Overview
Overview
The adoption of FHE algorithms can be categorized into different types, due to the diversity of FHE algorithms and use patterns.
FHE Variants
Literately, there are different types of FHE algorithms, according to the key numbers, including:
- Single-Key FHE: it refers to an FHE scheme where all the homomorphic operations are performed using the same encryption key. This means that the same key is used to both encrypt the data and perform computations on the encrypted data. In a single-key FHE system, there is only one encryption key that is used to encrypt data, perform homomorphic operations, and ultimately decrypt the data. This simplifies the key management process as there is no need to handle multiple keys.
- Threshold FHE: it combines both FHE and threshold cryptography, to enable secure computations on encrypted data in a distributed manner. In a threshold FHE protocol, a group of nodes work together to create a shared public key, and each node possesses the a part of the decryption key. Any homomorphic computation shall be performed on the ciphertext that is encrypted from the shared public key. The computation result can be threshold decrypted by a subset of the group.
Use Case Variants
Within Primus' zkFHE network, all callers (applications) can invoke the FHE computation from the Primus workers. In general, there are three types of application modes that adapt to different types of callers. You can explore further workflow details of these three modes in the technical section.
Single-User Mode: There could be one or many pieces of data supplied by one user in a FHE computation task, and all pieces of input data are encrypted with the user's public key. Note this is a standard way of FHE-based outsourced computation where the user only delegates the encrypted computation and leverages the computing power of zkFHE network.
Joint-Worker Mode: There could be one or many pieces of data supplied by multiple users in a FHE computation task, all pieces of input data are encrypted with a shared public key which is produced by a group of Primus workers. Node this is a typical usage of Threshold FHE under Primus' network.
Selective Multi-Worker Mode: There could be one or many pieces of data supplied by one or multiple users, and all pieces of input data are encrypted with different workers' public key. Like in the Joint-worker mode, the group of workers are selected by the caller in advance. Note in most cases, any piece of user data is NOT recommended to be encrypted with any worker's public key, which could increase the privacy leakage risk.