Join Log in
Score:1
Abhiroop Sarkar avatar Crypto

Reencrypting in Homomorphic Encryption

ec flag
Abhiroop Sarkar

I am getting started with Homomorphic Encryption libraries. I am trying to port a codebase written in Python to Haskell. I see that there is a re-encryption operation happening in one part of the code. Something like this:

  def re_encrypt(self, values):
    n = values.shape[1]
    values = values.flatten()
    ret = []
    for i in range(n):
      pt = self.pri_key.decrypt(values[i])
      ret.append(self.pub_key.encrypt(pt))
    return np.array(ret)

Irrespective of the contents of values, I see that the operation is simply decrypting and encrypting the same entity. In effect that's simply the identity function. I wonder why is this operation happening. One possibility that I considered is that this is simply a way to remove the noise. After several operations are carried out on the encrypted data, the noise becomes too high and then to remove it, decryption happens. Is that what is happening here?

For information, this Python library uses the Intel Paillier Crypto library. Thanks.

103
2 + 0
Score:0
Mark avatar Crypto
ng flag
Mark

Note that it can't be for noise reasons --- Pallier does not really have a concept of noise (that is unique to lattice based fully homomorphic encryption. Pallier is neither lattice based nor fully homomorphic).

Sometimes things like this are done for the purposes of proxy reencryption, but I am not clear if that is occuring here. It is more likely than the noise-based reasons you suggest though.

Also, if you are interested in Haskell-based implementations of FHE, there is a some stuff available along these lines for lattice-based FHE. Namely there is the library $\Lambda \circ \lambda$. Among FHE libraries it has a pretty high (theoretical cryptography) overhead though --- I wouldn't typically suggest it to a beginner. But it is the only Haskell-based library (put together by well-known cryptographic researchers) I am aware of.

+ 0
Score:0
Daniel S avatar Crypto
ru flag
Daniel S

It's not quite the identity because Paillier encryption is randomised. This means that there are many possible ciphertexts for a given plaintext and it is important for the indistinguishability of the system. This function converts one possible ciphertext into a different one (albeit there are better ways of doing this than decrypting and re-encrypting).

One reason for doing this might be if the data owner wants people operating on the data to have access to the same datum in two different contexts, but without being able to identify the same datum in both. For example, I might want to list the income of an employee in both a list of high tax rate employees and a list of people with a requirement for additional healthcare without necessarily disclosing that the same figure appears in both lists.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.