I Want to use “multiparty homomorphic re-encryption” for ckks. More precisely, “n” parties have a shared private key of ckks encryption system, and a message “m” (i.e. a real number vector) is encrypted by their public key. They want to re-encrypt this message under the public key of another party, without decrypting and knowing the value of message “m”.
Can this task have done by this library? Can you have get me a code that perform this task, please?
Just to confirm. You are referring to the threshold FHE setting (not multi-key FHE; see Homomorphic Encryption for OpenFHE Users – OpenFHE.org for the explanation of both) where the message “m” is encrypted under a public joint key. Then you want to re-encrypt the message using Proxy Re-Encryption to a different key (not related to the Threshold FHE shared key or party secret shares). So basically, your question: can PRE be used together with Threshold FHE? Is my understanding correct? If not, please clarify.
I want to know if we have Threshold FHE and PRE use together and parties that have share of secret key, without decrypting and knowing the message “m”, re encrypt it to another party public key (this party is differ from the parties that have share of joint public key)
HI @Omid This capability can be added. Basically we would need to add a distributed version of
ReKeyGen for this. I added a new issue Add distributed ReKeyGen for BGV, BFV, and CKKS threshold FHE · Issue #361 · openfheorg/openfhe-development · GitHub and assigned it to the v1.1 milestone.
May I ask if this function has been implemented
I’ve bumped up the priority of this function (moved it to the milestone for v1.2).
May I ask if there are any reference papers for the distributed proxy re encryption of threshold, or if you have cited papers for implementing this function？
For proxy re-encryption, we are planning to post a paper a little bit later (this paper will describe the current PRE algorithms implemented in OpenFHE).
Code-wise, the change includes the following two high-level steps:
The high-level logic will be the same as for automorphism keys, but the evaluation keys will be re-encryption keys. See slide 15 of the Multiparty webinar for conceptual details.
Re-encryption itself would be done the same way as in the single-party case.