Fast polynomial arithmetic in homomorphic encryption with cyclo-multiquadratic fields

Abstract

We discuss the advantages and limitations of cyclotomic fields to have fast polynomial arithmetic within homomorphic encryption, and show how these limitations can be overcome by replacing cyclotomic fields by a family that we refer to as cyclo-multiquadratic. This family is of particular interest due to its arithmetic efficiency properties and to the fact that the Polynomial Learning with Errors (PLWE) and Ring Learning with Errors (RLWE) problems are equivalent for it. Likewise, we provide exact expressions for the condition number for any cyclotomic field, but under what we call the twisted power basis. As a tool for our result, we obtain refined polynomial upper bounds for the condition number of cyclotomic fields with up to 6 different primes dividing the conductor. From a more practical side, we also show that for this family, swapping between NTT and coefficient representations can be achieved at least twice faster than for the usual cyclotomic family.