Understanding a Fully Homomorphic Encryption Scheme
fully homomorphic encryption
Beschreibung
Fully Homomorphic Encryption (FHE) enables computations on encrypted data without decryption, providing a powerful tool for privacy-preserving applications.
In this seminar, the student will study the BFV scheme, a widely used homomorphic encryption construction. The main goal is to understand the underlying mathematics, the design rationale of BFV, and how it fits into the broader landscape of lattice-based cryptography.
The student is expected to:
- Review the foundational works by Brakerski and by Fan–Vercauteren.
- Summarize the scheme’s construction, security assumptions, and noise management.
- Present connections to applications and implementations.
References:
[1] Z. Brakerski, "Fully Homomorphic Encryption without Modulus Switching from Classical GapSVP," Advances in Cryptology – CRYPTO 2012, Lecture Notes in Computer Science, vol. 7417, Springer, 2012, pp. 868–886. doi: 10.1007/978-3-642-32009-5_50
[2] J. Fan and F. Vercauteren, "Somewhat Practical Fully Homomorphic Encryption," IACR Cryptology ePrint Archive, vol. 2012/144, 2012. Available:
Betreuer:
Homomorphic Evaluation of Kalman Filtering
homomorphic encryption, kalman filtering
Beschreibung
Kalman filtering is one of the most prominent and widely used examples of estimation methods. The Kalman filter is a recursive algorithm that uses a series of measurements observed over time, containing statistical noise and other inaccuracies, to produce estimates of unknown variables.
It basically estimates the state of a dynamic system using a series of noisy measurements and operates in two steps: prediction, where it forecasts the next state using the system's model, and update, where it refines the estimate with new measurements.
This technique is widely applied in navigation, control systems, and signal processing for real-time data fusion and noise reduction.
One of the main challenges in Kalman filtering, especially for privacy-preserving methods, is the inversion of matrices. To preserve privacy, computations can be done via homomorphic encryption. Homomorphic encryption is a form of encryption that allows computations to be performed directly on encrypted data without needing to decrypt it first.
For instance, the homomorphic evaluation of Kalman filters requires efficient matrix inversions, which can benefit from tailored homomorphic encryption methods. Effective privacy-preserving Kalman filtering can thus play a critical role in applications ranging from autonomous navigation and prediction of vehicle trajectories to financial modeling.
The goal of this project is to explore and implement efficient privacy-preserving techniques for statistical data analysis, with a focus on homomorphic evaluation of algorithms such as Kalman filters and clustering.
References:
[1] D. Simon, Optimal State Estimation: Kalman, H Infinity, and Nonlinear Approaches, Hoboken, NJ, USA: Wiley, 2006.
[2] M. S. Grewal and A. P. Andrews, Kalman Filtering: Theory and Practice Using MATLAB, 4th ed., Hoboken, NJ, USA: Wiley-IEEE Press, 2015.
[3] Z. Brakerski, ‘Fundamentals of fully homomorphic encryption’, in Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali, New York, NY, USA: Association for Computing Machinery, 2019, pp. 543–563. Accessed: Oct. 22, 2024. [Online]. Available: https://doi.org/10.1145/3335741.3335762
[4] V. Vaikuntanathan, ‘Computing Blindfolded: New Developments in Fully Homomorphic Encryption’, in 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, Oct. 2011, pp. 5–16. doi: 10.1109/FOCS.2011.98.
[5] S. Halevi, ‘Homomorphic Encryption’, Y. Lindell, Ed., in Information Security and Cryptography. Cham: Springer International Publishing, 2017, pp. 219–276. doi: 10.1007/978-3-319-57048-8_5.
Voraussetzungen
Linear Algebra
Probability and Statistics
Cryptography
Betreuer:
Upper Bounds on Integer Partitions
combinatorics, number theory, sum-rank metric
Beschreibung
How many ways are there to write down n nonnegative integers, all of which being strictly smaller than q, such that their sum is k? In other words, what is the coefficient of x^k in (1 + x + ... + x^(q-1))^n?
In this thesis, we are going to dive into the integer partitioning problem with a certain number of partitions and an upper bound on partition size.
The goal of this thesis is to take an already existing bound for the value mentioned above, which holds for a specific k value - and extend it to general k.
The upper bound can then be used for proving better upper bounds in coding theory for certain metrics other than the Hamming metric.
[1] H. B.-S. Couvée, T. Jerkovits, and J. Bariffi, ‘Bounds on Sphere Sizes in the Sum-Rank Metric and Coordinate-Additive Metrics’, Des. Codes Cryptogr., Mar. 2025, doi: 10.1007/s10623-025-01604-0.
Voraussetzungen
information theory, channel coding, strong interest in combinatorics and number theory
Betreuer:
Attaining Fully Homomorphic Encryption through Private Information Retrieval
homomorphic encryption, learning with errors, private information retrieval
Beschreibung
A fully homomorphic encryption (FHE) scheme is an encryption scheme which enables performing arbitrary operations on plaintexts in their encrypted form.
Private Information Retrieval (PIR) is the problem of retrieving a desired data from a database while preventing the database server from finding out the retrieved data.
The goal of this thesis/project is to understand and analyze how to obtain FHE from any PIR scheme [1], [3].
References:
[1] S. Halevi, ‘Homomorphic Encryption’, Y. Lindell, Ed., in Information Security and Cryptography. Cham: Springer International Publishing, 2017, pp. 219–276. doi: 10.1007/978-3-319-57048-8_5.
[2] Z. Brakerski and V. Vaikuntanathan, ‘Efficient Fully Homomorphic Encryption from (Standard) LWE’, in 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, Palm Springs, CA, USA: IEEE, Oct. 2011, pp. 97–106. doi: 10.1109/FOCS.2011.12.
[3] V. Vaikuntanathan, ‘Computing Blindfolded: New Developments in Fully Homomorphic Encryption’, in 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, Oct. 2011, pp. 5–16. doi: 10.1109/FOCS.2011.98.
[4] ‘Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages’, in Lecture Notes in Computer Science, Berlin, Heidelberg: Springer Berlin Heidelberg, 2011, pp. 505–524. doi: 10.1007/978-3-642-22792-9_29.
[5] Y. Ishai and A. Paskin, “Evaluating branching programs on encrypted data,” in TCC, ser. Lecture Notes in Computer Science, S. P. Vadhan, Ed., vol. 4392. Springer, 2007, pp. 575–594.
Voraussetzungen
Security in Communications and Storage
Betreuer:
Oblivious Transfer
oblivious transfer
Beschreibung
How can two parties exchange secrets so that one learns exactly what they need, while the other remains completely “oblivious”? This is the intriguing idea behind Oblivious Transfer (OT), one of cryptography’s most fundamental building blocks.
In this seminar, you will trace OT from its origins in the early days of public-key cryptography to its role as a cornerstone of secure computation. The goal is to understand the core ideas, why OT is so powerful, and how it shapes modern cryptographic protocols.
References:
[1] W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22(6):644–654, November 1976.
[2] Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM, 26:96–99, 1978.
[3] Michael Rabin. How to exchange secrets with oblivious transfer. 1981.
[4] S. Even, O. Goldreich, and A. Lempel, “A randomized protocol for signing contracts,” Commun. ACM, vol. 28, pp. 637–647, 01 1985.
Voraussetzungen
Security in Communications and Storage