{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2022,10,1]],"date-time":"2022-10-01T06:26:31Z","timestamp":1664605591356},"reference-count":52,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2019,4,25]],"date-time":"2019-04-25T00:00:00Z","timestamp":1556150400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2020,1]]},"DOI":"10.1007\/s00145-019-09319-x","type":"journal-article","created":{"date-parts":[[2019,4,25]],"date-time":"2019-04-25T08:04:47Z","timestamp":1556179487000},"page":"34-91","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":135,"title":["TFHE: Fast Fully Homomorphic Encryption Over the Torus"],"prefix":"10.1007","volume":"33","author":[{"given":"Ilaria","family":"Chillotti","sequence":"first","affiliation":[]},{"given":"Nicolas","family":"Gama","sequence":"additional","affiliation":[]},{"given":"Mariya","family":"Georgieva","sequence":"additional","affiliation":[]},{"given":"Malika","family":"Izabach\u00e8ne","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,4,25]]},"reference":[{"key":"9319_CR1","unstructured":"M.\u00a0Albrecht, M.\u00a0Chase, H.\u00a0Chen, J.\u00a0Ding, S.\u00a0Goldwasser, S.\u00a0Gorbunov, S.\u00a0Halevi, J.\u00a0Hoffstein, K.\u00a0Laine, K.\u00a0Lauter, S.\u00a0Lokam, D.\u00a0Micciancio, D.\u00a0Moody, T.\u00a0Morrison, A.\u00a0Sahai, V.\u00a0Vaikuntanathan, Homomorphic encryption security standard. Technical report, HomomorphicEncryption.org, Toronto, Canada, (November 2018)"},{"key":"9319_CR2","first-page":"103","volume-title":"Lecture Notes in Computer Science","author":"Martin R. Albrecht","year":"2017","unstructured":"M.\u00a0R. Albrecht, On dual lattice attacks against small-secret LWE and parameter choices in helib and SEAL, in EUROCRYPT 2017, pp. 103\u2013129, 2017"},{"issue":"2","key":"9319_CR3","doi-asserted-by":"publisher","first-page":"325","DOI":"10.1007\/s10623-013-9864-x","volume":"74","author":"MR Albrecht","year":"2015","unstructured":"M.\u00a0R. Albrecht, C.\u00a0Cid, J.\u00a0Faug\u00e8re, R.\u00a0Fitzpatrick, L.\u00a0Perret, On the complexity of the BKW algorithm on LWE. Designs, Codes and Cryptography, 74\/2, 325\u2013354 (2015)","journal-title":"Designs, Codes and Cryptography"},{"key":"9319_CR4","unstructured":"M.\u00a0R. Albrecht, B.\u00a0R. Curtis, A.\u00a0Deo, A.\u00a0Davidson, R.\u00a0Player, E.\u00a0Postlethwaite, F.\u00a0Virdia, T.\u00a0Wunderer, Estimate all the \n$$\\{$$\n\n\n\n{\n\n\n\nLWE, NTRU\n$$\\}$$\n\n\n\n}\n\n\n\n schemes. \nhttps:\/\/estimate-all-the-lwe-ntru-schemes.github.io\/docs\n\n, (2017)"},{"key":"9319_CR5","doi-asserted-by":"crossref","unstructured":"M.\u00a0R. Albrecht, A.\u00a0Deo, Large modulus ring-lwe \n$$>=$$\n\n\n\n\n>\n=\n\n\n\n\n module-lwe, in ASIACRYPT 2017, 2017","DOI":"10.1007\/978-3-319-70694-8_10"},{"issue":"3","key":"9319_CR6","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1515\/jmc-2015-0016","volume":"9","author":"MR Albrecht","year":"2015","unstructured":"M.\u00a0R. Albrecht, R.\u00a0Player, S.\u00a0Scott, On the concrete hardness of learning with errors. J. Mathematical Cryptology 9(3), 169\u2013203 (2015)","journal-title":"J. Mathematical Cryptology"},{"key":"9319_CR7","unstructured":"E.\u00a0Alkim, L.\u00a0Ducas, T.\u00a0P\u00f6ppelmann, P.\u00a0Schwabe, Post-quantum key exchange - A new hope, in 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016, pp. 327\u2013343, 2016"},{"key":"9319_CR8","doi-asserted-by":"publisher","first-page":"297","DOI":"10.1007\/978-3-662-44371-2_17","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"Jacob Alperin-Sheriff","year":"2014","unstructured":"J.\u00a0Alperin-Sheriff, C.\u00a0Peikert. Faster bootstrapping with polynomial error, in Crypto, pp. 297\u2013314, 2014"},{"key":"9319_CR9","doi-asserted-by":"crossref","unstructured":"J.-C. Bajard, J.\u00a0Eynard, A.\u00a0Hasan, V.\u00a0Zucca, A full rns variant of fv like somewhat homomorphic encryption schemes, in SAC 2016, volume 10532 of LNCS, pp. 423\u2013442, 2016","DOI":"10.1007\/978-3-319-69453-5_23"},{"key":"9319_CR10","doi-asserted-by":"crossref","unstructured":"D.\u00a0Benarroch, Z.\u00a0Brakerski, T.\u00a0Lepoint, Fhe over the integers: Decomposed and batched in the post-quantum regime. Cryptology ePrint Archive, 2017\/065","DOI":"10.1007\/978-3-662-54388-7_10"},{"issue":"4","key":"9319_CR11","doi-asserted-by":"publisher","first-page":"506","DOI":"10.1145\/792538.792543","volume":"50","author":"A Blum","year":"2003","unstructured":"A.\u00a0Blum, A.\u00a0Kalai, H.\u00a0Wasserman, Noise-tolerant learning, the parity problem, and the statistical query model. J. of ACM 50(4), 506\u2013519 (2003)","journal-title":"J. of ACM"},{"key":"9319_CR12","doi-asserted-by":"crossref","unstructured":"Z.\u00a0Brakerski, C.\u00a0Gentry, V.\u00a0Vaikuntanathan, (leveled) fully homomorphic encryption without bootstrapping, in ITCS, pp. 309\u2013325, 2012","DOI":"10.1145\/2090236.2090262"},{"key":"9319_CR13","doi-asserted-by":"crossref","unstructured":"Z.\u00a0Brakerski, A.\u00a0Langlois, C.\u00a0Peikert, O.\u00a0Regev, D.Stehl\u00e9, Classical hardness of learning with errors, in Proc. of 45th STOC, pp. 575\u2013584 (ACM, 2013)","DOI":"10.1145\/2488608.2488680"},{"key":"9319_CR14","doi-asserted-by":"crossref","unstructured":"Z.\u00a0Brakerski, R.\u00a0Perlman, Lattice-based fully dynamic multi-key FHE with short ciphertexts, in Crypto\u20192016, volume 9814, pp. 190\u2013213, 2016","DOI":"10.1007\/978-3-662-53018-4_8"},{"key":"9319_CR15","doi-asserted-by":"crossref","unstructured":"Z.\u00a0Brakerski, V.\u00a0Vaikuntanathan, Lattice-based FHE as secure as PKE, in ITCS, pp. 1\u201312, 2014","DOI":"10.1145\/2554797.2554799"},{"issue":"5","key":"9319_CR16","doi-asserted-by":"publisher","first-page":"1502","DOI":"10.1137\/S0097539798346676","volume":"30","author":"AL Buchsbaum","year":"2000","unstructured":"A.\u00a0L. Buchsbaum, R.\u00a0Giancarlo, J.\u00a0R. Westbrook. On the determinization of weighted finite automata. SIAM Journal on Computing 30(5), 1502\u20131531 (2000)","journal-title":"SIAM Journal on Computing"},{"key":"9319_CR17","first-page":"1","volume-title":"Lecture Notes in Computer Science","author":"Yuanmi Chen","year":"2011","unstructured":"Y.\u00a0Chen, P.\u00a0Q. Nguyen, BKZ 2.0: Better lattice security estimates. In Proc. of Asiacrypt, pp. 1\u201320, 2011"},{"key":"9319_CR18","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1007\/978-3-642-38348-9_20","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"Jung Hee Cheon","year":"2013","unstructured":"J.\u00a0H. Cheon, J.\u00a0Coron, J.\u00a0Kim, M.\u00a0S. Lee, T.\u00a0Lepoint, M.\u00a0Tibouchi, A.\u00a0Yun. Batch fully homomorphic encryption over the integers, in EUROCRYPT 2013, 2013"},{"key":"9319_CR19","doi-asserted-by":"publisher","first-page":"347","DOI":"10.1007\/978-3-030-10970-7_16","volume-title":"Selected Areas in Cryptography \u2013 SAC 2018","author":"Jung Hee Cheon","year":"2019","unstructured":"J.\u00a0H. Cheon, K.\u00a0Han, A.\u00a0Kim, M.\u00a0Kim, Y.\u00a0Song, A full RNS variant of approximate homomorphic encryption, in SAC 2018, pp. 347\u2013368, 2018"},{"key":"9319_CR20","unstructured":"J.\u00a0H. Cheon, A.\u00a0Kim, M.\u00a0Kim, Y.\u00a0Song, Homomorphic encryption for arithmetic of approximate numbers, in Asiacrypt 2017, 2016. \nhttp:\/\/eprint.iacr.org\/2016\/421"},{"key":"9319_CR21","doi-asserted-by":"crossref","unstructured":"J.\u00a0H. Cheon, D.\u00a0Stehl\u00e9, Fully homomophic encryption over the integers revisited, in EUROCRYPT 2015 (Springer, 2015), pp. 513\u2013536","DOI":"10.1007\/978-3-662-46800-5_20"},{"key":"9319_CR22","doi-asserted-by":"crossref","unstructured":"I.\u00a0Chillotti, N.\u00a0Gama, M.\u00a0Georgieva, M.\u00a0Izabach\u00e8ne. Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds, in Advances in Cryptology - ASIACRYPT 2016 - 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4\u20138, 2016, Proceedings, Part I (Springer, 2016), pp. 3\u201333","DOI":"10.1007\/978-3-662-53887-6_1"},{"key":"9319_CR23","doi-asserted-by":"crossref","unstructured":"I.\u00a0Chillotti, N.\u00a0Gama, M.\u00a0Georgieva, M.\u00a0Izabach\u00e8ne, A homomorphic lwe based e-voting scheme, in PQ Cryptography (Springer, 2016), pp. 245\u2013265","DOI":"10.1007\/978-3-319-29360-8_16"},{"key":"9319_CR24","doi-asserted-by":"crossref","unstructured":"I.\u00a0Chillotti, N.\u00a0Gama, M.\u00a0Georgieva, M.\u00a0Izabach\u00e8ne, Faster packed homomorphic operations and efficient circuit bootstrapping for TFHE, in Advances in Cryptology - ASIACRYPT 2017 (Springer, 2017)","DOI":"10.1007\/978-3-319-70694-8_14"},{"key":"9319_CR25","unstructured":"I.\u00a0Chillotti, N.\u00a0Gama, M.\u00a0Georgieva, M.\u00a0Izabach\u00e8ne, TFHE: Fast fully homomorphic encryption library. \nhttps:\/\/tfhe.github.io\/tfhe\/\n\n (August 2016)"},{"key":"9319_CR26","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/978-3-642-54631-0_18","volume-title":"Public-Key Cryptography \u2013 PKC 2014","author":"Jean-S\u00e9bastien Coron","year":"2014","unstructured":"J.\u00a0Coron, T.\u00a0Lepoint, M.\u00a0Tibouchi, Scale-invariant fully homomorphic encryption over the integers, in PKC 2014, pp. 311\u2013328, 2014"},{"key":"9319_CR27","doi-asserted-by":"crossref","unstructured":"R.\u00a0Cramer, L.\u00a0Ducas, B.\u00a0Wesolowski, Short stickelberger class relations and application to ideal-svp, in Eurocrypt 2017, 2016","DOI":"10.1007\/978-3-319-56620-7_12"},{"key":"9319_CR28","doi-asserted-by":"crossref","unstructured":"M.\u00a0Droste, P.\u00a0Gastin, Weighted automata and weighted logics, in Handbook of weighted automata (Springer, 2009), pp. 175\u2013211","DOI":"10.1007\/978-3-642-01492-5_5"},{"key":"9319_CR29","doi-asserted-by":"crossref","unstructured":"L.\u00a0Ducas, D.\u00a0Micciancio, FHEW: Bootstrapping homomorphic encryption in less than a second, in Eurocrypt, pp. 617\u2013640, 2015","DOI":"10.1007\/978-3-662-46800-5_24"},{"issue":"2","key":"9319_CR30","doi-asserted-by":"publisher","first-page":"216","DOI":"10.1109\/JPROC.2004.840301","volume":"93","author":"M. Frigo","year":"2005","unstructured":"M.\u00a0Frigo, S.\u00a0G. Johnson, The design and implementation of FFTW3. Proceedings of the IEEE 93(2), 216\u2013231 (2005). Special issue on \u201cProgram Generation, Optimization, and Platform Adaptation\u201d","journal-title":"Proceedings of the IEEE"},{"key":"9319_CR31","doi-asserted-by":"crossref","unstructured":"N.\u00a0Gama, M.\u00a0Izabach\u00e8ne, P.\u00a0Q. Nguyen, X.\u00a0Xie, Structural lattice reduction: Generalized worst-case to average-case reductions. ePrint Archive, 2014\/283, 2016","DOI":"10.1007\/978-3-662-49896-5_19"},{"key":"9319_CR32","unstructured":"N.\u00a0Gama, P.\u00a0Q. Nguyen, Predicting Lattice Reduction, in Eurocrypt, 2008"},{"key":"9319_CR33","doi-asserted-by":"crossref","unstructured":"C.\u00a0Gentry, Fully homomorphic encryption using ideal lattices, in STOC, 2009","DOI":"10.1145\/1536414.1536440"},{"key":"9319_CR34","doi-asserted-by":"crossref","unstructured":"C.\u00a0Gentry, A.\u00a0Sahai, B.\u00a0Waters, Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attribute-based, in Crypto\u201913, 2013","DOI":"10.1007\/978-3-642-40041-4_5"},{"issue":"6","key":"9319_CR35","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1145\/2824233","volume":"62","author":"S Gorbunov","year":"2015","unstructured":"S.\u00a0Gorbunov, V.\u00a0Vaikuntanathan, H.\u00a0Wee, Attribute-based encryption for circuits. Journal of the ACM (JACM) 62(6), 45 (2015)","journal-title":"Journal of the ACM (JACM)"},{"key":"9319_CR36","unstructured":"S.\u00a0Halevi, I.\u00a0V. Shoup, Helib - an implementation of homomorphic encryption. \nhttps:\/\/github.com\/shaih\/HElib\/\n\n (September 2014)"},{"key":"9319_CR37","doi-asserted-by":"publisher","first-page":"554","DOI":"10.1007\/978-3-662-44371-2_31","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"Shai Halevi","year":"2014","unstructured":"S.\u00a0Halevi, V.\u00a0Shoup, Algorithms in helib, in Crypto\u20192014, pp. 554\u2013571, 2014"},{"key":"9319_CR38","doi-asserted-by":"crossref","unstructured":"N.\u00a0Howgrave-Graham, Approximate integer common divisors, in CaLC, volume\u00a01 (Springer, 2001), pp. 51\u201366","DOI":"10.1007\/3-540-44670-2_6"},{"issue":"3","key":"9319_CR39","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1007\/s10623-014-9938-4","volume":"75","author":"A Langlois","year":"2015","unstructured":"A.\u00a0Langlois, D.\u00a0Stehl\u00e9, Worst-case to average-case reductions for module lattices. Designs, Codes and Cryptography 75(3), 565\u2013599 (2015).","journal-title":"Designs, Codes and Cryptography"},{"key":"9319_CR40","doi-asserted-by":"crossref","unstructured":"M.\u00a0Liu, P.\u00a0Q. Nguyen, Solving bdd by enumeration: An update, in Proc. of CT-RSA, volume 7779 of LNCS (Springer, 2013), pp. 293\u2013309","DOI":"10.1007\/978-3-642-36095-4_19"},{"key":"9319_CR41","first-page":"1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"Vadim Lyubashevsky","year":"2010","unstructured":"V.\u00a0Lyubashevsky, C.\u00a0Peikert, O.\u00a0Regev, On ideal lattices and learning with errors over rings, in EUROCRYPT, pp. 1\u201323, 2010"},{"issue":"1","key":"9319_CR42","doi-asserted-by":"publisher","first-page":"1","DOI":"10.4086\/toc.2018.v014a013","volume":"14","author":"D Micciancio","year":"2018","unstructured":"D.\u00a0Micciancio, On the hardness of learning with errors with binary secrets. Theory of Computing 14(1), 1\u201317 (2018)","journal-title":"Theory of Computing"},{"key":"9319_CR43","doi-asserted-by":"crossref","unstructured":"D.\u00a0Micciancio, C.\u00a0Peikert, Trapdoors for lattices: Simpler, tighter, faster, smaller, in Eurocrypt \u201912, LNCS (Springer, 2012)","DOI":"10.1007\/978-3-642-29011-4_41"},{"key":"9319_CR44","doi-asserted-by":"crossref","unstructured":"D.\u00a0Micciancio, M.\u00a0Walter, Practical, predictable lattice basis reduction, in Proc. of Eurocrypt 2016, volume 9665 of LNCS (Springer, 2016), pp. 820\u2013849","DOI":"10.1007\/978-3-662-49890-3_31"},{"key":"9319_CR45","doi-asserted-by":"crossref","unstructured":"A.\u00a0I. R.\u00a0V. of\u00a0the BFV Homomorphic Encryption\u00a0Scheme. Shai halevi and yuriy polyakov and victor shoup. In CT-RSA 2019, volume 11405 of LNCS (Springer, 2019), pp. 83\u2013105","DOI":"10.1007\/978-3-030-12612-4_5"},{"key":"9319_CR46","doi-asserted-by":"crossref","unstructured":"M.\u00a0A. R.\u00a0Hiromasa, T.\u00a0Okamoto, Packing messages and optimizing bootstrapping in gsw-fhe, in PKC \u201915, pp. 699\u2013715, 2015","DOI":"10.1007\/978-3-662-46447-2_31"},{"key":"9319_CR47","doi-asserted-by":"crossref","unstructured":"O.\u00a0Regev, On lattices, learning with errors, random linear codes, and cryptography, in STOC, pp. 84\u201393, 2005","DOI":"10.1145\/1060590.1060603"},{"key":"9319_CR48","unstructured":"N.\u00a0Smart, F.\u00a0Vercauteren, Fully homomorphic simd operations. Cryptology ePrint Archive, Report 2011\/133, 2011. \nhttps:\/\/eprint.iacr.org\/2011\/133"},{"key":"9319_CR49","doi-asserted-by":"crossref","unstructured":"N.\u00a0P. Smart, F.\u00a0Vercauteren, Fully homomorphic encryption with relatively small key and ciphertext sizes, in Public Key Cryptography - PKC 2010, 13th International Conference on Practice and Theory in Public Key Cryptography, Paris, France, May 26-28, 2010. Proceedings, pp. 420\u2013443, 2010","DOI":"10.1007\/978-3-642-13013-7_25"},{"issue":"1","key":"9319_CR50","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1007\/s10623-012-9720-4","volume":"71","author":"NP Smart","year":"2014","unstructured":"N.\u00a0P. Smart, F.\u00a0Vercauteren, Fully homomorphic SIMD operations. Des. Codes Cryptography 71(1), 57\u201381 (2014)","journal-title":"Des. Codes Cryptography"},{"key":"9319_CR51","doi-asserted-by":"crossref","unstructured":"D.\u00a0Stehl\u00e9, R.\u00a0Steinfeld, K.\u00a0Tanaka, K.\u00a0Xagawa, Efficient public key encryption based on ideal lattices, in Advances in Cryptology - ASIACRYPT 2009, 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6-10, 2009. Proceedings, pp. 617\u2013635, 2009","DOI":"10.1007\/978-3-642-10366-7_36"},{"key":"9319_CR52","doi-asserted-by":"crossref","unstructured":"M.\u00a0van Dijk, C.\u00a0Gentry, S.\u00a0Halevi, V.\u00a0Vaikuntanathan, Fully homomorphic encryption over the integers, in Eurocrypt, pp. 24\u201343, 2010","DOI":"10.1007\/978-3-642-13190-5_2"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-019-09319-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-019-09319-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-019-09319-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,23]],"date-time":"2020-04-23T23:17:16Z","timestamp":1587683836000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-019-09319-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,4,25]]},"references-count":52,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,1]]}},"alternative-id":["9319"],"URL":"http:\/\/dx.doi.org\/10.1007\/s00145-019-09319-x","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":["Applied Mathematics","Computer Science Applications","Software"],"published":{"date-parts":[[2019,4,25]]},"assertion":[{"value":"14 October 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 March 2019","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 April 2019","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}