Additively homomorphic ring-LWE masking

Oscar Reparaz*, Ruan de Clercq, Sujoy Sinha Roy, Frederik Vercauteren, Ingrid Verbauwhede

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

18 Citations (Scopus)
362 Downloads (Pure)


In this paper, we present a new masking scheme for ring LWE decryption. Our scheme exploits the additively-homomorphic property of the existing ring-LWE encryption schemes and computes an additive-mask as an encryption of a random message. Our solution differs in several aspects from the recent masked ring-LWE implementation by Reparaz et al. presented at CHES 2015; most notably we do not require a masked decoder but work with a conventional, unmasked decoder. As such, we can secure a ring-LWE implementation using additive masking with minimal changes. Our masking scheme is also very generic in the sense that it can be applied to other additively-homomorphic encryption schemes.

Original languageEnglish
Title of host publicationPost-Quantum Cryptography
Subtitle of host publication7th International Workshop, PQCrypto 2016, Fukuoka, Japan, February 24-26, 2016, Proceedings
EditorsTsuyoshi Takagi
PublisherSpringer Verlag
Number of pages12
ISBN (Electronic)9783319293608
ISBN (Print)9783319293592
Publication statusPublished - 4 Feb 2016
Event7th International Workshop on Post-Quantum Cryptography, PQCrypto 2016 - Fukuoka, Japan
Duration: 24 Feb 201626 Feb 2016

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference7th International Workshop on Post-Quantum Cryptography, PQCrypto 2016


  • Encryption Scheme
  • Elliptic Curve Cryptography
  • Differential Power Analysis
  • Decryption Operation
  • Homomorphic Encryption Scheme

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Additively homomorphic ring-LWE masking'. Together they form a unique fingerprint.

Cite this