Rust library for the Paillier partially homomorphic encryption scheme

Rust library for the Paillier partially homomorphic encryption scheme, offering also packed encoding for encrypting several values together as well as several zero-knowledge proofs related to typical use-cases. Supports several underlying arbitrary precision libraries, including RAMP and GMP.

Several companies have invested resources in the development of this library, including Snips who implemented the original version for use in their privacy-preserving analytics system, and KZen networks who contributed with implementations of many zero-knowledge proofs. See contributions below for more details.

Important: while we have followed recommendations regarding the scheme itself, some parts of this library have not yet been harden against non-cryptographic attacks such as side-channel attacks.

Teenagers have no choice to opt out

Almost all teenagers are hooked up to mobile services. The smartphone is the single device of communication, dominating the lives of the 13 to 17 years old.

Parents and teachers might bemoaning the digitalized lives of our children. However, the reality is, that for adolescents who have to find their place in society, to difine their identity, and to build their network of relationships, backing off from mobile communication and opting out of the platforms of social exchange is not at all an option.

The pervasiveness of mobile services in the lives of young people makes it impossible to neglect privacy. The platforms will have to do much more than just secure access via password or multi-factor-authentication. The data as such has to be made inaccessible for abusers.

Differential privacy regimes with strong cryptography, using homomorphic encryption and zero knowledge proofs lead the way.

A lot of useful data on how teenagers use mobile services can be found in this recent report by Common Sense Media:

Optimizing homomorphic encryption for multiparty data sharing

Paper by Alexandru et. al.


The development of large-scale distributed control systems has led to the outsourcing of costly computations to cloud-computing platforms, as well as to concerns about privacy of the collected sensitive data. This paper develops a cloud-based protocol for a quadratic optimization problem involving multiple parties, each holding information it seeks to maintain private. The protocol is based on the projected gradient ascent on the Lagrange dual problem and exploits partially homomorphic encryption and secure multi-party computation techniques. Using formal cryptographic definitions of indistinguishability, the protocol is shown to achieve computational privacy, i.e., there is no computationally efficient algorithm that any involved party can employ to obtain private information beyond what can be inferred from the party’s inputs and outputs only. In order to reduce the communication complexity of the proposed protocol, we introduced a variant that achieves this objective at the expense of weaker privacy guarantees. We discuss in detail the computational and communication complexity properties of both algorithms theoretically and also through implementations. We conclude the paper with a discussion on computational privacy and other notions of privacy such as the non-unique retrieval of the private information from the protocol outputs.

More improvements on key length in homomorphic encryption

Paper by Chaoju Hu and Jianwei Zhao


The public key of the integer homomorphic encryption scheme which was proposed by Van Dijk et al. is long, so the scheme is almost impossible to use in practice. By studying the scheme and Coron’s public key compression technique, a scheme which is able to encrypt n bits plaintext once was obtained. The scheme improved the efficiency of the decrypting party and increased the number of encrypting parties, so it meets the needs of cloud computing better. The security of the scheme is based on the approximate GCD problem and the sparse-subset sum problem.

More data leaks …

Krebs on Security has another massive data leak from mSpy, the infamous service that let their users stalk on other people’s mobile phones.

This is disturbing on two levels – first, because it is unbelievable that such an assaultive business modell can be legal, second, even in the case of full consent, how can a company dealing with highly sensitive personal data be so irrisponsible.

Read the story at Krebs on security blog:

Queen Elizabeth prize for engineering: Homomorphic Encryption

The Queen Elizabeth Prize for Engineering is a global £1 million prize that celebrates a ground-breaking innovation in engineering. The prize rewards an individual or team of engineers whose work has had a major impact on humanity.

The QEPrize has a very nice summary post of post-quantum cryptography and homomorphic encryption – let’s hope someone of the crypto-community gets the trophy 🙂