FHE-Related Comments on NIST First Call for Multi-Party Threshold Schemes

In this talk, I will discuss the public comments prepared by Ahmad Al Badawi, Andreea Alexandru, Nicholas Genise, Daniele Micciancio, Yuriy Polyakov, Saraswathy R.V. and Vinod Vaikuntanathan (see https://csrc.nist.gov/files/pubs/ir/8214/c/ipd/docs/nistir-8214c-ipd-public-feedback.pdf for the detailed version of the comments). Our comments are for Fully Homomorphic Encryption (FHE) schemes based on LWE and Ring/Module LWE over power-of-two cyclotomic rings, since this is what is most commonly implemented in open-source libraries. Our comments can apply to other FHE schemes with different hardness assumptions as well (e.g., NTRU). The comments covered in my talk include: (1) Motivation for standardizing (Threshold) Fully-Homomorphic Encryption; (2) FHE use cases; (3) FHE schemes’ Threshold friendliness; (4) Open-source implementations.

[Slides] [Video]