Ring Theoretic Key Exchange for Homomorphic Encryption

Abstract

We propose a key exchange protocol that works in a polynomial ideal setting. We do this so that the key can be used for a homomorphic cryptography protocol. The advantage of using key exchange over a public key system is that a large proportion of the process needs to be carried out only once instead of needing a more complicated encryption function to use for each piece of data. Polynomials rings are an appropriate choice of structure for this particular type of scheme as they allow universal computation. This paper will examine how we can perform computation correctly on cipher texts and address some of the potential weaknesses of such a process.

This work was supported by the Engineering and Physical Sciences Research Council, Centre for Doctoral Training in Cloud Computing for Big Data [grant number EP/L015358/1].

Appendix

To prevent tedious amounts of expanding brackets, we will keep a lot of the polynomials factored and we will also make the substitutions

$$ \begin{array}{*{20}c} {A = xyxzyx, B = xy^{2} zx, C = zyxyz, D = z^{2} xyz,} \\ {W = yxy.} \\ \end{array} $$

This means that we have the public ideal \( \left\langle { \left( {W + z} \right)^{2} } \right\rangle \) that we can use to reduce terms while in the cloud. We will also have the private ideal \( \left\langle {\left( {A + B + C + D} \right)\left( {W + z} \right) - 1,~\left( {W + z} \right)\left( {A + B + C + D} \right) - 1} \right\rangle \) to be used for further reduction once offline. Now let’s do a simple calculation.

$$ \begin{array}{*{20}c} {\left( {Enc\left( x \right) + Enc\left( y \right)} \right)*Enc\left( z \right)} \\ { = (\left( {A + B + C + D} \right)x\left( {W + z} \right) + \left( {W + z} \right)x\left( {A + B + C + D} \right)} \\ { + \left( {A + B + C + D} \right)y\left( {W + z} \right) + \left( {W + z} \right)y\left( {A + B + C + D} \right))} \\ {*\left( {\left( {A + B + C + D} \right)z\left( {W + z} \right) + \left( {W + z} \right)z\left( {A + B + C + D} \right)} \right)} \\ { = \left( {\left( {A + B + C + D} \right)\left( {x + y} \right)\left( {W + z} \right) + \left( {W + z} \right)\left( {x + y} \right)\left( {A + B + C + D} \right)} \right)} \\ {*\left( {\left( {A + B + C + D} \right)z\left( {W + z} \right) + \left( {W + z} \right)z\left( {A + B + C + D} \right)} \right)} \\ { = \left( {A + B + C + D} \right)\left( {x + y} \right)\left( {W + z} \right)\left( {A + B + C + D} \right)z\left( {W + z} \right)} \\ { + \left( {A + B + C + D} \right)\left( {x + y} \right)\left( {W + z} \right)^{2} z\left( {A + B + C + D} \right)} \\ { + \left( {W + z} \right)\left( {x + y} \right)\left( {A + B + C + D} \right)^{2} z\left( {W + z} \right)} \\ { + \left( {W + z} \right)\left( {x + y} \right)\left( {A + B + C + D} \right)\left( {W + z} \right)z\left( {A + B + C + D} \right).} \\ \end{array} $$

Our public ideal space kills off multiples of \( \left( {W + z} \right)^{2} \), so that leaves us with

$$ \begin{array}{*{20}c} {\left( {A + B + C + D} \right)\left( {x + y} \right)\left( {W + z} \right)\left( {A + B + C + D} \right)z\left( {W + z} \right)} \\ { + \left( {W + z} \right)\left( {x + y} \right)\left( {A + B + C + D} \right)^{2} z\left( {W + z} \right)} \\ { + \left( {W + z} \right)\left( {x + y} \right)\left( {A + B + C + D} \right)\left( {W + z} \right)z\left( {A + B + C + D} \right).} \\ \end{array} $$

Performing the decryption method, we have

$$ \begin{array}{*{20}c} {Dec\left( {\left( {Enc\left( x \right) + Enc\left( y \right)} \right)*Enc\left( z \right)} \right)} \\ {\left( {W + z} \right)(\left( {A + B + C + D} \right)\left( {x + y} \right)\left( {W + z} \right)\left( {A + B + C + D} \right)z\left( {W + z} \right)} \\ { + \left( {W + z} \right)\left( {x + y} \right)\left( {A + B + C + D} \right)^{2} z\left( {W + z} \right)} \\ { + \left( {W + z} \right)\left( {x + y} \right)\left( {A + B + C + D} \right)\left( {W + z} \right)z\left( {A + B + C + D} \right))\left( {A + B + C + D} \right)} \\ { = \left( {W + z} \right)\left( {A + B + C + D} \right)\left( {x + y} \right)\left( {W + z} \right)\left( {A + B + C + D} \right)z\left( {W + z} \right)\left( {A + B + C + D} \right)} \\ { + \left( {W + z} \right)^{2} \left( {x + y} \right)\left( {A + B + C + D} \right)^{2} z\left( {W + z} \right)\left( {A + B + C + D} \right)} \\ { + \left( {W + z} \right)^{2} \left( {x + y} \right)\left( {A + B + C + D} \right)\left( {W + z} \right)z\left( {A + B + C + D} \right)^{2} .} \\ \end{array} $$

Once again reducing according to our public ideal we are left with

$$ \left( {W + z} \right)\left( {A + B + C + D} \right)\left( {x + y} \right)\left( {W + z} \right)\left( {A + B + C + D} \right)z\left( {W + z} \right)\left( {A + B + C + D} \right). $$

Now that we are offline we can use the private ideal which gives us

$$ 1*\left( {x + y} \right)*1*z*1 = \left( {x + y} \right)*z, $$

as required.