate the error item appearing in decryption; thereby enabling the invention to further remove the SwithchKeyAnd the subsequent SwitchModules operation ensures that the ciphertext after multiplication calculation and the two input ciphertexts are in the same layer, the executable times of multiplication are not limited by the maximum multiplication times L predetermined by system initialization any more, and homomorphic multiplication operation can be executed any time.
Compared with the prior art, the method selects L prime numbers p0,...,pL-1So that p is0,...,pL-1All values of (a) satisfy pi1mod p, so that the value of the error term is constant 0, the error term appearing in decryption is eliminated, and the solution is improvedPrecision of the secret; in addition, the invention selects L prime numbers p0,...,pL-1So that p is0,...,pL-1All values of (a) satisfy pi1mod p, so the computation public key can be modified, EPK (a)epk,bepk) The calculation public key is used as a calculation public key of all layers, so that the storage overhead of the system is greatly reduced and can be ignored. In addition, the present invention is limited by p1,…,pL-1Each of p iniThe condition of 1mod p can make the value of an error item constant to 0, and eliminate the error item appearing in decryption; therefore, the invention can further remove the SwitchModules operation after the switchkey, thereby leading the ciphertext after multiplication calculation and the two input ciphertexts to be in the same layer, leading the executable times of multiplication not to be limited by the maximum multiplication times L predetermined by the system initialization, and being capable of executing homomorphic multiplication operation for any times. For example, in the conventional BGV type algorithm, to perform 100 multiplications, p0, …, and p99 need to be selected, where q99 is equal to p0 × p2 … × p 99; when the multiplication operation is specifically executed, assuming that two input ciphertexts are in the ith layer, the SwitchModules are called to reduce the two input ciphertexts to the ith-1 layer, the product is changed into the ith layer after the switchkey is called, and the SwitchModules are called to reduce the product ciphertexts to the ith-1 layer finally, so that the multiplication operation can not be carried out after the product is finally reduced to the 0 th layer from the 99 th layer, obviously, the multiplication operation at the 99 th layer is much slower than that at the 1 st layer, and even the application requirement can not be met due to low calculation efficiency. If 1000, 10000 or more multiplications are made, a general computer cannot bear the calculation overhead at all. Assuming that 100 multiplications are also required, after the invention is adopted, p0, p1, p2, q2 ═ p0 × p1 × p2 can be selected; when the multiplication operation is executed, firstly, the Switchmodules is called to drop the ciphertext from the layer 2 to the layer 1, and the SwitchKe is calledyThe post product is changed into the layer 2, so that the calculated ciphertext and the two inputted ciphertexts are in the same layer, and each multiplication operation is converted between the layer 1 and the layer 2, and no layer 99 is needed to be set, therefore, the invention can realize homomorphic multiplication operation for any times, and the existing BGV type algorithm can only execute dozens of times due to efficiency problem at most。
In order to verify the effect of the present invention, the inventors conducted the following experimental studies:
under similar conditions (operating in the same configuration environment, the program modulus of the invention is 169511, the program modulus of RSA is 16637, the modulus is substantially similar, so the efficiency comparison is meaningful), the BGV algorithm implemented according to the parameter selection of the invention (i.e., for the prime number p0,...,pL-1Is set so that p0,...,pL-1All values of (a) satisfy piWhen homomorphic multiplication (the SwitchModules operation after removing the switchkey) is carried out by adopting the method of the invention, 15ms is used for alternately executing 5000 times of multiplication and 5000 times of addition, and the time for executing 1000000 times of RSA ciphertext multiplication is also 15ms, namely the BGV efficiency realized by the invention approximately reaches 1/100 of RSA. The feasibility of the method is illustrated, and homomorphic multiplication operation can be executed for any time. And the maximum multiplication times which can be executed by adopting the prior art to carry out homomorphic multiplication are only dozens of times.
Drawings
FIG. 1 is a method flow diagram of one embodiment of the present invention.
In order that the above objects, features and advantages of the present invention can be more clearly understood, a more particular description of the invention will be rendered by reference to the appended drawings. It should be noted that the embodiments and features of the embodiments of the present application may be combined with each other without conflict.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, however, the present invention may be practiced in other ways than those specifically described herein, and therefore the scope of the present invention is not limited by the specific embodiments disclosed below.
Detailed Description
The embodiment of the invention comprises the following steps: an improved fully homomorphic encryption method, as shown in fig. 1, includes the following steps:
s1, system initialization: setting the maximum multiplication times L and the value of the vector length L, selecting a plaintext space p, and then selecting the plaintext space p according to the safetyThe parameter requires the selection of L prime numbers p0,...,pL-1So that p is0,…,pL-1All values of (a) satisfy pi1mod p; calculating parameters
Figure BDA0002255983840000031
Disclosure of all piAnd q isi(p0The value taking method of (1) is the same as that of the existing BGV realization method;
s2, generating a key: selecting an l-dimensional vector s as a key SK;
s3, generating a public key: select a vector a of dimension lpkAnd an l-dimensional error vector ∈pkCalculating the vector bpk=sapk+p∈pkLet PK be (a)pk,bpk) As a public key (said p is a plaintext space);
s4, encryption calculation: inputting a public key PK and an l-dimensional plaintext vector m, and selecting an l-dimensional random vector v ∈ { -1, 0, 1}lAnd two l-dimensional error vectors e0,e1Calculating c0=vbpk+pe0+m,c1=vapk+pe1The ciphertext CT ═ c0,c1,L-1);
S5, according to the need, using the public calculation key to perform homomorphic addition and/or homomorphic multiplication operation on the ciphertext CT for any time to obtain CT';
s6, decryption: input ciphertext CT ═ c'0,c′1I), based on the key SK, m ═ c is calculated0′-sc1′)mod qimod p, output plaintext m', where i represents the i-th layer operation.
Optionally, when homomorphic multiplication is performed on the ciphertext, in step S5, when homomorphic multiplication operation is performed, the calculation public key is generated by the following method: select a vector a of dimension lepkAnd an l-dimensional error vector ∈epkCalculating the vector bpk=saepk+p∈epk-s2(pr +1), r is an arbitrary number (generally, a value range is set at the time of system initialization, r may be an arbitrary integer within the value range), and EPK is set to (a)epk,bepk) As a computed public key for all layers.
Optionally, in step S5, when performing homomorphic multiplication on the ciphertext, the method includes the following steps: inputting two ciphertexts of the same layer
Figure BDA0002255983840000041
First calling Switchmodules to get
Figure BDA0002255983840000042
Andwherein the content of the first and second substances,
Figure BDA0002255983840000044
Figure BDA0002255983840000045
(
Figure BDA0002255983840000046
not an integer, but can be obtained by an extended Euclidean algorithm, document GHS122]A computing process is described); then calling SwithchKey to obtain CT1' and CT2' product CT ' ═ c '0,c′1I) wherein, c'0=d0pi-bepkd2modqi,c′1=d1pi-aepkd2modqi
Figure BDA0002255983840000047
In the above embodiment, the vectors s, apk、apepk、∈pk、∈epk、e0,e1The selection method of (1) is the same as the selection method of the BGV type encryption.
In order to obtain the technical solution of the present invention, the inventors conducted a great deal of test studies:
the public key of the original BGV algorithm is in the form of a matrix, and the literature [ [ GHS121] (i.e., c.gentry, s.halevi, and n.p.smart.fully homomorphic encryption with a ploycoverhead. in eurocypt 2012, LNCS 7237, pages 465-482.Springer,2012.), Appendix d.2] proves that the public key can also be reduced to a vector. The following therefore describes the details in a vector fashion:
the inventor finds that under the condition of BGV parameter setting (namely setting the maximum multiplication times L and the value of vector length L, selecting a plaintext space p, and selecting L prime numbers p according to the safety parameter requirement0,...,pL-1Calculating
Figure BDA0002255983840000048
Disclosure of all p0,...,pL-1And q is0,...,qL-1) Given two ciphertexts of the same layer
Figure BDA0002255983840000049
And
Figure BDA00022559838400000410
the multiplication is performed to obtain CT '═ c'0,c′1I-1), wherein
Figure BDA00022559838400000411
Figure BDA00022559838400000412
Given the secret s, one can calculate
Thus, performing decryption algorithm calculations<CT′,s>mod qimod p, plaintext of output m ═ m1*m2. Errors introduced in the ciphertext may be reduced upon decryption.
Given the same ciphertext CT1And CT2If the calculation public key EPK is usedj=(a,b,j),b=as+p∈-s2pj(j ≠ i), the above-mentioned calculation procedure becomes:
Figure BDA00022559838400000414
can not be pushed out
Figure BDA00022559838400000415
This is why in the existing BGV type scheme, one computation public key is required for each layer.
However, after the scheme of the invention is adopted, p is enabled0,...,pL-1All values of (a) satisfy piAfter 1mod p, in the above process, although
Figure BDA0002255983840000051
Figure BDA0002255983840000052
Therefore, a decryption algorithm calculation is performed<CT′,s>mod qimod p still outputs m' as m of the plaintext1*m2
Therefore, when computing public keys EPK of all layersi=(a,b,i)=(a,b=as+p∈-s2piI) is changed to (a, b, i) ═ as + p ∈ -s2(pr +1), i), any layer is decrypted,
Figure BDA0002255983840000053
Figure BDA0002255983840000054
in the above, since (p) is under the parameter condition set by the present invention1,…,pL-1Such that each pi1mod p), the error term occurring in decryption
Figure BDA0002255983840000055
One is 0, therefore, the invention does not need to call after the completion of the SwithchKeySwitchModules to reduce errors. In the invention, the calculation public key EPK of all layers is usedi=(a,b,i)=(a,b=as+p∈-s2piI) is changed to (a, b, i) ═ as + p ∈ -s2(pr +1), i), performing decryption algorithm calculations on either layer<CT′,s>modqimod p will all output m' ═ m1*m2I.e. accurate decryption can be achieved.

Claims (3)

1. An improved fully homomorphic encryption method, comprising the steps of:
s1, system initialization: setting the maximum multiplication times L and the value of the vector length L, selecting a plaintext space p, and then selecting L prime numbers p according to the requirement of the security parameter0,...,pL-1So that p is0,...,pL-1All values of (a) satisfy pi1mod p; calculating parametersDisclosure of all piAnd q isi
S2, generating a key: selecting an l-dimensional vector s as a key SK;
s3, generating a public key: select a vector a of dimension lpkAnd an l-dimensional error vector ∈pkCalculating the vector bpk=sapk+p∈pkLet pK be (a)pk,bpk) As a public key;
s4, encryption calculation: inputting a public key PK and an l-dimensional plaintext vector m, and selecting an l-dimensional random vector v ∈ { -1, 0, 1}lAnd two 1-dimensional error vectors e0,e1Calculating c0=vbpk+pe0+m,c1=vapk+pe1The ciphertext CT ═ c0,c1,L-1);
S5, according to the need, using the public calculation key to perform homomorphic addition and/or homomorphic multiplication operation on the ciphertext CT for any time to obtain CT';
s6, decryption: input ciphertext CT ═ c'0,c′1I) the key SK is used, in dependence on the key SK,calculating m ═ c0′-sc1′)mod qimod p, output plaintext m', where i represents the i-th layer operation.
2. The improved fully homomorphic encryption method according to claim 1, wherein when homomorphic multiplication is performed on the ciphertext, in step S5, when homomorphic multiplication is performed, the calculation public key is generated by: selecting a 1-dimensional vector aepkAnd a 1-dimensional error vector eepkCalculating the vector bpk=saepk+p∈eepk-s2(pr +1), r is an arbitrary number, EPK ═ aepk,bepk) As a computed public key for all layers.
3. The improved fully homomorphic encryption method according to claim 1, wherein the step S5, when performing homomorphic multiplication operation on the ciphertext, comprises the following steps: inputting two ciphertexts of the same layer
Figure FDA0002255983830000012
First calling Switchmodules to get
Figure FDA0002255983830000013
And
Figure FDA0002255983830000014
wherein the content of the first and second substances,
Figure FDA0002255983830000015
Figure FDA0002255983830000016
then calling SwithchKey to obtain CT1' and CT2' product CT ' ═ c '0,c′1I) wherein, c'0=d0pi-bepkd2mod qi,c′1=d1pi-aepkd2modqi
Figure FDA0002255983830000017
Figure FDA0002255983830000018
CN201911053718.6A 2019-10-25 2019-10-31 Improved isomorphic encryption method Active CN110855421B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2019110227692 2019-10-25
CN201911022769 2019-10-25

Publications (2)

Publication Number Publication Date
CN110855421A true CN110855421A (en) 2020-02-28
CN110855421B CN110855421B (en) 2023-11-07

Family

ID=69599526

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911053718.6A Active CN110855421B (en) 2019-10-25 2019-10-31 Improved isomorphic encryption method

Country Status (1)

Country Link
CN (1) CN110855421B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112699384A (en) * 2020-12-11 2021-04-23 山东大学 FPGA-based fully homomorphic encryption deep learning inference method and system
CN115549891A (en) * 2022-11-24 2022-12-30 北京信安世纪科技股份有限公司 Homomorphic encryption method, homomorphic decryption method, homomorphic calculation method and equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170134158A1 (en) * 2015-11-09 2017-05-11 CertSIGN S.A. Fully Homomorphic Encryption from Monoid Algebras
CN108923907A (en) * 2018-06-20 2018-11-30 中国科学院重庆绿色智能技术研究院 A kind of homomorphism Inner product method based on the fault-tolerant problem concerning study of mould
CN109889320A (en) * 2019-01-24 2019-06-14 中国人民武装警察部队工程大学 A kind of full homomorphic cryptography method of efficient BGV type multi-key cipher
CN110176983A (en) * 2019-05-22 2019-08-27 西安电子科技大学 Privacy protection association rule mining based on full homomorphic cryptography

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170134158A1 (en) * 2015-11-09 2017-05-11 CertSIGN S.A. Fully Homomorphic Encryption from Monoid Algebras
CN108923907A (en) * 2018-06-20 2018-11-30 中国科学院重庆绿色智能技术研究院 A kind of homomorphism Inner product method based on the fault-tolerant problem concerning study of mould
CN109889320A (en) * 2019-01-24 2019-06-14 中国人民武装警察部队工程大学 A kind of full homomorphic cryptography method of efficient BGV type multi-key cipher
CN110176983A (en) * 2019-05-22 2019-08-27 西安电子科技大学 Privacy protection association rule mining based on full homomorphic cryptography

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112699384A (en) * 2020-12-11 2021-04-23 山东大学 FPGA-based fully homomorphic encryption deep learning inference method and system
CN115549891A (en) * 2022-11-24 2022-12-30 北京信安世纪科技股份有限公司 Homomorphic encryption method, homomorphic decryption method, homomorphic calculation method and equipment
CN115549891B (en) * 2022-11-24 2023-03-10 北京信安世纪科技股份有限公司 Homomorphic encryption method, homomorphic decryption method, homomorphic calculation method and equipment

Also Published As

Publication number Publication date
CN110855421B (en) 2023-11-07

Similar Documents

Publication Publication Date Title
CN108718231B (en) Fully homomorphic encryption method, fully homomorphic encryption device and computer readable storage medium
WO2020006692A1 (en) Fully homomorphic encryption method and device and computer readable storage medium
US9686075B2 (en) Key sharing network device and configuration thereof
Nitaj et al. New attacks on the RSA cryptosystem
WO2021143456A1 (en) Sm9 digital signature generation method and apparatus, computer device, and storage medium
CN108055128B (en) RSA key generation method, RSA key generation device, storage medium and computer equipment
JP2012506191A (en) Method for generating encryption key, network and computer program
CN110855421B (en) Improved isomorphic encryption method
US20020126838A1 (en) Modular exponentiation calculation apparatus and modular exponentiation calculation method
CN107888385B (en) RSA modulus generation method, RSA key generation method, computer device, and medium
Alamati et al. Minicrypt primitives with algebraic structure and applications
Azarderakhsh et al. How not to create an isogeny-based PAKE
WO2009115824A1 (en) Encryption method
CN117527223B (en) Distributed decryption method and system for quantum-password-resistant grid
CN110798313B (en) Secret dynamic sharing-based collaborative generation method and system for number containing secret
Cheon et al. Approximate algorithms on lattices with small determinant
CN113434886B (en) Method and device for jointly generating data tuples for secure computation
Patel et al. A novel verifiable multi-secret sharing scheme based on elliptic curve cryptography
WO2022172041A1 (en) Asymmetric cryptographic schemes
KR102364047B1 (en) Method and apparatus for public-key cryptography based on structured matrices
CN110752931B (en) SM2 elliptic curve public key cryptosystem optimization method
Katti et al. Nonce Generation For The Digital Signature Standard.
Kalimoldayev et al. Modification of the digital signature, developed on the nonpositional polynomial notations
Sun et al. A Method for Solving Generalized Implicit Factorization Problem
Long et al. A Bergman ring based cryptosystem analogue of RSA

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant