# Threshold FHE Proposal *Author: Bhargav Annem* *Date: 10/28/2023* ## Project The goal of this project is to implement a threshold fully homomorphic encryption scheme as described by in [Boneh, 2017](https://eprint.iacr.org/2017/956.pdf) as a Rust crate. The core components consist of implementing fully homomorphic encryption over a torus as described in [CGG116](https://eprint.iacr.org/2018/421.pdf). The current implementation by Zama.ai is not open-source, so it would be useful to write an open-sourced version of it. The implementation consists of a TGLWE encryption/descryption scheme, bootstrapping, etc. as described in the paper. Then, we will implement (1) Boneh's recommended modifications (i.e. implementing {0,1} linear secret sharing) and (2) a universal thresholdizer. A basic minimally viable implementation consists of a Rust crate that offers the following TFHE primitives: - Setup($1^\lambda, 1^d, \mathbb{A}$) $\rightarrow (pk, sk)$ - Encrypt($pk, M$) $\rightarrow ct$ - Eval($pk, C, ct_1, ct_2, ...ct_n$) $\rightarrow \hat{ct}$ - PartDec($pk, ct, sk$) $\rightarrow p_i$ - FinDec($pk, B$) $\rightarrow \hat{M}$ Where $\lambda$ is the security parameter, $d$ is the depth bound, $\mathbb{A}$ is the access structure (from $\{0, 1\}$-LSSS), $M$ is the message, $pk$ is the private key, $C$ is a boolean circuit $f: \{0, 1\}^k \rightarrow \{0, 1\}$, $ct_i$ is a ciphertext, and $B = \{p_i\}$. More details on page 15 of the Boneh paper. Once the intial Torus TFHE scheme is implemented, we will implement multiparty homomorphic encryption for collective encryption, decryption, and keygen. Similar works include [Padron, 2016](https://courses.csail.mit.edu/6.857/2016/files/17.pdf), [Mouchet et. al, 2020](https://eprint.iacr.org/2020/304.pdf) and [Ghanem, 2019](https://ieeexplore.ieee.org/document/9014698/authors#authors). ## Extensions This initial version can be extended to implement BGV, CKKS, and other FHE schemes. Once the initial TFHE scheme is matured, some possible extension projects include the following: - Implementing a package for threshold signature - Thresholdizing lattice-based cryptosystems ([Boneh & Gennaro, 2017](https://eprint.iacr.org/2017/251.pdf)) - Optimizing the universal thresholdizer ([Cheon, 2023](https://eprint.iacr.org/2023/545.pdf)) - Private Key Encryption - Implementing a succint publicly certifiable system (SPuC) from ([Campanelli, 2021](https://eprint.iacr.org/2021/1618.pdf))