{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T04:15:49Z","timestamp":1778040949219,"version":"3.51.4"},"reference-count":41,"publisher":"International Association for Cryptologic Research","issue":"1","license":[{"start":{"date-parts":[[2026,2,3]],"date-time":"2026-02-03T00:00:00Z","timestamp":1770076800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IACR CiC"],"accepted":{"date-parts":[[2026,4,21]]},"abstract":"<jats:p>We present a new and efficient method to obtain circuit privacy for lattice-based linearly homomorphic encryptions (LHE). In particular, our method does not involve noise-flooding with superpolynomially large errors or iterative bootstrapping. As a direct result, we obtain a semi-honest oblivious linear evaluation (OLE) protocol with the same efficiency, reducing the communication cost of the prior state of the art by 50%.     Consequently, the amortized time of our protocol improves upon the prior work by 33% under a 100Mbps network setting. Our semi-honest OLE is the first to achieve both concrete efficiency and asymptotic quasi-optimality.<\/jats:p>","DOI":"10.62056\/avivr-zn4","type":"journal-article","created":{"date-parts":[[2026,5,4]],"date-time":"2026-05-04T18:09:08Z","timestamp":1777918148000},"update-policy":"https:\/\/doi.org\/10.62056\/adfjwm02dj","source":"Crossref","is-referenced-by-count":0,"title":["More Efficient Lattice-based OLE"],"prefix":"10.62056","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-3190-6416","authenticated-orcid":false,"given":"Leo","family":"de Castro","sequence":"first","affiliation":[{"name":"JP Morgan Chase & Co.","place":["United States"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4766-3456","authenticated-orcid":false,"given":"Duhyeong","family":"Kim","sequence":"additional","affiliation":[{"name":"Meta Platforms, Inc.","place":["United States"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3564-6090","authenticated-orcid":false,"given":"Miran","family":"Kim","sequence":"additional","affiliation":[{"id":[{"id":"https:\/\/ror.org\/046865y68","id-type":"ROR","asserted-by":"publisher"}],"name":"Hanyang University","place":["South Korea"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2521-8538","authenticated-orcid":false,"given":"Keewoo","family":"Lee","sequence":"additional","affiliation":[{"name":"Ethereum Foundation","place":["South Korea"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1151-2453","authenticated-orcid":false,"given":"Seonhong","family":"Min","sequence":"additional","affiliation":[{"id":[{"id":"https:\/\/ror.org\/04h9pn542","id-type":"ROR","asserted-by":"publisher"}],"name":"Seoul National University","place":["South Korea"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0496-9789","authenticated-orcid":false,"given":"Yongsoo","family":"Song","sequence":"additional","affiliation":[{"id":[{"id":"https:\/\/ror.org\/04h9pn542","id-type":"ROR","asserted-by":"publisher"}],"name":"Seoul National University","place":["South Korea"]}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"48349","published-online":{"date-parts":[[2026,5,4]]},"reference":[{"key":"ref1:RAD78","first-page":"169","article-title":"On data banks and privacy homomorphisms","volume":"4","author":"Ronald L Rivest","year":"1978","journal-title":"Foundations of secure computation"},{"key":"ref2:Gen09","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1145\/1536414.1536440","article-title":"Fully homomorphic encryption using ideal lattices","author":"Craig Gentry","year":"2009"},{"key":"ref3:CGS97","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/3-540-69053-0_9","article-title":"A Secure and Optimally Efficient Multi-Authority Election\n  Scheme","volume":"1233","author":"Ronald Cramer","year":"1997"},{"key":"ref4:OS07","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"393","DOI":"10.1007\/978-3-540-71677-8_26","article-title":"A Survey of Single-Database Private Information Retrieval:\n  Techniques and Applications (Invited Talk)","volume":"4450","author":"Rafail Ostrovsky","year":"2007"},{"key":"ref5:BDOZ11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/978-3-642-20465-4_11","article-title":"Semi-homomorphic Encryption and Multiparty Computation","volume":"6632","author":"Rikke Bendlin","year":"2011"},{"key":"ref6:SPDZ_overdrive18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1007\/978-3-319-78372-7_6","article-title":"Overdrive: Making SPDZ Great Again","volume":"10822","author":"Marcel Keller","year":"2018"},{"key":"ref7:dCJV21","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1145\/3474366.3486928","article-title":"Fast Vector Oblivious Linear Evaluation from Ring Learning\n  with Errors","author":"Leo de Castro","year":"2021"},{"key":"ref8:DS16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"294","DOI":"10.1007\/978-3-662-49890-3_12","article-title":"Sanitization of FHE Ciphertexts","volume":"9665","author":"L\u00e9o Ducas","year":"2016"},{"key":"ref9:BDMW16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/978-3-662-53008-5_3","article-title":"FHE Circuit Privacy Almost for Free","volume":"9815","author":"Florian Bourse","year":"2016"},{"key":"ref10:Bra12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"868","DOI":"10.1007\/978-3-642-32009-5_50","article-title":"Fully Homomorphic Encryption without Modulus Switching from\n  Classical GapSVP","volume":"7417","author":"Zvika Brakerski","year":"2012"},{"key":"ref11:FV12","volume-title":"Somewhat Practical Fully Homomorphic Encryption","author":"Junfeng Fan","year":"2012"},{"key":"ref12:NP99","doi-asserted-by":"publisher","first-page":"245","DOI":"10.1145\/301250.301312","article-title":"Oblivious Transfer and Polynomial Evaluation","author":"Moni Naor","year":"1999"},{"key":"ref13:IPS09","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"294","DOI":"10.1007\/978-3-642-00457-5_18","article-title":"Secure Arithmetic Computation with No Honest Majority","volume":"5444","author":"Yuval Ishai","year":"2009"},{"key":"ref14:ADI+17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-319-63688-7_8","article-title":"Secure Arithmetic Computation with Constant Computational\n  Overhead","volume":"10401","author":"Benny Applebaum","year":"2017"},{"key":"ref15:DGN+17","doi-asserted-by":"publisher","first-page":"2263","DOI":"10.1145\/3133956.3134024","article-title":"TinyOLE: Efficient Actively Secure Two-Party Computation\n  from Oblivious Linear Function Evaluation","author":"Nico D\u00f6ttling","year":"2017"},{"key":"ref16:HIMV19","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1145\/3319535.3354258","article-title":"LevioSA: Lightweight Secure Arithmetic Computation","author":"Carmit Hazay","year":"2019"},{"key":"ref17:CDI+19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"462","DOI":"10.1007\/978-3-030-26954-8_15","article-title":"Reusable Non-Interactive Secure Computation","volume":"11694","author":"Melissa Chase","year":"2019"},{"key":"ref18:EGP+23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"220","DOI":"10.1007\/978-3-031-30617-4_8","article-title":"SuperPack: Dishonest Majority MPC with Constant Online\n  Communication","volume":"14005","author":"Daniel Escudero","year":"2023"},{"key":"ref19:BCGI18","doi-asserted-by":"publisher","first-page":"896","DOI":"10.1145\/3243734.3243868","article-title":"Compressing Vector OLE","author":"Elette Boyle","year":"2018"},{"key":"ref20:WYKW21","doi-asserted-by":"publisher","first-page":"1074","DOI":"10.1109\/SP40001.2021.00056","article-title":"Wolverine: Fast, Scalable, and Communication-Efficient\n  Zero-Knowledge Proofs for Boolean and Arithmetic Circuits","author":"Chenkai Weng","year":"2021"},{"key":"ref21:YSWW21","doi-asserted-by":"publisher","first-page":"2986","DOI":"10.1145\/3460120.3484556","article-title":"QuickSilver: Efficient and Affordable Zero-Knowledge\n  Proofs for Circuits and Polynomials over Any Field","author":"Kang Yang","year":"2021"},{"key":"ref22:GN19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1007\/978-3-030-17659-4_6","article-title":"An Algebraic Approach to Maliciously Secure Private Set\n  Intersection","volume":"11478","author":"Satrajit Ghosh","year":"2019"},{"key":"ref23:RS21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"901","DOI":"10.1007\/978-3-030-77886-6_31","article-title":"VOLE-PSI: Fast OPRF and Circuit-PSI from\n  Vector-OLE","volume":"12697","author":"Peter Rindal","year":"2021"},{"key":"ref24:CILO22","doi-asserted-by":"publisher","first-page":"531","DOI":"10.1145\/3548606.3559378","article-title":"PSI from Ring-OLE","author":"Wutichai Chongchitmate","year":"2022"},{"key":"ref25:dCHI+22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1007\/978-3-031-06944-4_11","article-title":"Asymptotically Quasi-Optimal Cryptography","volume":"13275","author":"Leo de Castro","year":"2022"},{"key":"ref26:BGMN18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1007\/978-3-030-03810-6_2","article-title":"Secure Computation Using Leaky Correlations (Asymptotically\n  Optimal Constructions)","volume":"11240","author":"Alexander R. Block","year":"2018"},{"key":"ref27:GSW","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1007\/978-3-642-40041-4_5","article-title":"Homomorphic Encryption from Learning with Errors:\n  Conceptually-Simpler, Asymptotically-Faster, Attribute-Based","volume":"8042","author":"Craig Gentry","year":"2013"},{"key":"ref28:BEPU+20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1007\/978-3-030-57990-6_7","article-title":"Efficient Protocols for Oblivious Linear Function Evaluation\n  from Ring-LWE","volume":"12238","author":"Carsten Baum","year":"2020"},{"key":"ref29:BCG+20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1007\/978-3-030-56880-1_14","article-title":"Efficient Pseudorandom Correlation Generators from\n  Ring-LPN","volume":"12171","author":"Elette Boyle","year":"2020"},{"key":"ref30:CRR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"502","DOI":"10.1007\/978-3-030-84252-9_17","article-title":"Silver: Silent VOLE and Oblivious Transfer from Hardness\n  of Decoding Structured LDPC Codes","volume":"12827","author":"Geoffroy Couteau","year":"2021"},{"key":"ref31:BDM22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1007\/978-3-030-97121-2_14","article-title":"Two-Round Oblivious Linear Evaluation from Learning with\n  Errors","volume":"13177","author":"Pedro Branco","year":"2022"},{"key":"ref32:BBDP22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"157","DOI":"10.1007\/978-3-031-07085-3_6","article-title":"Batch-OT with Optimal Rate","volume":"13276","author":"Zvika Brakerski","year":"2022"},{"key":"ref33:MR07","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1137\/S0097539705447360","article-title":"Worst-case to average-case reductions based on Gaussian\n  measures","volume":"37","author":"Daniele Micciancio","year":"2007","journal-title":"SIAM Journal on Computing"},{"key":"ref34:GPV08","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1145\/1374376.1374407","article-title":"Trapdoors for hard lattices and new cryptographic\n  constructions","author":"Craig Gentry","year":"2008"},{"key":"ref35:Pei10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1007\/978-3-642-14623-7_5","article-title":"An Efficient and Parallel Gaussian Sampler for Lattices","volume":"6223","author":"Chris Peikert","year":"2010"},{"key":"ref36:AGHS13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/978-3-642-42033-7_6","article-title":"Discrete Gaussian Leftover Hash Lemma over Infinite\n  Domains","volume":"8269","author":"Shweta Agrawal","year":"2013"},{"key":"ref37:IP07","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"575","DOI":"10.1007\/978-3-540-70936-7_31","article-title":"Evaluating Branching Programs on Encrypted Data","volume":"4392","author":"Yuval Ishai","year":"2007"},{"key":"ref38:BGV14","doi-asserted-by":"publisher","first-page":"309","DOI":"10.1145\/2090236.2090262","article-title":"(Leveled) fully homomorphic encryption without\n  bootstrapping","author":"Zvika Brakerski","year":"2012"},{"key":"ref39:hestandard","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-030-77287-1_2","article-title":"Homomorphic encryption standard","author":"Martin Albrecht","year":"2021"},{"key":"ref40:estim","doi-asserted-by":"publisher","DOI":"10.1515\/jmc-2015-0016","article-title":"On the concrete hardness of Learning with Errors","volume":"9","author":"Martin Albrecht","year":"2015","journal-title":"Journal of Mathematical Cryptology"},{"key":"ref41:lattigo","doi-asserted-by":"publisher","first-page":"64","DOI":"10.25835\/0072999","article-title":"Lattigo: A multiparty homomorphic encryption library in go","author":"Christian Vincent Mouchet","year":"2020"}],"container-title":["IACR Communications in Cryptology"],"original-title":[],"language":"en","deposited":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T04:03:37Z","timestamp":1778040217000},"score":1,"resource":{"primary":{"URL":"https:\/\/cic.iacr.org\/p\/3\/1\/26"}},"subtitle":["from Circuit-private Linear HE with Polynomial Overhead"],"short-title":[],"issued":{"date-parts":[[2026,5,4]]},"references-count":41,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,5,4]]}},"URL":"https:\/\/doi.org\/10.62056\/avivr-zn4","archive":["Internet Archive","Internet Archive"],"relation":{},"ISSN":["3006-5496"],"issn-type":[{"value":"3006-5496","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,5,4]]},"assertion":[{"value":"2026-02-03","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2026-04-21","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"cc3-1-78"}}