Abstract
Integers can be decomposed in multiple ways. The choice of a recoding technique is generally dictated by performance considerations. The usual metric for optimizing the decomposition is the Hamming weight. In this work, we consider a different metric and propose new modified forms (i.e., integer representations using signed digits) that satisfy minimality requirements under the new metric. Specifically, we introduce what we call balanced non-adjacent forms and prove that they feature a minimal Euclidean weight. We also present efficient algorithms to produce these new minimal forms. We analyze their asymptotic and exact distributions. We extend the definition to modular integers and show similar optimality results. The balanced non-adjacent forms find natural applications in fully homomorphic encryption as they optimally reduce the noise variance in LWE-type ciphertexts.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Alperin-Sheriff, J., Peikert, C.: Faster bootstrapping with polynomial error. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 297–314. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_17
Arno, S., Wheeler, F.S.: Signed digit representations of minimal Hamming weight. IEEE Trans. Comput. 42(8), 1007–1110 (1993). https://doi.org/10.1109/12.238495
Brakerski, Z.: Fully homomorphic encryption without modulus switching from classical GapSVP. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 868–886. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_50
Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. ACM Trans. Computa. Theory 6(3), 13:1–13:36 (2014). https://doi.org/10.1145/2633600. Earlier version in ITCS 2012
Brakerski, Z., Langlois, A., Peikert, C., Regev, O., Stehlé, D.: Classical hardness of learning with errors. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) 45th Annual ACM Symposium on Theory of Computing, pp. 575–584. ACM Press (2013). https://doi.org/10.1145/2488608.2488680
Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) \({\sf LWE}\). SIAM J. Comput. 43(2), 831–871 (2014). https://doi.org/10.1137/120868669
Cheon, J.H., Kim, A., Kim, M., Song, Y.: Homomorphic encryption for arithmetic of approximate numbers. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 409–437. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_15
Cheon, J.H., Stehlé, D.: Fully homomophic encryption over the integers revisited. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 513–536. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_20
Chillotti, I., Gama, N., Georgieva, M., Izabachène, M.: TFHE: fast fully homomorphic encryption over the torus. J. Cryptol. 33(1), 34–91 (2019). https://doi.org/10.1007/s00145-019-09319-x
Clark, W.E., Liang, J.J.: On arithmetic weight for a general radix representation of integers. IEEE Trans. Inf. Theory 19(6), 823–826 (1973). https://doi.org/10.1109/TIT.1973.1055100
Crandall, R., Fagin, B.: Discrete weighted transforms and large-integer arithmetic. Math. Comput. 62(205), 305–324 (1994). https://doi.org/10.1090/S0025-5718-1994-1185244-1
Crandall, R., Pomerance, C.: Prime Numbers: A Computational Perspective. Springer, New York (2001). https://doi.org/10.1007/978-1-4684-9316-0
Ducas, L., Micciancio, D.: FHEW: bootstrapping homomorphic encryption in less than a second. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 617–640. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_24
Gentry, C.: Computing arbitrary functions of encrypted data. Commun. ACM 53(3), 97–105 (2010). https://doi.org/10.1145/1666420.1666444
Gentry, C., Sahai, A., Waters, B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 75–92. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_5
Gordon, D.M.: A survey of fast exponentiation methods. J. Algorithms 27(1), 129–146 (1998). https://doi.org/10.1006/jagm.1997.0913
Halevi, S.: Homomorphic encryption. In: Lindell, Y. (ed.) Tutorials on the Foundations of Cryptography. ISC, pp. 219–276. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-57048-8_5
Jao, D., Raju, S.R., Venkatesan, R.: Digit set randomization in elliptic curve cryptography. In: Hromkovič, J., Královič, R., Nunkesser, M., Widmayer, P. (eds.) SAGA 2007. LNCS, vol. 4665, pp. 105–117. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74871-7_10
Joye, M., Yen, S.M.: Optimal left-to-right binary signed-digit exponent recoding. IEEE Trans. Comput. 49(7), 740–748 (2000). https://doi.org/10.1109/12.863044
Joye, M., Yen, S.-M.: New minimal modified radix-r representation with applications to smart cards. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 375–383. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45664-3_27
Koblitz, N.: CM-curves with good cryptographic properties. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 279–287. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_22
Koren, I.: Computer Arithmetic Algorithms, 2nd edn. A K Peters/CRC Press (2002). https://doi.org/10.1201/9781315275567
Langlois, A., Stehlé, D.: Worst-case to average-case reductions for module lattices. Des. Codes Crypt. 75(3), 565–599 (2014). https://doi.org/10.1007/s10623-014-9938-4
van Lint, J.H.: Introduction to Coding Theory. Graduate Texts in Mathematics, vol. 86, 3rd edn. Springer, Heidelberg. (1999). https://doi.org/10.1007/978-3-642-58575-3
Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. J. ACM 60(6), 43:1–43:35 (2013). https://doi.org/10.1145/2535925
Meier, W., Staffelbach, O.: Efficient multiplication on certain nonsupersingular elliptic curves. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 333–344. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_24
Micciancio, D.: Generalized compact knapsacks, cyclic lattices, and efficient one-way functions. Comput. Complex. 16(4), 365–411 (2007). https://doi.org/10.1007/s00037-007-0234-9
Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700–718. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_41
Micciancio, D., Polyakov, Y.: Bootstrapping in FHEW-like cryptosystems. Cryptology ePrint Archive, Report 2020/086 (2020). https://ia.cr/2020/086
Morain, F., Olivos, J.: Speeding up the computations on an elliptic curve using addition-subtraction chains. RAIRO Theoret. Inform. Appl. 24(6), 531–543 (1990). https://doi.org/10.1051/ita/1990240605311
Muir, J.A., Stinson, D.R.: Alternative digit sets for nonadjacent representations. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 306–319. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24654-1_22
Muir, J.A., Stinson, D.R.: Minimality and other properties of the width-\(w\) nonadjacent form. Math. Comput. 75(253), 369–384 (2005). https://doi.org/10.1090/S0025-5718-05-01769-2
Qin, B., Li, M., Kong, F., Li, D.: New left-to-right minimal weight signed-digit radix-\(r\) representation. Comput. Electr. Eng. 35(1), 150–158 (2008). https://doi.org/10.1016/j.compeleceng.2008.09.007
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 34:1–34:40 (2009). https://doi.org/10.1145/1568318.1568324
Reitwiesner, G.W.: Binary arithmetic. Adv. Comput. 1, 231–308 (1960). https://doi.org/10.1016/S0065-2458(08)60610-5
Rivest, R.L., Adleman, L., Detouzos, M.L.: On data banks and privacy homomorphisms. In: DeMillo, R.A., Dobkin, D.P., Jones, A.K., Lipton, R.J. (eds.) Foundations of Secure Computation. pp. 165–179. Academic Press (1978). https://people.csail.mit.edu/rivest/pubs.html#RAD78
Solinas, J.A.: Efficient arithmetic on Koblitz curves. Des. Codes Crypt. 19(2/3), 195–249 (2000). https://doi.org/10.1023/A:1008306223194
Stehlé, D., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 617–635. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_36
Takagi, T., Yen, S.-M., Wu, B.-C.: Radix-r non-adjacent form. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 99–110. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30144-8_9
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 International Association for Cryptologic Research
About this paper
Cite this paper
Joye, M. (2021). Balanced Non-adjacent Forms. In: Tibouchi, M., Wang, H. (eds) Advances in Cryptology – ASIACRYPT 2021. ASIACRYPT 2021. Lecture Notes in Computer Science(), vol 13092. Springer, Cham. https://doi.org/10.1007/978-3-030-92078-4_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-92078-4_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-92077-7
Online ISBN: 978-3-030-92078-4
eBook Packages: Computer ScienceComputer Science (R0)Springer Nature Proceedings Computer Science