16-02-2012 дата публикации
Номер: US20120039473A1
In one exemplary embodiment of the invention, a method for homomorphic decryption, including: providing a ciphertext with element c, there exists a big set B having N elements z i so B={z 1 ,z 2 , . . . , z N }, there exists a small set S having n elements s j so S={s 1 , s 2 , . . . , s n }, the small set is a subset of the big set, summing up the elements of the small set yields the private key, there exists a bit vector {right arrow over (σ)} having N bits σ i so {right arrow over (σ)}= σ 1 , σ 2 , . . . , σ N , σ i =1 if z i ∈ S else σ i =0, there exists an encrypted vector {right arrow over (d)} having N ciphertexts d i so d= d 1 , d 2 , . . . , d N , d i is an encryption of σ i ; post-processing c by multiplying it by all z i to obtain an intermediate vector {right arrow over (y)}= y 1 , y 2 , . . . , y N with y i computed y i =c×z i ; homomorphically multiplying y i by d i obtaining a ciphertext vector {right arrow over (x)} having N ciphertexts x i so z= x 1 , x 2 , . . . , x N , where x i is an encryption of the product y i ·σ i ; and homomorphically summing all x i to obtain a resulting ciphertext that is an encryption of the at least one bit, where the big set is partitioned into n parts with each part having a plurality of different elements from the big set, where the elements of the small set are one element from each part.
Подробнее
