What question did this study set out to answer?

This research investigates the interplay between correctness and security in Fully Homomorphic Encryption (FHE).

May 7, 2026Open Access

Reactive Correctness, sIND-CPAD-Security and Deterministic Evaluation for TFHE

Key Points

This research investigates the interplay between correctness and security in Fully Homomorphic Encryption (FHE).
Examined definitions of correctness and security in FHE
Outlined implications of reactive correctness notions on security definitions
Presented a method to de-randomize evaluation while maintaining security in the random oracle model.
Reactive correctness implies IND-CPA-D and sIND-CPA-D security
Randomized evaluation procedures complicate real-life FHE deployments
De-randomization still achieves sIND-CPA-D security in the specific setting of TFHE.

Abstract

We examine the relationship between correctness definitions for Fully Homomorphic Encryption (FHE) and the associated security definitions. We show that reactive notions of correctness imply IND-CPA-D and sIND-CPA-D security. But that to obtain both IND-CPA-D and sIND-CPA-D security we need to use a randomized version of the evaluation procedure. Such randomized evaluation procedures cause problems in real life deployments of FHE solutions, so we then go on to show how one can de-randomize the evaluation procedure and still obtain sIND-CPA-D security in the random oracle model for the specific FHE scheme of TFHE.

Reactive Correctness, sIND-CPAD-Security and Deterministic Evaluation for TFHE

Key Points

Abstract

Cite This Study