Reliable Non-Leveled Homomorphic Encryption for Web Services

Baigang Chen; Dongfang Zhao

arxiv: 2508.02943 · v3 · submitted 2025-08-04 · 💻 cs.CR

Reliable Non-Leveled Homomorphic Encryption for Web Services

Baigang Chen , Dongfang Zhao This is my paper

Pith reviewed 2026-05-18 23:56 UTC · model grok-4.3

classification 💻 cs.CR

keywords Fully Homomorphic EncryptionError CorrectionWeb ServicesEncoding TechniquesAlgebraic ReliabilityRing-BCH LayerRefresh SkeletonFault Tolerance

0 comments

The pith

A new FHE framework boosts efficiency and adds automatic error correction using encoding techniques and an algebraic reliability layer.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper tries to establish a practical way to run computations on encrypted data in web services by reducing the usual heavy computational cost and adding built-in error correction. It achieves this through new encoding methods together with an algebraic reliability layer that handles faults during transport. A reader would care if the approach works because standard fully homomorphic encryption remains too slow and fragile for real network conditions with errors. The reported prototype measurements cover activation costs, refresh latency, and fault tolerance under simulated bursty conditions.

Core claim

This work puts forward a new FHE framework that enhances computational efficiency and integrates an automatic error correction capability through new encoding techniques and an algebraic reliability layer. The prototype is evaluated through encrypted low-degree activation timing, one experimental public Refresh skeleton invocation, and transport-fault simulations for the Ring-BCH layer, showing failure rates below 0.5 percent and accuracy within 0.5 percentage points of the plaintext baseline.

What carries the argument

New encoding techniques paired with an algebraic reliability layer that supplies both efficiency improvements and automatic error correction in homomorphic encryption.

If this is right

The cost of encrypted low-degree activation evaluation becomes quantifiable through the prototype.
An experimental public Refresh skeleton adds measurable latency to the system.
The Ring-BCH transport layer reduces failure rates to below 0.5 percent under bursty faults.
Modeled accuracy stays within 0.5 percentage points of the plaintext baseline.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

Extending the low-degree surrogate in the Refresh skeleton to a validated EvalMod circuit would move the work closer to full CKKS bootstrapping.
The Ring-BCH approach could generalize to other encrypted computation settings that face unreliable transport links.
Real deployment in production web services would require testing the full system under varied traffic patterns beyond the current simulations.

Load-bearing premise

The new encoding techniques and algebraic reliability layer deliver the claimed efficiency gains and automatic error correction in practice as suggested by the high-level prototype evaluations.

What would settle it

Direct measurement of runtime overhead and error rates when the prototype runs on a real network with bursty faults, compared against a baseline FHE implementation without the new layer, would confirm or refute the central claims.

Figures

Figures reproduced from arXiv: 2508.02943 by Baigang Chen, Dongfang Zhao.

**Figure 1.** Figure 1: Binary CKKS workflow the procedure outputs the vector z = π ◦ σ1(∆−1 · m), i.e., the entry of z of index j ∈ T is zj = ∆−1 · m(ζ j M). Similar to the standard CKKS scheme, the Binary CKKS scheme’s decryption follows the simple form ⟨c,sk⟩ = m + e, where e is a small noise term. This structure enables highprecision approximate decryption, interpreting the output as a real-valued estimate of the message m. … view at source ↗

**Figure 2.** Figure 2: Binary CKKS workflow with BCH encoding GF(2)n is the cyclic code whose generator polynomial is g(X) = lcm{M1(X), . . . , M2t(X)}, with Mi the minimal polynomial of α i [5]. It has dimension k = n − deg g and minimum distance d ≥ 2t+1, implying it corrects t bit errors. For systematic encoding, given a data word u(X) of degree less than k, c(X) = u(X) Xn−k − (u(X) Xn−k mod g(X)). It runs in O˜(n) bit-ops. F… view at source ↗

**Figure 3.** Figure 3: Permutation to Decluster Error Distribution: Yellow, blue, green blocks [PITH_FULL_IMAGE:figures/full_fig_p010_3.png] view at source ↗

read the original abstract

With the ubiquitous deployment of web services, ensuring data confidentiality has become a challenging imperative. Fully Homomorphic Encryption (FHE) presents a powerful solution for processing encrypted data; however, its widespread adoption is severely constrained by two fundamental bottlenecks: substantial computational overhead and the absence of a built-in automatic error correction mechanism. These limitations render the deployment of FHE in real-world, complex network environments impractical. To address this dual challenge, this work puts forward a new FHE framework that enhances computational efficiency and integrates an automatic error correction capability through new encoding techniques and an algebraic reliability layer.Our prototype is evaluated through encrypted low-degree activation timing, one experimental public Refresh skeleton invocation, and transport-fault simulations for the Ring--BCH layer. Our current prototype quantifies the cost of encrypted low-degree activation evaluation, the additional latency of an experimental public Refresh skeleton, and the robustness gained from the Ring--BCH transport layer. The Refresh prototype should be interpreted as a skeleton rather than a complete CKKS bootstrapping implementation, since it uses a low-degree surrogate rather than a validated EvalMod circuit. In transport-fault simulations, the BCH interleaver reduces failure rates to below $0.5\%$ under bursty faults and keeps the modeled accuracy within $0.5$ percentage points of the plaintext baseline.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

The paper sketches a Ring-BCH reliability layer plus new encoding for non-leveled FHE in web services, but the prototype only runs transport-fault simulations and a low-degree Refresh surrogate without full bootstrapping or noise-growth tests.

read the letter

The core idea is to layer algebraic reliability on top of FHE to cut both compute cost and the lack of built-in error correction for network use. The abstract and prototype focus on new encoding plus a Ring-BCH component that the authors say handles automatic correction while keeping things efficient for web services. The transport simulations are the clearest part: they show failure rates dropping below 0.5% under bursty faults with accuracy staying within half a point of plaintext. That gives a concrete, if narrow, data point on channel errors. The timing numbers for low-degree encrypted activations also look like straightforward engineering measurements that could help someone sizing a real deployment. Those pieces are new enough in combination to warrant a look from people working on practical FHE stacks. The Refresh piece is labeled a skeleton that swaps in a low-degree surrogate for a proper EvalMod circuit, so it does not show end-to-end bootstrapping. The reported experiments stop at transport faults and low-degree cases; they do not track noise growth across deeper circuits or demonstrate that the reliability layer actually corrects algebraic noise during homomorphic evaluation. Without those measurements the central claim about automatic correction during computation rests on the framework description rather than observed results. This is the kind of early prototype that might interest engineers or applied researchers who already know the standard FHE literature and want to see how someone is trying to bolt reliability onto existing schemes. A reader looking for validated non-leveled bootstrapping or broad circuit benchmarks will find the current evidence too thin. I would send it out for peer review so the authors can add the missing noise and bootstrapping experiments; the target problem is real even if the present version is still preliminary.

Referee Report

2 major / 2 minor

Summary. The manuscript proposes a new FHE framework for web services that combines novel encoding techniques with a Ring-BCH algebraic reliability layer to simultaneously improve computational efficiency and supply automatic error correction for non-leveled homomorphic encryption. Prototype results are reported for encrypted low-degree activation timing, latency of an experimental public Refresh skeleton, and BCH-interleaved transport-fault simulations that reduce failure rates below 0.5% under bursty faults while keeping accuracy within 0.5 pp of plaintext.

Significance. If the core mechanisms were shown to manage algebraic noise growth and deliver end-to-end bootstrapping, the work could meaningfully reduce two key barriers to practical FHE deployment. The current evidence, however, is confined to low-degree surrogates and channel-error simulations, so the significance remains prospective rather than demonstrated.

major comments (2)

[Abstract (prototype evaluation paragraph)] The manuscript explicitly states that the Refresh prototype uses a low-degree surrogate rather than a validated EvalMod circuit and should be interpreted as a skeleton rather than complete CKKS bootstrapping. This directly undercuts the central claim that the algebraic reliability layer supplies automatic error correction during homomorphic evaluation, because no measurement of noise growth under deep circuits or end-to-end bootstrapping is provided.
[Abstract (transport-fault simulations)] Transport-fault simulations address only channel errors via BCH interleaving and report failure rates below 0.5%. They do not test the Ring-BCH layer against the algebraic noise that arises during homomorphic operations, leaving the automatic error-correction claim for non-leveled FHE unsupported by the reported experiments.

minor comments (2)

The abstract refers to 'new encoding techniques' without specifying their algebraic form or how they interact with the Ring-BCH layer; a concise definition or pseudocode would improve clarity.
No error bars, variance estimates, or hardware platform details accompany the timing and latency figures, making it difficult to assess reproducibility.

Simulated Author's Rebuttal

2 responses · 1 unresolved

We thank the referee for their constructive comments on our manuscript. We agree that the current experimental results are limited and do not fully substantiate all claims regarding automatic error correction in homomorphic evaluations. We will make revisions to the abstract and other sections to accurately reflect the prototype's scope.

read point-by-point responses

Referee: [Abstract (prototype evaluation paragraph)] The manuscript explicitly states that the Refresh prototype uses a low-degree surrogate rather than a validated EvalMod circuit and should be interpreted as a skeleton rather than complete CKKS bootstrapping. This directly undercuts the central claim that the algebraic reliability layer supplies automatic error correction during homomorphic evaluation, because no measurement of noise growth under deep circuits or end-to-end bootstrapping is provided.

Authors: We concur that the Refresh prototype is presented as a skeleton using a low-degree surrogate, precluding measurements of noise growth in deep circuits or end-to-end bootstrapping. The manuscript's central contribution is the proposed framework with new encoding and the Ring-BCH algebraic reliability layer. We will revise the abstract to explicitly note that while the layer is designed for automatic error correction, the current prototype does not yet demonstrate this for homomorphic noise growth, and such validation is left for future work. revision: yes
Referee: [Abstract (transport-fault simulations)] Transport-fault simulations address only channel errors via BCH interleaving and report failure rates below 0.5%. They do not test the Ring-BCH layer against the algebraic noise that arises during homomorphic operations, leaving the automatic error-correction claim for non-leveled FHE unsupported by the reported experiments.

Authors: The referee accurately observes that the simulations target channel errors through BCH interleaving and do not address algebraic noise generated during homomorphic operations. The automatic error-correction for non-leveled FHE is a key aspect of the proposed Ring-BCH layer, but the experiments reported focus on transport faults. We will revise the text to distinguish these and to state that the support for algebraic noise correction is currently based on the layer's design rather than direct experimental evidence from homomorphic evaluations. revision: yes

standing simulated objections not resolved

Providing experimental results for algebraic noise growth management and end-to-end bootstrapping, which are not included in the current prototype and would require substantial additional implementation and evaluation.

Circularity Check

0 steps flagged

No circularity: framework and prototype evaluations are self-contained

full rationale

The manuscript presents a new FHE framework based on novel encoding techniques and an algebraic reliability (Ring-BCH) layer, with evaluations limited to encrypted low-degree activation timing, an experimental Refresh skeleton using a low-degree surrogate, and transport-fault simulations. No equations, derivations, or parameter-fitting steps are exhibited in the provided text that reduce by construction to the inputs or to self-citations. The Refresh skeleton is explicitly qualified as incomplete, and the BCH layer addresses channel faults rather than deriving homomorphic noise correction from fitted values. The central claims therefore rest on independent construction and prototype measurements rather than any self-referential reduction.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

The abstract supplies insufficient technical detail to identify concrete free parameters, axioms, or invented entities; the framework is described only at the level of 'new encoding techniques' and 'algebraic reliability layer'.

pith-pipeline@v0.9.0 · 5757 in / 1092 out tokens · 73023 ms · 2026-05-18T23:56:23.684622+00:00 · methodology

discussion (0)

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

IndisputableMonolith/Foundation/RealityFromDistinction.lean reality_from_one_distinction unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

Bbin_mult ≈ 193 × 280 ≈ 288 ... 252 times smaller than ... standard CKKS

What do these tags mean?

matches: The paper's claim is directly supported by a theorem in the formal canon.
supports: The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends: The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses: The paper appears to rely on the theorem as machinery.
contradicts: The paper's claim conflicts with a theorem or certificate in the canon.
unclear: Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

72 extracted references · 72 canonical work pages · 2 internal anchors

[1]

Homomorphic encryption for arithmetic of approximate numbers,

J. H. Cheon, A. Kim, M. Kim, and Y . Song, “Homomorphic encryption for arithmetic of approximate numbers,” Cryptology ePrint Archive , Report 2016/421, 2016

work page 2016
[2]

Fully homomorphic en- cryption without modulus switching,

Z. Brakerski, C. Gentry, and V . Vaikuntanathan, “Fully homomorphic en- cryption without modulus switching,” Cryptology ePrint Archive, Report 2012/078, 2012

work page 2012
[3]

Somewhat practical fully homomorphic encryption,

J. Fan and F. Vercauteren, “Somewhat practical fully homomorphic encryption,” Cryptology ePrint Archive , Report 2012/144, 2012

work page 2012
[4]

Toward efficient homo- morphic encryption for outsourced databases through parallel caching,

O. T. Tawose, J. Dai, L. Yang, and D. Zhao, “Toward efficient homo- morphic encryption for outsourced databases through parallel caching,” Proceedings of the 2023 ACM SIGMOD International Conference on Management of Data (SIGMOD ’23) , 2023

work page 2023
[5]

A class of error-correcting binary group codes,

R. C. Bose and D. K. Ray-Chaudhuri, “A class of error-correcting binary group codes,” Information and Control ,vol. 3,no. 1,pp. 68–79,1960

work page 1960
[6]

Enhanced CKKS bootstrapping with generalized polynomial decomposition,

M. Lee, J. Lee, and Y . Song, “Enhanced CKKS bootstrapping with generalized polynomial decomposition,” in AsiaCCS ’25, 2025

work page 2025
[7]

Low-latency bootstrapping for CKKS using sparse roots of unity,

J.-S. Coron and R. Köstler, “Low-latency bootstrapping for CKKS using sparse roots of unity,” in Crypto ’25 / Eurocrypt ’25, 2025

work page 2025
[8]

Provably secure approximate computation protocols from CKKS,

I. Hwang, Y . Hwang, M. Kim, D. Lee, and Y . Song, “Provably secure approximate computation protocols from CKKS,” Cryptology ePrint Archive, Report 2025/395, 2025

work page 2025
[9]

SHIP: A shallow and highly parallelizable CKKS bootstrapping algorithm,

J. H. Cheon, G. Hanrot, J. Kim, and D. Stehlé, “SHIP: A shallow and highly parallelizable CKKS bootstrapping algorithm,” in Proc. EURO- CRYPT 2025, pp. 398–428, Apr. 2025

work page 2025
[10]

A fully homomorphic encryption scheme,

C. Gentry, “A fully homomorphic encryption scheme,” Ph.D. disserta- tion, Stanford University, 2009

work page 2009
[11]

TFHE: Fast fully homomorphic encryption over the torus,

I. Chillotti, N. Gama, M. Georgieva, and M. Izabachène, “TFHE: Fast fully homomorphic encryption over the torus,” J. Cryptol. , vol. 33, pp. 34–91, 2020

work page 2020
[12]

On ideal lattices and learn- ing with errors over rings,

V . Lyubashevsky, C. Peikert, and O. Regev, “On ideal lattices and learn- ing with errors over rings,” in Advances in Cryptology – EUROCRYPT 2010, vol. 6110, Springer, 2010, pp. 1–23

work page 2010
[13]

Trapdoors for lattices: Simpler, tighter, faster, smaller,

D. Micciancio and C. Peikert, “Trapdoors for lattices: Simpler, tighter, faster, smaller,” in Advances in Cryptology – EUROCRYPT 2012 , vol. 7237, Springer, 2012, pp. 700–718

work page 2012
[14]

Microsoft SEAL (release 4.1),

K. Laine, O. Saarikivi, et al., “Microsoft SEAL (release 4.1),” Microsoft Research, Jul. 2024. [Online]. Available: https://github.com/microsoft/ SEAL

work page 2024
[15]

PALISADE lattice cryptography library (release 1.11.9),

Y . Polyakov, K. Rohloff, et al., “PALISADE lattice cryptography library (release 1.11.9),” Dec. 2022

work page 2022
[16]

Bootstrapping bits with CKKS,

Y . Bae, J. H. Cheon, J. Kim, and D. Stehlé, “Bootstrapping bits with CKKS,” in Proc. EUROCRYPT 2024 , LNCS 14533. Springer, 2024, pp. 94–123

work page 2024
[17]

Bootstrapping small integers with CKKS,

Y . Bae, J. Kim, D. Stehlé, and E. Suvanto, “Bootstrapping small integers with CKKS,” in Proc. ASIACRYPT 2024 , LNCS 14811. Springer, 2024, pp. 330–360

work page 2024
[18]

HElib: Homomorphic encryption library (version 2.3.1),

S. Halevi and V . Shoup, “HElib: Homomorphic encryption library (version 2.3.1),” [Online]. Available: https://github.com/homenc/HElib

work page
[19]

CryptoNets: Applying neural networks to encrypted data,

R. Gilad-Bachrach, N. Dowlin, K. Laine, K. Lauter, M. Naehrig, and J. Wernsing, “CryptoNets: Applying neural networks to encrypted data,” in Proc. ICML 2016 , pp. 201–210

work page 2016
[20]

FedSHE: pri- vacy preserving and efficient federated learning with adaptive segmented CKKS homomorphic encryption,

Y . Pan, Z. Chao, H. Wang, J. Yang, H. Li, and L. Wang, “FedSHE: pri- vacy preserving and efficient federated learning with adaptive segmented CKKS homomorphic encryption,”Cybersecurity, vol. 7, Art. no. 40, 2024

work page 2024
[21]

Fully homomorphic encryption over the integers,

M. van Dijk, C. Gentry, S. Halevi, and V . Vaikuntanathan, “Fully homomorphic encryption over the integers,” Cryptology ePrint Archive , Report2009/616, 2009

work page 2009
[22]

Practical solutions in fully homomorphic encryption: a survey analyzing existing acceleration methods,

Y . Gong, X. Chang, J. Miši ´c, V . B. Miši ´c, J. Wang, and H. Zhu, “Practical solutions in fully homomorphic encryption: a survey analyzing existing acceleration methods,” Cybersecurity, vol. 7, Art. no. 5, 2024

work page 2024
[23]

A new framework for fast homomorphic matrix multiplication,

X. Zheng, H. Li, and D. Wang, “A new framework for fast homomorphic matrix multiplication,” Cryptology ePrint Archive , Report 2023/1649, 2023

work page 2023
[24]

Configurable encryption and decryp- tion architectures for CKKS-based homomorphic encryption,

J. Lee, P. N. Duong, and H. Lee, “Configurable encryption and decryp- tion architectures for CKKS-based homomorphic encryption,” Sensors, vol. 23, no. 17, Art. no. 7389, 2023

work page 2023
[25]

Privacy-preserving neural networks with homomorphic encryption: Challenges and op- portunities,

B. Pulido-Gaytan, A. Tchernykh, J. M. Cortés-Mendoza, M. Babenko, G. Radchenko, A. Avetisyan, and A. Yu. Drozdov, “Privacy-preserving neural networks with homomorphic encryption: Challenges and op- portunities,” Peer-to-Peer Networking & Applications , vol. 14, no. 3, Art. no. 1666, 2021

work page 2021
[26]

A systematic review of homomorphic en- cryption and its contributions in healthcare industry,

K. Munjal and R. Bhatia, “A systematic review of homomorphic en- cryption and its contributions in healthcare industry,” Complex Intelligent Systems, vol. 9, pp. 3759–3786, 2023

work page 2023
[27]

Privacy-preserving graph-based ma- chine learning with fully homomorphic encryption for collaborative anti- money laundering,

Y . Effendi and A. Chattopadhyay, “Privacy-preserving graph-based ma- chine learning with fully homomorphic encryption for collaborative anti- money laundering,” arXiv preprint arXiv:2411.02926 , 2024

work page arXiv 2024
[28]

On Ideal Lattices and Learning With Errors Over Rings,

V . Lyubashevsky, C. Peikert, and O. Regev, “On Ideal Lattices and Learning With Errors Over Rings,” in Advances in Cryptology – EU- ROCRYPT 2010, pp. 1––23, 2010

work page 2010
[29]

Arithmetic of Hermitian forms,

G. Shimura, “Arithmetic of Hermitian forms,” Documenta Mathematica, vol. 13, pp. 739–774, 2008

work page 2008
[30]

W. W. Peterson and E. J. Weldon, Jr., Error-Correcting Codes, 2nd ed., MIT Press, 1972

work page 1972
[31]

Lin and D

S. Lin and D. J. Costello, Jr., Error Control Coding , 2nd ed., Prentice Hall, 2004

work page 2004
[32]

FHEBench: Benchmarking Fully Homomorphic Encryption Schemes,

L.Jiang and L.Ju, “FHEBench: Benchmarking Fully Homomorphic Encryption Schemes,” arXiv preprint arXiv:2203.00728 , Mar.2022

work page arXiv 2022
[33]

Extension of the Berlekamp–Massey algorithm to N dimen- sions,

S. Sakata, “Extension of the Berlekamp–Massey algorithm to N dimen- sions,” Information and Computation , vol. 84, no. 2, pp. 207–239, Feb. 1990

work page 1990
[34]

Caulk: Lookup arguments in sublinear time

Zapico, Arantxa, et al. "Caulk: Lookup arguments in sublinear time." Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. 2022

work page 2022
[35]

Baloo: Nearly optimal lookup arguments

Zapico, Arantxa, et al. "Baloo: Nearly optimal lookup arguments." Cryptology ePrint Archive (2022)

work page 2022
[36]

FLUTE: fast and secure lookup table evaluations

Brüggemann, Andreas, et al. "FLUTE: fast and secure lookup table evaluations." 2023 IEEE Symposium on Security and Privacy (SP). IEEE, 2023

work page 2023
[37]

HE is all you need: Compressing FHE ciphertexts using additive HE,

R. A. Mahdavi, A. Diaa, and F. Kerschbaum, “HE is all you need: Compressing FHE ciphertexts using additive HE,” arXiv preprint arXiv:2303.09043, Mar. 2023

work page arXiv 2023
[38]

Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds,

I. Chillotti, N. Gama, M. Georgieva, and M. Izabachène, “Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds,” in Proc. ASIACRYPT, 2016, pp. 3 – 33

work page 2016
[39]

A unified analysis of FHEW/TFHE bootstrapping,

L. Ducas, S. Halevi, and V . Vaikuntanathan, “A unified analysis of FHEW/TFHE bootstrapping,”Cryptology ePrint Archive, Paper 2022/987, 2022

work page 2022
[40]

Quantum fully homomorphic encryption scheme based on quantum fault-tolerant construction

M. Liang and L. Yang, “Quantum fully homomorphic encryption scheme based on quantum fault-tolerant construction,” arXiv preprint arXiv:1503.04061, Mar. 2015

work page internal anchor Pith review Pith/arXiv arXiv 2015
[41]

Error-correctable efficient quantum homomorphic encryption using Calderbank–Shor–Steane codes

Sohn, IlKwon, et al. "Error-correctable efficient quantum homomorphic encryption using Calderbank–Shor–Steane codes." Quantum Information Processing 24.2 (2025): 28

work page 2025
[42]

Permutation-key quantum ho- momorphic encryption with quantum error correction,

Y . Chen, S. Li, K. Zhang, and L. Yang, “Permutation-key quantum ho- momorphic encryption with quantum error correction,”arXiv:2204.10471, Apr. 2022

work page arXiv 2022
[43]

Lattigo: A Go Library for Lattice-Based Homomorphic Encryption,

Lattigo Development Team, “Lattigo: A Go Library for Lattice-Based Homomorphic Encryption,” GitHub repository, 2022. Available: https:// github.com/ldsec/lattigo

work page 2022
[44]

Silca: Singular caching of homomorphic encryption for outsourced databases in cloud computing,

D. Zhao, “Silca: Singular caching of homomorphic encryption for outsourced databases in cloud computing,” arXiv:2306.14436, June 2023

work page arXiv 2023
[45]

HOPE: Homomorphic order-preserving encryp- tion for outsourced databases—A stateless approach,

B. Wang and D. Zhao, “HOPE: Homomorphic order-preserving encryp- tion for outsourced databases—A stateless approach,” arXiv:2411.17009, Nov. 2024

work page arXiv 2024
[46]

GlitchFHE: Attacking fully homomorphic encryption using fault injection,

L. L. Mankali, M. Nabeel, F. Raees, M. Maniatakos, O. Sinanoglu, and J. Knechtel, “GlitchFHE: Attacking fully homomorphic encryption using fault injection,” in Proceedings of the 34th USENIX Security Symposium (USENIX Security’25), Los Angeles, CA, USA, Aug. 2025

work page 2025
[47]

On the security and privacy of CKKS-based homomorphic evaluation protocols,

I. Hwang, S. Min, J. Seo, and Y . Song, “On the security and privacy of CKKS-based homomorphic evaluation protocols,” Cryptology ePrint Archive, Report 2025/382, Mar. 2025

work page 2025
[48]

Random permutation set,

Y . Deng, “Random permutation set,”International Journal of Computers Communications & Control , vol. 17, no. 1, Art. no. 4542, Feb. 2022. https://doi.org/10.15837/ijccc.2022.1.4542

work page doi:10.15837/ijccc.2022.1.4542 2022
[49]

SPRING: Fast Pseudorandom Functions from Rounded Ring Products,

A. Banerjee, H. Brenner, G. Leurent, C. Peikert, and A. Rosen, “SPRING: Fast Pseudorandom Functions from Rounded Ring Products,” Tech. report, Georgia Tech/IDC Herzliya/INRIA, 2015. [Online]. Avail- able: https://www.alonrosen.net/PAPERS/spring/spring.pdf

work page 2015
[50]

HE-Booster: An Efficient Polynomial Arithmetic Acceleration on GPUs for Fully Homomorphic Encryption

Wang, Zhiwei, Peinan Li, Rui Hou, et al. “HE-Booster: An Efficient Polynomial Arithmetic Acceleration on GPUs for Fully Homomorphic Encryption.” IEEE Transactions on Parallel and Distributed Systems , 2023

work page 2023
[51]

The Asymptotic Complexity of Coded-BKW with Sieving Using Increasing Reduction Factors

Mårtensson, Erik. “The Asymptotic Complexity of Coded-BKW with Sieving Using Increasing Reduction Factors.” IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019

work page 2019
[52]

A Full RNS Variant of Approximate Ho- momorphic Encryption

Cheon, Jung Hee, et al. “A Full RNS Variant of Approximate Ho- momorphic Encryption.” International Conference on Selected Areas in Cryptography. Cham: Springer International Publishing, 2018

work page 2018
[53]

A Scalable Implementation of Fully Homomorphic Encryption Built on NTRU

Rohloff, Kurt, and David Bruce Cousins. “A Scalable Implementation of Fully Homomorphic Encryption Built on NTRU.” International Con- ference on Financial Cryptography and Data Security. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014

work page 2014
[54]

Efficient Design of FHEW/TFHE Bootstrapping Implementation with Scalable Parameters

Ho, Ming-Chien, et al. “Efficient Design of FHEW/TFHE Bootstrapping Implementation with Scalable Parameters.” Proceedings of the 43rd IEEE/ACM International Conference on Computer-Aided Design, 2024

work page 2024
[55]

Principal component analysis using CKKS homomorphic scheme,

S. Panda, “Principal component analysis using CKKS homomorphic scheme,” in Proceedings of the International Symposium on Cyber Security, Cryptography and Machine Learning (CSCML 2021) , Cham, Switzerland: Springer International Publishing, 2021

work page 2021
[56]

Efficient Ranking, Order Statistics, and Sorting under CKKS,

F. Mazzone, M. Everts, F. Hahn, and A. Peter, “Efficient Ranking, Order Statistics, and Sorting under CKKS,” in Proc. 34th USENIX Security Symposium (USENIX Security ’25) , Aug. 2025

work page 2025
[57]

TaiYI: A high-performance CKKS accelerator for practical fully homomorphic encryption,

S. Fan et al., “TaiYI: A high-performance CKKS accelerator for practical fully homomorphic encryption,” arXiv preprint arXiv:2403.10188, 2024. Available: https://arxiv.org/abs/2403.10188

work page arXiv 2024
[58]

Privacy-Preserving Rule Induction Using CKKS,

J. Choi, J. Choi, Y . Lee, and J.-S. Hong, “Privacy-Preserving Rule Induction Using CKKS,” IEEE Access, vol. 12, pp. 171540–171558, 2024, doi:10.1109/ACCESS.2024.3498040

work page doi:10.1109/access.2024.3498040 2024
[59]

Homomorphic multiple precision multiplication for CKKS and reduced modulus consumption,

J. H. Cheon, W. Cho, J. Kim, and D. Stehlé, “Homomorphic multiple precision multiplication for CKKS and reduced modulus consumption,” in Proc. 2023 ACM SIGSAC Conf. on Computer and Communications Secu- rity (CCS ’23), Nov. 2023, pp. 696–710, doi:10.1145/3576915.3623086

work page doi:10.1145/3576915.3623086 2023
[60]

Privacy preserving federated learning using CKKS homomorphic encryption,

F. Qiu, Y . Yang, Y . Zhang, and X. Yuan, “Privacy preserving federated learning using CKKS homomorphic encryption,” in Proc. Int. Conf. on Wireless Algorithms, Systems, and Applications (WASA) , Cham, Switzer- land: Springer Nature, 2022, pp. 115–127

work page 2022
[61]

A Survey on FPGA-Based Accelerators for CKKS,

W. Zhao et al., “A Survey on FPGA-Based Accelerators for CKKS,” in Proc. 2024 IEEE Int. Test Conference in Asia (ITC-Asia) , 2024

work page 2024
[62]

BFV , CKKS, TFHE: Which one is the best for a secure neural network evaluation in the cloud?,

P.-E. Clet, O. Stan, and M. Zuber, “BFV , CKKS, TFHE: Which one is the best for a secure neural network evaluation in the cloud?,” in International Conference on Applied Cryptography and Network Security, Cham, Switzerland: Springer International Publishing, 2021

work page 2021
[63]

Hermes: Efficient Global Homomorphic Aggregation over Mutable Packed Ciphertexts

D. Zhao, “Hermes: High-Performance Homomorphically Encrypted Vec- tor Databases,” arXiv preprint arXiv:2506.03308 , Jun. 2025

work page internal anchor Pith review Pith/arXiv arXiv 2025
[64]

Compile-Time Fully Homomorphic Encryption: Eliminating Online Encryption via Algebraic Basis Synthesis,

D. Zhao, “Compile-Time Fully Homomorphic Encryption: Eliminating Online Encryption via Algebraic Basis Synthesis,” Cryptography, vol. 9, no. 2, pp. 1–25, Jun. 2025

work page 2025
[65]

A Note on Efficient Privacy-Preserving Similarity Search for Encrypted Vectors,

D. Zhao, “A Note on Efficient Privacy-Preserving Similarity Search for Encrypted Vectors,” arXiv preprint arXiv:2502.14291 , Feb. 2025

work page arXiv 2025
[66]

A compact and efficient hardware accelerator for RNS-CKKS en/decoding and en/decryption,

J. Wang, X. Chen, Y . Liu, F. Zhang, and H. Wu, “A compact and efficient hardware accelerator for RNS-CKKS en/decoding and en/decryption,” IEEE Transactions on Circuits and Systems II: Express Briefs , 2024

work page 2024
[67]

High-Precision Homomorphic Modular Reduction for CKKS Bootstrapping,

Z. Tan, Y . Li, X. Zhou, and J. Wang, “High-Precision Homomorphic Modular Reduction for CKKS Bootstrapping,” in Proceedings of the Australasian Conference on Information Security and Privacy (ACISP 2025), Singapore: Springer Nature Singapore, 2025

work page 2025
[68]

Low-complexity ciphertext multiplication for CKKS homomorphic encryption,

S. Akherati and X. Zhang, “Low-complexity ciphertext multiplication for CKKS homomorphic encryption,” IEEE Transactions on Circuits and Systems II: Express Briefs , vol. 71, no. 3, pp. 1396–1400, Mar. 2023

work page 2023
[69]

HEaaN-NB: Non-Interactive Privacy-Preserving Naive Bayes Using CKKS for Secure Outsourced Cloud Computing,

B. Han et al. , “HEaaN-NB: Non-Interactive Privacy-Preserving Naive Bayes Using CKKS for Secure Outsourced Cloud Computing,” IEEE Access, 2024

work page 2024
[70]

Towards Lightweight CKKS: On Client Cost Efficiency,

J. H. Cheon, M. Kang, and J. H. Park, “Towards Lightweight CKKS: On Client Cost Efficiency,” Cryptology ePrint Archive, Report 2024/767, 2024

work page 2024
[71]

Efficient Bootstrapping for Approximate Homomorphic Encryption with Non-sparse Keys,

J. P. Bossuat, C. Mouchet, J. Troncoso-Pastoriza, and J. P. Hubaux, “Efficient Bootstrapping for Approximate Homomorphic Encryption with Non-sparse Keys,” Cryptology ePrint Archive , Report 2020/1203, 2020. APPENDIX A CORRECTNESS OF SCHEME Let the secret key be s ∈ BP with Hamming weight h, and the public key pk = (b, a) ∈ BP 2 where b = −as + e for a sma...

work page 2020
[72]

By definition p(ϵenc) = ϵR, so ∥p(ϵenc)∥∞ ≤ 1 2∆

Because the coefficients were scaled by ∆, we have ∥ ϵR∥∞ ≤ 1 2∆. By definition p(ϵenc) = ϵR, so ∥p(ϵenc)∥∞ ≤ 1 2∆ . Finally, applying the linear map σ1 multiplies any vector norm by at most ∥σ1∥op, hence σ1 p(ϵenc) ∞ ≤ ∥σ1∥op 2∆ . C. Proof of lemma 3 Proof. Let (bi, ai) ∈ BP 2 be the two input ciphertexts for i ∈ {1, 2}, each decrypting under secret key ...

work page

[1] [1]

Homomorphic encryption for arithmetic of approximate numbers,

J. H. Cheon, A. Kim, M. Kim, and Y . Song, “Homomorphic encryption for arithmetic of approximate numbers,” Cryptology ePrint Archive , Report 2016/421, 2016

work page 2016

[2] [2]

Fully homomorphic en- cryption without modulus switching,

Z. Brakerski, C. Gentry, and V . Vaikuntanathan, “Fully homomorphic en- cryption without modulus switching,” Cryptology ePrint Archive, Report 2012/078, 2012

work page 2012

[3] [3]

Somewhat practical fully homomorphic encryption,

J. Fan and F. Vercauteren, “Somewhat practical fully homomorphic encryption,” Cryptology ePrint Archive , Report 2012/144, 2012

work page 2012

[4] [4]

Toward efficient homo- morphic encryption for outsourced databases through parallel caching,

O. T. Tawose, J. Dai, L. Yang, and D. Zhao, “Toward efficient homo- morphic encryption for outsourced databases through parallel caching,” Proceedings of the 2023 ACM SIGMOD International Conference on Management of Data (SIGMOD ’23) , 2023

work page 2023

[5] [5]

A class of error-correcting binary group codes,

R. C. Bose and D. K. Ray-Chaudhuri, “A class of error-correcting binary group codes,” Information and Control ,vol. 3,no. 1,pp. 68–79,1960

work page 1960

[6] [6]

Enhanced CKKS bootstrapping with generalized polynomial decomposition,

M. Lee, J. Lee, and Y . Song, “Enhanced CKKS bootstrapping with generalized polynomial decomposition,” in AsiaCCS ’25, 2025

work page 2025

[7] [7]

Low-latency bootstrapping for CKKS using sparse roots of unity,

J.-S. Coron and R. Köstler, “Low-latency bootstrapping for CKKS using sparse roots of unity,” in Crypto ’25 / Eurocrypt ’25, 2025

work page 2025

[8] [8]

Provably secure approximate computation protocols from CKKS,

I. Hwang, Y . Hwang, M. Kim, D. Lee, and Y . Song, “Provably secure approximate computation protocols from CKKS,” Cryptology ePrint Archive, Report 2025/395, 2025

work page 2025

[9] [9]

SHIP: A shallow and highly parallelizable CKKS bootstrapping algorithm,

J. H. Cheon, G. Hanrot, J. Kim, and D. Stehlé, “SHIP: A shallow and highly parallelizable CKKS bootstrapping algorithm,” in Proc. EURO- CRYPT 2025, pp. 398–428, Apr. 2025

work page 2025

[10] [10]

A fully homomorphic encryption scheme,

C. Gentry, “A fully homomorphic encryption scheme,” Ph.D. disserta- tion, Stanford University, 2009

work page 2009

[11] [11]

TFHE: Fast fully homomorphic encryption over the torus,

I. Chillotti, N. Gama, M. Georgieva, and M. Izabachène, “TFHE: Fast fully homomorphic encryption over the torus,” J. Cryptol. , vol. 33, pp. 34–91, 2020

work page 2020

[12] [12]

On ideal lattices and learn- ing with errors over rings,

V . Lyubashevsky, C. Peikert, and O. Regev, “On ideal lattices and learn- ing with errors over rings,” in Advances in Cryptology – EUROCRYPT 2010, vol. 6110, Springer, 2010, pp. 1–23

work page 2010

[13] [13]

Trapdoors for lattices: Simpler, tighter, faster, smaller,

D. Micciancio and C. Peikert, “Trapdoors for lattices: Simpler, tighter, faster, smaller,” in Advances in Cryptology – EUROCRYPT 2012 , vol. 7237, Springer, 2012, pp. 700–718

work page 2012

[14] [14]

Microsoft SEAL (release 4.1),

K. Laine, O. Saarikivi, et al., “Microsoft SEAL (release 4.1),” Microsoft Research, Jul. 2024. [Online]. Available: https://github.com/microsoft/ SEAL

work page 2024

[15] [15]

PALISADE lattice cryptography library (release 1.11.9),

Y . Polyakov, K. Rohloff, et al., “PALISADE lattice cryptography library (release 1.11.9),” Dec. 2022

work page 2022

[16] [16]

Bootstrapping bits with CKKS,

Y . Bae, J. H. Cheon, J. Kim, and D. Stehlé, “Bootstrapping bits with CKKS,” in Proc. EUROCRYPT 2024 , LNCS 14533. Springer, 2024, pp. 94–123

work page 2024

[17] [17]

Bootstrapping small integers with CKKS,

Y . Bae, J. Kim, D. Stehlé, and E. Suvanto, “Bootstrapping small integers with CKKS,” in Proc. ASIACRYPT 2024 , LNCS 14811. Springer, 2024, pp. 330–360

work page 2024

[18] [18]

HElib: Homomorphic encryption library (version 2.3.1),

S. Halevi and V . Shoup, “HElib: Homomorphic encryption library (version 2.3.1),” [Online]. Available: https://github.com/homenc/HElib

work page

[19] [19]

CryptoNets: Applying neural networks to encrypted data,

R. Gilad-Bachrach, N. Dowlin, K. Laine, K. Lauter, M. Naehrig, and J. Wernsing, “CryptoNets: Applying neural networks to encrypted data,” in Proc. ICML 2016 , pp. 201–210

work page 2016

[20] [20]

FedSHE: pri- vacy preserving and efficient federated learning with adaptive segmented CKKS homomorphic encryption,

Y . Pan, Z. Chao, H. Wang, J. Yang, H. Li, and L. Wang, “FedSHE: pri- vacy preserving and efficient federated learning with adaptive segmented CKKS homomorphic encryption,”Cybersecurity, vol. 7, Art. no. 40, 2024

work page 2024

[21] [21]

Fully homomorphic encryption over the integers,

M. van Dijk, C. Gentry, S. Halevi, and V . Vaikuntanathan, “Fully homomorphic encryption over the integers,” Cryptology ePrint Archive , Report2009/616, 2009

work page 2009

[22] [22]

Practical solutions in fully homomorphic encryption: a survey analyzing existing acceleration methods,

Y . Gong, X. Chang, J. Miši ´c, V . B. Miši ´c, J. Wang, and H. Zhu, “Practical solutions in fully homomorphic encryption: a survey analyzing existing acceleration methods,” Cybersecurity, vol. 7, Art. no. 5, 2024

work page 2024

[23] [23]

A new framework for fast homomorphic matrix multiplication,

X. Zheng, H. Li, and D. Wang, “A new framework for fast homomorphic matrix multiplication,” Cryptology ePrint Archive , Report 2023/1649, 2023

work page 2023

[24] [24]

Configurable encryption and decryp- tion architectures for CKKS-based homomorphic encryption,

J. Lee, P. N. Duong, and H. Lee, “Configurable encryption and decryp- tion architectures for CKKS-based homomorphic encryption,” Sensors, vol. 23, no. 17, Art. no. 7389, 2023

work page 2023

[25] [25]

Privacy-preserving neural networks with homomorphic encryption: Challenges and op- portunities,

B. Pulido-Gaytan, A. Tchernykh, J. M. Cortés-Mendoza, M. Babenko, G. Radchenko, A. Avetisyan, and A. Yu. Drozdov, “Privacy-preserving neural networks with homomorphic encryption: Challenges and op- portunities,” Peer-to-Peer Networking & Applications , vol. 14, no. 3, Art. no. 1666, 2021

work page 2021

[26] [26]

A systematic review of homomorphic en- cryption and its contributions in healthcare industry,

K. Munjal and R. Bhatia, “A systematic review of homomorphic en- cryption and its contributions in healthcare industry,” Complex Intelligent Systems, vol. 9, pp. 3759–3786, 2023

work page 2023

[27] [27]

Privacy-preserving graph-based ma- chine learning with fully homomorphic encryption for collaborative anti- money laundering,

Y . Effendi and A. Chattopadhyay, “Privacy-preserving graph-based ma- chine learning with fully homomorphic encryption for collaborative anti- money laundering,” arXiv preprint arXiv:2411.02926 , 2024

work page arXiv 2024

[28] [28]

On Ideal Lattices and Learning With Errors Over Rings,

V . Lyubashevsky, C. Peikert, and O. Regev, “On Ideal Lattices and Learning With Errors Over Rings,” in Advances in Cryptology – EU- ROCRYPT 2010, pp. 1––23, 2010

work page 2010

[29] [29]

Arithmetic of Hermitian forms,

G. Shimura, “Arithmetic of Hermitian forms,” Documenta Mathematica, vol. 13, pp. 739–774, 2008

work page 2008

[30] [30]

W. W. Peterson and E. J. Weldon, Jr., Error-Correcting Codes, 2nd ed., MIT Press, 1972

work page 1972

[31] [31]

Lin and D

S. Lin and D. J. Costello, Jr., Error Control Coding , 2nd ed., Prentice Hall, 2004

work page 2004

[32] [32]

FHEBench: Benchmarking Fully Homomorphic Encryption Schemes,

L.Jiang and L.Ju, “FHEBench: Benchmarking Fully Homomorphic Encryption Schemes,” arXiv preprint arXiv:2203.00728 , Mar.2022

work page arXiv 2022

[33] [33]

Extension of the Berlekamp–Massey algorithm to N dimen- sions,

S. Sakata, “Extension of the Berlekamp–Massey algorithm to N dimen- sions,” Information and Computation , vol. 84, no. 2, pp. 207–239, Feb. 1990

work page 1990

[34] [34]

Caulk: Lookup arguments in sublinear time

Zapico, Arantxa, et al. "Caulk: Lookup arguments in sublinear time." Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. 2022

work page 2022

[35] [35]

Baloo: Nearly optimal lookup arguments

Zapico, Arantxa, et al. "Baloo: Nearly optimal lookup arguments." Cryptology ePrint Archive (2022)

work page 2022

[36] [36]

FLUTE: fast and secure lookup table evaluations

Brüggemann, Andreas, et al. "FLUTE: fast and secure lookup table evaluations." 2023 IEEE Symposium on Security and Privacy (SP). IEEE, 2023

work page 2023

[37] [37]

HE is all you need: Compressing FHE ciphertexts using additive HE,

R. A. Mahdavi, A. Diaa, and F. Kerschbaum, “HE is all you need: Compressing FHE ciphertexts using additive HE,” arXiv preprint arXiv:2303.09043, Mar. 2023

work page arXiv 2023

[38] [38]

Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds,

I. Chillotti, N. Gama, M. Georgieva, and M. Izabachène, “Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds,” in Proc. ASIACRYPT, 2016, pp. 3 – 33

work page 2016

[39] [39]

A unified analysis of FHEW/TFHE bootstrapping,

L. Ducas, S. Halevi, and V . Vaikuntanathan, “A unified analysis of FHEW/TFHE bootstrapping,”Cryptology ePrint Archive, Paper 2022/987, 2022

work page 2022

[40] [40]

Quantum fully homomorphic encryption scheme based on quantum fault-tolerant construction

M. Liang and L. Yang, “Quantum fully homomorphic encryption scheme based on quantum fault-tolerant construction,” arXiv preprint arXiv:1503.04061, Mar. 2015

work page internal anchor Pith review Pith/arXiv arXiv 2015

[41] [41]

Error-correctable efficient quantum homomorphic encryption using Calderbank–Shor–Steane codes

Sohn, IlKwon, et al. "Error-correctable efficient quantum homomorphic encryption using Calderbank–Shor–Steane codes." Quantum Information Processing 24.2 (2025): 28

work page 2025

[42] [42]

Permutation-key quantum ho- momorphic encryption with quantum error correction,

Y . Chen, S. Li, K. Zhang, and L. Yang, “Permutation-key quantum ho- momorphic encryption with quantum error correction,”arXiv:2204.10471, Apr. 2022

work page arXiv 2022

[43] [43]

Lattigo: A Go Library for Lattice-Based Homomorphic Encryption,

Lattigo Development Team, “Lattigo: A Go Library for Lattice-Based Homomorphic Encryption,” GitHub repository, 2022. Available: https:// github.com/ldsec/lattigo

work page 2022

[44] [44]

Silca: Singular caching of homomorphic encryption for outsourced databases in cloud computing,

D. Zhao, “Silca: Singular caching of homomorphic encryption for outsourced databases in cloud computing,” arXiv:2306.14436, June 2023

work page arXiv 2023

[45] [45]

HOPE: Homomorphic order-preserving encryp- tion for outsourced databases—A stateless approach,

B. Wang and D. Zhao, “HOPE: Homomorphic order-preserving encryp- tion for outsourced databases—A stateless approach,” arXiv:2411.17009, Nov. 2024

work page arXiv 2024

[46] [46]

GlitchFHE: Attacking fully homomorphic encryption using fault injection,

L. L. Mankali, M. Nabeel, F. Raees, M. Maniatakos, O. Sinanoglu, and J. Knechtel, “GlitchFHE: Attacking fully homomorphic encryption using fault injection,” in Proceedings of the 34th USENIX Security Symposium (USENIX Security’25), Los Angeles, CA, USA, Aug. 2025

work page 2025

[47] [47]

On the security and privacy of CKKS-based homomorphic evaluation protocols,

I. Hwang, S. Min, J. Seo, and Y . Song, “On the security and privacy of CKKS-based homomorphic evaluation protocols,” Cryptology ePrint Archive, Report 2025/382, Mar. 2025

work page 2025

[48] [48]

Random permutation set,

Y . Deng, “Random permutation set,”International Journal of Computers Communications & Control , vol. 17, no. 1, Art. no. 4542, Feb. 2022. https://doi.org/10.15837/ijccc.2022.1.4542

work page doi:10.15837/ijccc.2022.1.4542 2022

[49] [49]

SPRING: Fast Pseudorandom Functions from Rounded Ring Products,

A. Banerjee, H. Brenner, G. Leurent, C. Peikert, and A. Rosen, “SPRING: Fast Pseudorandom Functions from Rounded Ring Products,” Tech. report, Georgia Tech/IDC Herzliya/INRIA, 2015. [Online]. Avail- able: https://www.alonrosen.net/PAPERS/spring/spring.pdf

work page 2015

[50] [50]

HE-Booster: An Efficient Polynomial Arithmetic Acceleration on GPUs for Fully Homomorphic Encryption

Wang, Zhiwei, Peinan Li, Rui Hou, et al. “HE-Booster: An Efficient Polynomial Arithmetic Acceleration on GPUs for Fully Homomorphic Encryption.” IEEE Transactions on Parallel and Distributed Systems , 2023

work page 2023

[51] [51]

The Asymptotic Complexity of Coded-BKW with Sieving Using Increasing Reduction Factors

Mårtensson, Erik. “The Asymptotic Complexity of Coded-BKW with Sieving Using Increasing Reduction Factors.” IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019

work page 2019

[52] [52]

A Full RNS Variant of Approximate Ho- momorphic Encryption

Cheon, Jung Hee, et al. “A Full RNS Variant of Approximate Ho- momorphic Encryption.” International Conference on Selected Areas in Cryptography. Cham: Springer International Publishing, 2018

work page 2018

[53] [53]

A Scalable Implementation of Fully Homomorphic Encryption Built on NTRU

Rohloff, Kurt, and David Bruce Cousins. “A Scalable Implementation of Fully Homomorphic Encryption Built on NTRU.” International Con- ference on Financial Cryptography and Data Security. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014

work page 2014

[54] [54]

Efficient Design of FHEW/TFHE Bootstrapping Implementation with Scalable Parameters

Ho, Ming-Chien, et al. “Efficient Design of FHEW/TFHE Bootstrapping Implementation with Scalable Parameters.” Proceedings of the 43rd IEEE/ACM International Conference on Computer-Aided Design, 2024

work page 2024

[55] [55]

Principal component analysis using CKKS homomorphic scheme,

S. Panda, “Principal component analysis using CKKS homomorphic scheme,” in Proceedings of the International Symposium on Cyber Security, Cryptography and Machine Learning (CSCML 2021) , Cham, Switzerland: Springer International Publishing, 2021

work page 2021

[56] [56]

Efficient Ranking, Order Statistics, and Sorting under CKKS,

F. Mazzone, M. Everts, F. Hahn, and A. Peter, “Efficient Ranking, Order Statistics, and Sorting under CKKS,” in Proc. 34th USENIX Security Symposium (USENIX Security ’25) , Aug. 2025

work page 2025

[57] [57]

TaiYI: A high-performance CKKS accelerator for practical fully homomorphic encryption,

S. Fan et al., “TaiYI: A high-performance CKKS accelerator for practical fully homomorphic encryption,” arXiv preprint arXiv:2403.10188, 2024. Available: https://arxiv.org/abs/2403.10188

work page arXiv 2024

[58] [58]

Privacy-Preserving Rule Induction Using CKKS,

J. Choi, J. Choi, Y . Lee, and J.-S. Hong, “Privacy-Preserving Rule Induction Using CKKS,” IEEE Access, vol. 12, pp. 171540–171558, 2024, doi:10.1109/ACCESS.2024.3498040

work page doi:10.1109/access.2024.3498040 2024

[59] [59]

Homomorphic multiple precision multiplication for CKKS and reduced modulus consumption,

J. H. Cheon, W. Cho, J. Kim, and D. Stehlé, “Homomorphic multiple precision multiplication for CKKS and reduced modulus consumption,” in Proc. 2023 ACM SIGSAC Conf. on Computer and Communications Secu- rity (CCS ’23), Nov. 2023, pp. 696–710, doi:10.1145/3576915.3623086

work page doi:10.1145/3576915.3623086 2023

[60] [60]

Privacy preserving federated learning using CKKS homomorphic encryption,

F. Qiu, Y . Yang, Y . Zhang, and X. Yuan, “Privacy preserving federated learning using CKKS homomorphic encryption,” in Proc. Int. Conf. on Wireless Algorithms, Systems, and Applications (WASA) , Cham, Switzer- land: Springer Nature, 2022, pp. 115–127

work page 2022

[61] [61]

A Survey on FPGA-Based Accelerators for CKKS,

W. Zhao et al., “A Survey on FPGA-Based Accelerators for CKKS,” in Proc. 2024 IEEE Int. Test Conference in Asia (ITC-Asia) , 2024

work page 2024

[62] [62]

BFV , CKKS, TFHE: Which one is the best for a secure neural network evaluation in the cloud?,

P.-E. Clet, O. Stan, and M. Zuber, “BFV , CKKS, TFHE: Which one is the best for a secure neural network evaluation in the cloud?,” in International Conference on Applied Cryptography and Network Security, Cham, Switzerland: Springer International Publishing, 2021

work page 2021

[63] [63]

Hermes: Efficient Global Homomorphic Aggregation over Mutable Packed Ciphertexts

D. Zhao, “Hermes: High-Performance Homomorphically Encrypted Vec- tor Databases,” arXiv preprint arXiv:2506.03308 , Jun. 2025

work page internal anchor Pith review Pith/arXiv arXiv 2025

[64] [64]

Compile-Time Fully Homomorphic Encryption: Eliminating Online Encryption via Algebraic Basis Synthesis,

D. Zhao, “Compile-Time Fully Homomorphic Encryption: Eliminating Online Encryption via Algebraic Basis Synthesis,” Cryptography, vol. 9, no. 2, pp. 1–25, Jun. 2025

work page 2025

[65] [65]

A Note on Efficient Privacy-Preserving Similarity Search for Encrypted Vectors,

D. Zhao, “A Note on Efficient Privacy-Preserving Similarity Search for Encrypted Vectors,” arXiv preprint arXiv:2502.14291 , Feb. 2025

work page arXiv 2025

[66] [66]

A compact and efficient hardware accelerator for RNS-CKKS en/decoding and en/decryption,

J. Wang, X. Chen, Y . Liu, F. Zhang, and H. Wu, “A compact and efficient hardware accelerator for RNS-CKKS en/decoding and en/decryption,” IEEE Transactions on Circuits and Systems II: Express Briefs , 2024

work page 2024

[67] [67]

High-Precision Homomorphic Modular Reduction for CKKS Bootstrapping,

Z. Tan, Y . Li, X. Zhou, and J. Wang, “High-Precision Homomorphic Modular Reduction for CKKS Bootstrapping,” in Proceedings of the Australasian Conference on Information Security and Privacy (ACISP 2025), Singapore: Springer Nature Singapore, 2025

work page 2025

[68] [68]

Low-complexity ciphertext multiplication for CKKS homomorphic encryption,

S. Akherati and X. Zhang, “Low-complexity ciphertext multiplication for CKKS homomorphic encryption,” IEEE Transactions on Circuits and Systems II: Express Briefs , vol. 71, no. 3, pp. 1396–1400, Mar. 2023

work page 2023

[69] [69]

HEaaN-NB: Non-Interactive Privacy-Preserving Naive Bayes Using CKKS for Secure Outsourced Cloud Computing,

B. Han et al. , “HEaaN-NB: Non-Interactive Privacy-Preserving Naive Bayes Using CKKS for Secure Outsourced Cloud Computing,” IEEE Access, 2024

work page 2024

[70] [70]

Towards Lightweight CKKS: On Client Cost Efficiency,

J. H. Cheon, M. Kang, and J. H. Park, “Towards Lightweight CKKS: On Client Cost Efficiency,” Cryptology ePrint Archive, Report 2024/767, 2024

work page 2024

[71] [71]

Efficient Bootstrapping for Approximate Homomorphic Encryption with Non-sparse Keys,

J. P. Bossuat, C. Mouchet, J. Troncoso-Pastoriza, and J. P. Hubaux, “Efficient Bootstrapping for Approximate Homomorphic Encryption with Non-sparse Keys,” Cryptology ePrint Archive , Report 2020/1203, 2020. APPENDIX A CORRECTNESS OF SCHEME Let the secret key be s ∈ BP with Hamming weight h, and the public key pk = (b, a) ∈ BP 2 where b = −as + e for a sma...

work page 2020

[72] [72]

By definition p(ϵenc) = ϵR, so ∥p(ϵenc)∥∞ ≤ 1 2∆

Because the coefficients were scaled by ∆, we have ∥ ϵR∥∞ ≤ 1 2∆. By definition p(ϵenc) = ϵR, so ∥p(ϵenc)∥∞ ≤ 1 2∆ . Finally, applying the linear map σ1 multiplies any vector norm by at most ∥σ1∥op, hence σ1 p(ϵenc) ∞ ≤ ∥σ1∥op 2∆ . C. Proof of lemma 3 Proof. Let (bi, ai) ∈ BP 2 be the two input ciphertexts for i ∈ {1, 2}, each decrypting under secret key ...

work page