Simulation study based on SomeWhat homomorphic
encryption
Jing Yang
Mingyu Fan
University of Electronic Science and Technology
University of Electronic Science and Technology
of China
of China
Chengdu,China
Chengdu,China
ay4922@163.com
ff98@163.com
Guangwei Wang
Zhiyin Kong
University of Electronic Science and Technology
Science
of China
Assurance Laboratory
Chengdu,China
Beijing,China
and
Technology
on
Information
homomorphic
scheme is proposed, and in his doctoral thesis[3]
encryption scheme is most focus on algorithm
on fully homomorphic encryption scheme for
efficiency
further discussion. Gentry's fully homomorphic
Abstract—At
present
and
study
security
of
and
the
rare
for
homomorphic encryption simulation research. This
encryption scheme is then proposed on the
paper for the Gentry's SomeWhat homomorphic
research and development of the homomorphic
encryption scheme for the simulation research, in
encryption provides a powerful support and
clear text size within a certain range simulation
motivation. Later, the domestic and foreign
was SomeWhat homomorphic encryption scheme,
scholars put forward many improved fully
and presents the relationship between the length of
homomorphic encryption scheme. Dr Dijk et
plaintext and ciphertext size.
al.[4,5] proposed integer on the homomorphism
Keywords-somewhat homomorphic encryption;
simulation;clear text length;ciphertext length
scheme based on modular arithmetic, but the
execution efficiency is low; Smart et al.[6] such
as using Gentry fully homomorphic encryption
I.
INTRODUCTION
idea, put forward the key and the ciphertext with
Rivest et al.[1], in 1978, put forward the
relatively small size of the solution, to improve
concept of a fully homomorphic encryption,
the efficiency; Stehle
namely under the condition of not unlock to
optimized, to allow the negligible probability
various operations of cryptograph, the results
decryption error this article weakening .
from the decrypted plaintext and operation
et al.[7] of the Gentry is
Gentry on the paper for integer SomeWhat
results of the same accordingly. All the ideas of
homomorphic
the homomorphic encryption put forward,
simulation research, under the condition of the
scholars who at home and abroad do a lot of
weakening of certain parameters for the Gentry
research on fully homomorphic encryption,
of the homomorphic encryption scheme, the
however their proposed solutions are only for
simulation experiment on the premise of meet
limited
cryptograph
the homogeneity of cipher text is obtained under
homomorphism
different plaintext length size, and the linear
time
computing,
that
homomorphism
can't
do
calculation of arbitrary depth processing circuit
Until graduated from Stanford university in
2009, IBM researcher Gentry[2] based on ideal
case the first fully homomorphic encryption
scheme
for
the
relationship between them are discussed.
or any more as to time, did not achieve the entire
real homomorphism.
encryption
II.
A.
TO THE KNOWLODGE
Homomorphic encryption
A homomorphic encryption scheme is
composed of
the fowling four algorithms:
keygen : According to the security parameter, we can produce the public key pk and
h  (2  , 2  ) , and calculate(1).Setting public
key pk  ( N , x) , private key sk  p .
sk of the scheme.
private key
x  pl  2h
(1)
Encryption : We give a plaintext m and
Encryption( pk , m) : Given a plaintext
m {0,1} , so that we can get ciphertext
*
m {0,1}* ,we choose two random integers
c using public key pk to encrypt plaintext.
r1  (2 , 2 ) and r 2  (2 , 2 ) .Accordin
'
'
Decryption : Inputting private key sk and
c then decrypting them, we can get
the output plaintext m .
ciphertext
Evaluate : Inputting
input circuits
C
g to the public key pk  ( N , x) , we can
calculate (2), c serve as the result of ciphertext.
c  m  2r1  r 2 x mod N
public key pk , t
Decryption( sk , c) : According to the
and a set of ciphertext

c  (c1, c 2, ...ct ) ,we can get the output result
given ciphertext, make use of private key sk to
calculate (3).

m'  (c mod p) mod 2
c*  Evaluate( pk , C , c) .What’s the most
important , the result must meet the condition
Dec(sk , c )  C (m1, m2, ...mt ) .
(2)
(3)
Evaluate( pk , C , c1, c 2...ct ) : Given a
*
B.
SomeWhat Homomorphic Encryption
boolean circuit C with t inputs and t
ciphertexts ci . Let’s put T ciphertext into
Gentry structure of SomeWhat homorphic
extended circuits to perform all its operations,
encryption scheme is composed of the following
then verify the result of the circuit’s output is (4)
four algorithms:
to see if it conform (5).
Parameter selection: Let’s set them blow
~
~
   ,   2 ,  O( ) ,   O( ) ,
'
2
c*  Evaluate( pk , C , c)
(4)
Dec(sk , c* )  C (m1, m2, ...mt )
(5)
4
~
  O ( 5 ) . 
is safety parameter. Security
III. SOMEWHAT HOMOMORPHIC
parameters associated with the security of
scheme, usually take dozens to hundreds of bits.
keygen : We choose  bit odd prime
numbers p and

ENCRYPTION SIMULATION STUDY
A.
simulation environment
In the experimental environment, we set
safe parameter  to the length of the 19 bits, the
5
bits odd prime numbers
order of magnitude as the 10 ; so orders of
q randomly and order N  pq . Then choose
magnitude for    also as the 10 ; order of
two random integers
l  [0, 2 / p] ,
5
magnitude for
 '  2 as
5
the 10 ; order of
~
magnitude for 
 ( 2 ) as the 1010 ; order of
magnitude for 
 ( 4 ) as the 1020 ; order of
~
  (  5 )
for
as
the
1025 .Algorithm keygen of the data are
determined
by
the
above
experiment and the simulation results to get the
relationship between the size of the size and the
ciphertext expressly as well as the time needed
for different plaintext size case simulation
~
magnitude
homomorphic encryption scheme, simulation
analysis, get the following conclusions:
1) In the security parameters are the same,
to the cases of different input plaintext, along
parameters.
with the rising of the clear size, cipher text size
Experiments on a Unix environment using the
also on the increase, but growth is not high. In
Compiler GCC (the GNU Compiler Collection).
the security parameters are the same, for
B.
simulation results
different input plaintext, cost will gradually
In order to facilitate analysis of data, size
increase the time needed for simulation.
and ciphertext expressly to bit size, the
simulation time
in seconds.
Because
2) By the simulation results can be seen that
the
now the homomorphic encryption scheme can
simulation environment and algorithm limits, the
produce huge amounts of ciphertext, spend a lot
size of the plaintext only to 10 bit, here we are in
of time at the same time. After study of
clear text size respectively for 1 bit, 2 bit, 5 bit
homomorphic encryption may need to start from
and 10 bit to experiment. Although the cipher
the efficiency in order to improve the above
text size is very big, but in order to guarantee the
problems.
consistency of the order of magnitude of the
3)As for the more research on our study, we
proceeds of the cipher text results by bit for the
want to reduce the cost of time and increase the
unit.
length of the keys to extend our research to more
After the simulation to get clear the
and more applications.
relationship between the size and cipher text size
shown in the figure 1.
REFERENCES
[1]
RIVEST R,SHAMIR A,ADLEMAN L.A method of
obtaining
digital
signatures
and
public-key
cryptosystems[J].
Communications
of
the
ACM,1978,21(2),pp:120-126.
[2]
GENTRY C. Fully homomorphic encryption using
We can find the result that, along with the
rising of the clear size, the size of the cipher text
is also increased, but the growth rate is not high.
ideal lattices [C]// Proc of the 41st Annual ACM
Visible proclaimed in writing to the size of the
Symposium on Theory of Computing. New York:
changes for the size of the cipher text is have a
certain influence.
[3]
Below again consider efficiency problem,
we will definitely size and the experiments
compare the time consuming, can be clear the
relationship between size and experimental time
as shown in figure 2.
with the change of plaintext size, encrypt the
consumed time is changing, and increases the
time that time cost are increase with the size of
plaintext has also been gradually increased.
IV. EPILOGUE
Unix
BONEH Dan, GENTRY C. A fully homomorphic
encryption scheme [D]. Stanford: Stanford University.
2009.
[4] Van DIJK, GENTRY C, HALEV I. Fully homomorphic
encryption over the integers[C]// Pro of the 29th
Annual International Conference on Theory and App-
Through the figure 2 we can find that, along
Under
ACM Press,2009. pp:169-178.
system
for
lications of Cryptograhic Techniques. Berlin: SpringerVerlag,2010, pp:24-43.
[5] GENTRY C. Computing arbitrary function of encrypted
data[J]. Communications of the ACM,2010 53(3),pp:
97-105.
[6] SMART N P, VERCAUTEREN F. Fully homomorphic
SomeWhat
encryption with relatively small key and ciphertext
sizes[C]// Proc of the 13th International Conference on
Practices and Theory in Public Key Cryptography.
Berlin: Springer-Verlag,2010,pp:420-443.
[7] STEHLE D, STEINFELD R. Faster fully homomorphic
encryption[C]// Proc of International Conference on
the Theory and Application of Cryptology and
Information
Security.
Berlin:
Springer,
2010,
pp:377-394.
plaintext length and the encryption time diagram
plaintext length and ciphertext length diagram
encryption time
100000
80000
plaintext length
encryption time
60000
40000
20000
0
1
2
3
plaintext length
figure 1
4
ciphertext length(bit)
120000
2E+13
2E+13
2E+13
1E+13
1E+13
1E+13
8E+12
6E+12
4E+12
2E+12
0
plaintext length
ciphertext length
1
2
3
plaintext length(bit)
figure 2
4