この記事は EAGLYS Advent Calendar 2025 の10日目の記事です
突貫で書いてしまった部分もあるので、大いに誤りを含む可能性があります。誤字・脱字レベルでも構いませんので、ご指摘ください。
また、予告なしに内容の加筆や構成の変更を行うことがありますが、読みやすくするためのものですので、ご容赦ください
自己紹介
秘密計算のスタートアップで働いている社会人3年目です
普段は、秘密計算の研究や社会実装を行なっています
最近は、外部に向けた勉強会もやっています
近々、第6回が開催されますので、皆さん是非ご参加ください
第1回 EAGLYS暗号勉強会
第2回 EAGLYS暗号勉強会
第3回 EAGLYS暗号勉強会
第4回 EAGLYS暗号勉強会
第5回 EAGLYS暗号勉強会
また、秘密計算、特に準同型暗号の今年の最新動向に興味のある方は、下記のレポートをご参照ください
*学生の方は、「会社名」を大学名と置き換えてください
秘密計算レポート2025
学生時代は、耐量子計算機暗号(特に符号ベース暗号)を研究していました
今でも細々と続けています
Qiita だけでなく、X や Zenn でも活動しています、もしよろしければ
X のアカウント
Zenn のアカウント
はじめに
2025年に開催された国外の各学会において、秘密計算(特に準同型暗号)・耐量子計算機暗号の各方式の発表件数をカウントします。
ただし、以下を条件とします
- 中身は確認せずにタイトルから方式を判断する(30秒以内に判断できない場合は「不明」とする)
- 対象とする学会は、以下とします(概ね、開催時期がその年で早い順)
- FSE: Fast Software Encryption
- NDSS: Network and Distributed System Security
- RWC: Real World Crypto
- Eurocrypt
- PKC: Public Key Cryptography
- IEEE S&P: IEEE Symposium on Security and Privacy
- IEEE Euro S&P: IEEE European Symposium on Security and Privacy
- USENIX: USENIX Security
- Crypto
- ESORICS: European Symposium on Research in Computer Security
- ACM CCS: ACM Conference on Computer and Communications Security
- CHES: Conference on Cryptographic Hardware and Embedded Systems
- Asiacrypt
こうしないとさすがに大変すぎるので・・・.
過去の調査結果は↓
2021年版
耐量子計算機暗号ってどの方式が人気なの?符号ベース暗号は?調べてみました!
2022年版
耐量子計算機暗号の流行整理(2022年版)
2024年版
【動向調査 2024年版】秘密計算・耐量子計算機暗号の最新動向(学会編)
耐量子計算機暗号
格子
| Title | Conference | URL |
|---|---|---|
| New Techniques for Preimage Sampling: Improved NIZKs and More from LWE | Eurocrypt2025 | https://eprint.iacr.org/2024/1401 |
| A Generic Framework for Side-Channel Attacks against LWE-based Cryptosystems | Eurocrypt2025 | https://eprint.iacr.org/2024/1211 |
| Post-Quantum PKE from Unstructured Noisy Linear Algebraic Assumptions: Beyond LWE and Alekhnovich's LPN | Eurocrypt2025 | https://eprint.iacr.org/2025/844 |
| Hollow LWE: A New Spin, Unbounded Updatable Encryption from LWE and PCE | Eurocrypt2025 | https://eprint.iacr.org/2025/340 |
| Almost Optimal KP and CP-ABE for Circuits from Succinct LWE | Eurocrypt2025 | https://eprint.iacr.org/2025/509 |
| Faster ABE for Turing Machines from Circular Evasive LWE | Eurocrypt2025 | |
| Finding a polytope: A practical fault attack against Dilithium | PKC2025 | https://eprint.iacr.org/2025/195 |
| Lattice-based Proof-Friendly Signatures from Vanishing Short Integer Solutions | PKC2025 | https://eprint.iacr.org/2025/356 |
| Finally! A Compact Lattice-Based Threshold Signature | PKC2025 | https://eprint.iacr.org/2025/872 |
| Memory-Efficient BKW Algorithm for Solving the LWE Problem | PKC2025 | https://eprint.iacr.org/2025/266 |
| Benchmarking Attacks on Learning with Errors | IEEE S&P 2025 | https://eprint.iacr.org/2024/1229 |
| Ringtail: Practical Two-Round Threshold Signatures from Learning with Errors | IEEE S&P 2025 | https://eprint.iacr.org/2024/1113 |
| Towards ML-KEM & ML-DSA on OpenTitan | IEEE S&P 2025 | https://eprint.iacr.org/2024/1192 |
| Simple and General Counterexamples to Private-Coin Evasive LWE | Crypto2025 | https://eprint.iacr.org/2025/374 |
| Refined Attack on LWE with Hints: Constructing Lattice via Gaussian Elimination | Crypto2025 | |
| Improved Lattice Blind Signatures from Recycled Entropy | Crypto2025 | https://eprint.iacr.org/2024/1289 |
| Compact Lattice Signatures via Iterative Rejection Sampling | Crypto2025 | https://eprint.iacr.org/2024/2052 |
| Registered ABE and Adaptively-Secure Broadcast Encryption from Succinct LWE | Crypto2025 | https://eprint.iacr.org/2025/044 |
| Unbounded Distributed Broadcast Encryption and Registered ABE from Succinct LWE | Crypto2025 | https://eprint.iacr.org/2025/1039 |
| Tightly Secure Inner-Product Functional Encryption Revisited: Compact, Lattice-based, and More | Crypto2025 | https://eprint.iacr.org/2025/1613 |
| LWE with Quantum Amplitudes: Algorithm, Hardness, and Oblivious Sampling | Crypto2025 | https://eprint.iacr.org/2023/1498 |
| Lattice-based Obfuscation from NTRU and Equivocal LWE | Crypto2025 | https://eprint.iacr.org/2025/1129 |
| Unmasking TRaccoon: A Lattice-Based Threshold Signature with An Efficient Identifiable Abort Protocol | Crypto2025 | https://eprint.iacr.org/2025/849 |
| Formally Verified Correctness Bounds for Lattice-Based Cryptography | ACM CCS 2025 | https://eprint.iacr.org/2025/1562 |
| FalconSign: An Efficient and High-Throughput Hardware Architecture for Falcon Signature Generation | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/11927 |
| KyberSlash: Exploiting Secret-Dependent Division Timings in Kyber Implementations | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/12046 |
| Algebraic Linear Analysis for Number Theoretic Transform in Lattice-Based Cryptography | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/12230 |
| Quantum security analysis of Module-LWE PQC based on practical cost estimates | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/12417 |
| Improved Attacks Against Lattice-Based KEMs Using Hints From Hertzbleed | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/12418 |
| Pseudorandom Correlation Functions from Ring-LWR | Asiacrypt 2025 | https://eprint.iacr.org/2025/1637 |
| Low Communication Threshold FHE from Standard (Module-)LWE | Asiacrypt 2025 | https://eprint.iacr.org/2025/409 |
| LatticeFold: A Lattice-based Folding Scheme and its Applications to Succinct Proof Systems | Asiacrypt 2025 | https://eprint.iacr.org/2024/257 |
| A Lattice-Based IND-CCA Threshold KEM from the BCHK+ Transform | Asiacrypt 2025 | https://eprint.iacr.org/2025/1958 |
| DAWN: Smaller and Faster NTRU Encryption via Double Encoding | Asiacrypt 2025 | https://eprint.iacr.org/2025/1520 |
| On the Provable Dual Attack for LWE by Modulus Switching | Asiacrypt 2025 | https://eprint.iacr.org/2025/859 |
| Predicting Module-Lattice Reduction | Asiacrypt 2025 | https://eprint.iacr.org/2025/1904 |
| Towards a Modern LLL Implementation | Asiacrypt 2025 | https://eprint.iacr.org/2025/774 |
| Solving Concealed ILWE and its Application for Breaking Masked Dilithium | Asiacrypt 2025 | https://eprint.iacr.org/2025/1629 |
| Lattice-Based Group Signatures in the Standard Model, Revisited | Asiacrypt 2025 | https://eprint.iacr.org/2025/1702 |
| GPV Preimage Sampling with Weak Smoothness and Its Applications to Lattice Signatures | Asiacrypt 2025 | https://eprint.iacr.org/2025/1940 |
符号
| Title | Conference | URL |
|---|---|---|
| On the Soundness of Algebraic Attacks against Code-based Assumptions | Eurocrypt2025 | https://eprint.iacr.org/2025/415 |
| Efficient Authentication Protocols from the Restricted Syndrome Decoding Problem | IEEE Euro S&P 2025 | https://eprint.iacr.org/2025/021 |
| Arc: Accumulation for Reed--Solomon Codes | Crypto2025 | https://eprint.iacr.org/2024/1731 |
| Highway to Hull: An Algorithm for Solving the General Matrix Code Equivalence Problem | Crypto2025 | https://eprint.iacr.org/2025/596 |
| Stationary Syndrome Decoding for Improved PCGs | Crypto2025 | https://eprint.iacr.org/2025/295 |
| Error floor prediction with Markov models for QC-MDPC codes | Crypto2025 | https://eprint.iacr.org/2025/153 |
| Key Recovery from Side-Channel Power Analysis Attacks on Non-SIMD HQC Decryption | Crypto2025 | https://eprint.iacr.org/2025/1270 |
| OT-PCA: New Key-Recovery Plaintext-Checking Oracle Based Side-Channel Attacks on HQC with Offline Templates | CHES 2025 | https://eprint.iacr.org/2024/1715 |
| Full Key-Recovery Cubic-Time Template Attack on Classic McEliece Decapsulation | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/11933 |
| A Code-Based ISE to Protect Boolean Masking in Software | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/12049 |
| Multi-Value Plaintext-Checking and Full-Decryption Oracle-Based Attacks on HQC from Offline Templates | CHES 2025 | https://eprint.iacr.org/2025/1608 |
| LESS is Even More: Optimizing Digital Signatures from Code Equivalence | CHES 2025 | https://eprint.iacr.org/2025/1424 |
| A Hybrid Algorithm for the Regular Syndrome Decoding Problem | Asiacrypt 2025 | https://eprint.iacr.org/2025/1284 |
| Higher-genus McEliece | Asiacrypt 2025 |
多変数多項式
| Title | Conference | URL |
|---|---|---|
| Exploring the Six Worlds of Gröbner Basis Cryptanalysis: Application to Anemoi | FSE2025 | https://tosc.iacr.org/index.php/ToSC/article/view/11953/11820 |
| Gröbner Basis Cryptanalysis of Ciminion and Hydra | FSE2025 | https://tosc.iacr.org/index.php/ToSC/article/view/12076/11917 |
| Singular points of UOV and VOX | Eurocrypt2025 | https://eprint.iacr.org/2024/219 |
| Improved Cryptanalysis of SNOVA | Eurocrypt2025 | https://eprint.iacr.org/2024/1297 |
| Gröbner Basis Cryptanalysis of Anemoi | Eurocrypt2025 | https://eprint.iacr.org/2025/814 |
| mUOV: Masking the Unbalanced Oil and Vinegar Digital Signature Scheme at First- and Higher-Order | ACM CCS 2025 | https://eprint.iacr.org/2024/1875 |
| Improved Cryptanalysis of SNOVA by Solving Multi-homogeneous Systems via Matrix Transformations | Asiacrypt 2025 |
同種写像
| Title | Conference | URL |
|---|---|---|
| Verifiable random function from the Deuring correspondence and higher dimensional isogenies | Eurocrypt2025 | https://eprint.iacr.org/2023/1251 |
| POKÉ: A Compact and Efficient PKE from Higher-dimensional Isogenies | Eurocrypt2025 | https://eprint.iacr.org/2024/624 |
| Radical 2-isogenies and cryptographic hash functions in dimensions 1, 2 and 3 | PKC2025 | https://eprint.iacr.org/2024/1732 |
| A Complete Security Proof of SQIsign | Crypto2025 | https://eprint.iacr.org/2025/379 |
| Constant time lattice reduction in dimension 4 with application to SQIsign | CHES 2025 | https://eprint.iacr.org/2025/027 |
| Generation of Fast Finite Field Arithmetic for Cortex-M4 with ECDH and SQIsign Applications | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/12422 |
| Let us walk on the 3-isogeny graph: efficient, fast, and simple | CHES 2025 | https://eprint.iacr.org/2025/691 |
| SQIsign2D\textsuperscript{2}: New SQIsign2D Variant by Leveraging Power Smooth Isogenies in Dimension One | Asiacrypt 2025 | https://eprint.iacr.org/2025/920 |
| Qlapoti: Simple and Efficient Translation of Quaternion Ideals to Isogenies | Asiacrypt 2025 | https://eprint.iacr.org/2025/1604 |
その他
| Title | Conference | URL |
|---|---|---|
| Post-quantum Cryptographic Analysis of SSH | RWC2025 | https://eprint.iacr.org/2025/684 |
| Kemeleon: Elligator-like Obfuscation for Post-Quantum Cryptography | RWC2025 | |
| Using Formally Verified Post-Quantum Algorithms at Scale | RWC2025 | |
| The 2Hash OPRF Framework and Efficient Post-Quantum Instantiations | Eurocrypt2025 | https://eprint.iacr.org/2024/450 |
| A Framework for Group Action-Based Multi-Signatures and Applications to LESS, MEDS, and ALTEQ | PKC2025 | https://eprint.iacr.org/2024/1691 |
| PQ-Hammer: End-to-end Key Recovery Attacks on Post-Quantum Cryptography Using Rowhamme | IEEE S&P 2025 | |
| Post-quantum Cryptographic Analysis of SSH | IEEE S&P 2025 | https://eprint.iacr.org/2025/684 |
| Bundled Authenticated Key Exchange: A Concrete Treatment of Signal's Handshake Protocol and Post-Quantum Security | USENIX 2025 | https://eprint.iacr.org/2025/040 |
| A Formal Analysis of Apple's iMessage PQ3 Protocol | USENIX 2025 | https://eprint.iacr.org/2024/1395 |
| Verifiable Decapsulation: Recognizing Faulty Implementations of Post-Quantum KEMs | Crypto2025 | https://eprint.iacr.org/2025/450 |
| The Round Complexity of Black-Box Post-Quantum Secure Computation | Crypto2025 | https://eprint.iacr.org/2025/250 |
| Exclusive Ownership of Fiat-Shamir Signatures: ML-DSA, SQIsign, LESS, and More | Crypto2025 | https://eprint.iacr.org/2025/900 |
| Two-Factor Authenticated Key Exchange with Enhanced Security from Post-Quantum Assumptions | ESORICS 2025 | |
| Post-Quantum Threshold Ring Signature Applications from VOLE-in-the-Head | ACM CCS 2025 | https://eprint.iacr.org/2025/113 |
| Subversion-resilient key-exchange in the post-quantum world | ACM CCS 2025 | https://inria.hal.science/hal-05242187v2/document |
| Rudraksh: A Compact and Lightweight Post-Quantum Key-Encapsulation Mechanism | CHES 2025 | https://eprint.iacr.org/2024/1170 |
| Masking-Friendly Post-Quantum Signatures in the Threshold-Computation-in-the-Head Framework | CHES 2025 | https://eprint.iacr.org/2025/520 |
| Post-Quantum Security of Keyed Sponge-Based Constructions through a Modular Approach | Asiacrypt 2025 | https://eprint.iacr.org/2025/1059 |
| Post-quantum Security of Key-Alternating Feistel Ciphers | Asiacrypt 2025 | https://eprint.iacr.org/2025/1603 |
| Tanuki: New Frameworks for (Concurrently Secure) Blind Signatures from Post-Quantum Groups Actions | Asiacrypt 2025 | https://eprint.iacr.org/2025/1100 |
集計結果
| Conference | 格子 | 符号 | 多変数多項式 | 同種写像 | その他 |
|---|---|---|---|---|---|
| 合計 | 40 | 14 | 7 | 9 | 20 |
| FSE | 0 | 0 | 2 | 0 | 0 |
| NDSS | 0 | 0 | 0 | 0 | 0 |
| RWC | 0 | 0 | 0 | 0 | 3 |
| Eurocrypt | 6 | 1 | 3 | 2 | 1 |
| PKC | 4 | 0 | 0 | 1 | 1 |
| IEEE S&P | 3 | 1 | 0 | 0 | 2 |
| IEEE Euro S&P | 0 | 0 | 0 | 0 | 0 |
| USENIX | 0 | 0 | 0 | 0 | 2 |
| Crypto | 10 | 5 | 0 | 1 | 3 |
| ESORICS | 0 | 0 | 0 | 0 | 1 |
| ACM CCS | 1 | 0 | 1 | 0 | 2 |
| CHES | 5 | 5 | 0 | 3 | 2 |
| Asiacrypt | 11 | 2 | 1 | 2 | 3 |
準同型暗号
BFV/BGV
| Title | Conference | URL |
|---|---|---|
| Apple’s Real World Deployment of Homomorphic Encryption at Scale | RWC2025 | |
| A New Perspective on Key Switching for BGV-like Schemes | CHES 2025 | https://eprint.iacr.org/2023/1642 |
CKKS
| Title | Conference | URL |
|---|---|---|
| Fully Homomorphic Encryption for Cyclotomic Prime Moduli | Eurocrypt2025 | https://eprint.iacr.org/2024/1587 |
| SHIP: A Shallow and Highly Parallelizable CKKS Bootstrapping Algorithm | Eurocrypt2025 | https://eprint.iacr.org/2025/784 |
| Ciphertext-Ciphertext Matrix Multiplication: Fast for Large Matrices | Eurocrypt2025 | https://eprint.iacr.org/2025/448 |
| Revisiting the Security of Approximate FHE with Noise-Flooding Countermeasures | PKC2025 | https://eprint.iacr.org/2024/424 |
| Efficient Ranking, Order Statistics, and Sorting under CKKS | USENIX 2025 | https://arxiv.org/abs/2412.15126 |
| Verifiable Computation for Approximate Homomorphic Encryption Schemes | Crypto2025 | https://eprint.iacr.org/2025/286 |
| General Functional Bootstrapping using CKKS | Crypto2025 | https://eprint.iacr.org/2024/1623 |
| WPC: Weight Plaintext Compression for CNN Inference based on RNS-CKKS | ACM CCS 2025 | |
| Leveraging Discrete CKKS to Bootstrap in High Precision | ACM CCS 2025 | https://eprint.iacr.org/2025/1786 |
| Grafting: Decoupled Scale Factors and Modulus in RNS-CKKS | ACM CCS 2025 | https://eprint.iacr.org/2024/1014 |
| REED: Chiplet-based Accelerator for Fully Homomorphic Encryption | CHES 2025 | https://eprint.iacr.org/2023/1190 |
| XBOOT: Free-XOR Gates for CKKS with Applications to Transciphering | CHES 2025 | https://eprint.iacr.org/2025/074 |
| Efficient Homomorphic Integer Computer from CKKS | CHES 2025 | https://eprint.iacr.org/2025/066 |
| PaCo: Bootstrapping for CKKS via Partial CoeffToSlot | Asiacrypt 2025 | https://eprint.iacr.org/2025/886 |
| On the Security and Privacy of CKKS-based Homomorphic Evaluation Protocols | Asiacrypt 2025 | https://eprint.iacr.org/2025/382 |
TFHE
| Title | Conference | URL |
|---|---|---|
| FRAST: TFHE-Friendly Cipher Based on Random S-Boxes | FSE2025 | https://tosc.iacr.org/index.php/ToSC/article/view/11809/11314 |
| Drifting Towards Better Error Probabilities in Fully Homomorphic Encryption Schemes | Eurocrypt2025 | https://eprint.iacr.org/2024/1718 |
| Transistor: a TFHE-friendly Stream Cipher | Crypto2025 | https://eprint.iacr.org/2025/282 |
| Homomorphic Encryption for Large Integers from Nested Residue Number Systems | Crypto2025 | https://eprint.iacr.org/2025/346 |
| Reaction Attack on TFHE: Minimum Number of Oracle Queries and Nearly Optimum Attacking Scheme | ESORICS 2025 | |
| Surpassing the Word Size Limitation of TFHE with Noise Calibration | ACM CCS 2025 | https://dl.acm.org/doi/pdf/10.1145/3719027.3744808 |
| Refined TFHE Leveled Homomorphic Evaluation and Its Application | ACM CCS 2025 | https://eprint.iacr.org/2024/1318 |
| Towards Verifiable FHE in Practice: Proving Correct Execution of TFHE's Bootstrapping using plonky2 | ACM CCS 2025 | https://eprint.iacr.org/2024/451 |
| Practical TFHE Ciphertext Sanitization for Oblivious Circuit Evaluation | ACM CCS 2025 | https://eprint.iacr.org/2025/216 |
| GPU Acceleration for FHEW/TFHE Bootstrapping | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/11931 |
| Designing a General-Purpose 8-bit (T)FHE Processor Abstraction | CHES 2025 | https://eprint.iacr.org/2024/1201 |
| VeloFHE: GPU Acceleration for FHEW and TFHE Bootstrapping | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/11931 |
| FINAL bootstrap acceleration on FPGA using DSP-free constant-multiplier NTTs | CHES 2025 | https://eprint.iacr.org/2025/137 |
| A Fast Heuristic for Mapping Boolean Circuits to Functional Bootstrapping | CHES 2025 | https://eprint.iacr.org/2024/1204 |
| Efficient and Compact Full-Domain Functional Bootstrapping via Subring Folding | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/12427 |
| Sharing the Mask: TFHE Bootstrapping on Packed Messages | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/12434 |
| Bootstrapping (T)FHE Ciphertexts via Automorphisms: Closing the Gap Between Binary and Gaussian Keys | Asiacrypt 2025 | https://eprint.iacr.org/2025/1624 |
| Accelerating TFHE with Sorted Bootstrapping Techniques | Asiacrypt 2025 | https://eprint.iacr.org/2025/2214 |
その他
| Title | Conference | URL |
|---|---|---|
| Recurrent Private Set Intersection for Unbalanced Databases with Cuckoo Hashing and Leveled FHE | NDSS2025 | https://www.ndss-symposium.org/wp-content/uploads/2025-365-paper.pdf |
| Teaching an Old Dog New Tricks: Verifiable FHE Using Commodity Hardware | RWC2025 | https://petsymposium.org/popets/2025/popets-2025-0099.pdf |
| Somewhat Homomorphic Encryption from Linear Homomorphism and Sparse LPN | Eurocrypt2025 | http://eprint.iacr.org/2024/1760 |
| Quantum Key Leasing for PKE and FHE with a Classical Lessor | Eurocrypt2025 | https://eprint.iacr.org/2023/1640 |
| On Algebraic Homomorphic Encryption and its Applications to Doubly-Efficient PIR | Eurocrypt2025 | https://eprint.iacr.org/2024/1307 |
| Leveraging Small Message Spaces for CCA1 Security in Additively Homomorphic and BGN-type Encryption | Eurocrypt2025 | https://eprint.iacr.org/2024/920 |
| Multi-key Homomorphic Secret Sharing | Eurocrypt2025 | https://eprint.iacr.org/2025/094 |
| Vanishing Short Integer Solution, Revisited: Reductions, Trapdoors, Homomorphic Signatures for Low-Degree Polynomials | PKC2025 | https://eprint.iacr.org/2025/360 |
| CHLOE: Loop Transformation over Fully Homomorphic Encryption via Multi-Level Vectorization and Control-Path Reduction | IEEE S&P 2025 | https://eprint.iacr.org/2024/1991 |
| MatriGear: Accelerating Authenticated Matrix Triple Generation with Scalable Prime Fields via Optimized HE Packing | IEEE S&P 2025 | https://eprint.iacr.org/2024/1502 |
| ZHE: Efficient Zero-Knowledge Proofs for HE Evaluations | IEEE S&P 2025 | https://eprint.iacr.org/2025/770 |
| Arbitrary-Threshold Fully Homomorphic Encryption with Lower Complexity | USENIX 2025 | https://eprint.iacr.org/2025/084 |
| Shechi: A Secure Distributed Computation Compiler Based on Multiparty Homomorphic Encryption | USENIX 2025 | https://www.usenix.org/system/files/usenixsecurity25-smajlovic.pdf |
| Engorgio: An Arbitrary-Precision Unbounded-Size Hybrid Encrypted Database via Quantized Fully Homomorphic Encryption | USENIX 2025 | https://eprint.iacr.org/2025/198 |
| Key-Homomorphic Computations for RAM: Fully Succinct Randomised Encodings and More | Crypto2025 | https://eprint.iacr.org/2025/339 |
| Fully Homomorphic Encryption with Chosen-Ciphertext Security from LWE | Crypto2025 | |
| Sometimes-Decryptable Homomorphic Encryption from Sub-exponential DDH | Crypto2025 | |
| Athena: Accelerating KeySwitch and Bootstrapping for Fully Homomorphic Encryption on CUDA GPU | ESORICS 2025 | |
| High-Throughput Universally Composable Threshold FHE Decryption | ACM CCS 2025 | https://eprint.iacr.org/2025/1781 |
| Lodia: Towards Optimal Sparse Matrix-Vector Multiplication for Batched Fully Homomorphic Encryption | ACM CCS 2025 | https://eprint.iacr.org/2025/1425 |
| ILA: Correctness via Type Checking for Fully Homomorphic Encryption | ACM CCS 2025 | https://arxiv.org/abs/2509.11559 |
| New Permutation Decomposition Techniques For Efficient Homomorphic Permutation | ACM CCS 2025 | https://arxiv.org/abs/2410.21840 |
| THOR: Secure Transformer Inference with Homomorphic Encryption | ACM CCS 2025 | https://eprint.iacr.org/2024/1881 |
| IND-CPA-D of Relaxed Functional Bootstrapping: A New Attack, A General Fix, and A Stronger Model | ACM CCS 2025 | https://eprint.iacr.org/2025/1627 |
| Phalanx: An FHE-Friendly SNARK for Verifiable Computation on Encrypted Data | ACM CCS 2025 | https://eprint.iacr.org/2025/302 |
| Practical Zero-Knowledge PIOP for Maliciously Secure Multiparty Homomorphic Encryption | ACM CCS 2025 | https://eprint.iacr.org/2024/1879 |
| SoK: FHE-Friendly Symmetric Ciphers and Transciphering | CHES 2025 | https://eprint.iacr.org/2025/669 |
| Secure and efficient transciphering for FHE-based MPC | CHES 2025 | https://eprint.iacr.org/2024/1702 |
| Faster amortized bootstrapping using the incomplete NTT for free | CHES 2025 | https://eprint.iacr.org/2025/696 |
| Accelerating NTT with RISC-V Vector Extension for Fully Homomorphic Encryption | CHES 2025 | https://tches.iacr.org/index.php/TCHES/article/view/12426 |
| New Limits for Homomorphic Encryption | Asiacrypt 2025 | https://eprint.iacr.org/2025/1624 |
| Cryptanalysis on Lightweight Verifiable Homomorphic Encryption | Asiacrypt 2025 | https://eprint.iacr.org/2025/1890 |
| Threshold Homomorphic Secret Sharing: Definitions and Constructions | Asiacrypt 2025 | |
| Bootstrappable Fully Homomorphic Attribute-Based Encryption with Unbounded Circuit Depth | Asiacrypt 2025 | https://eprint.iacr.org/2025/1567 |
| IND-CPA-D and KR-D Security with Reduced Noise from the HintLWE Problem | Asiacrypt 2025 | https://eprint.iacr.org/2025/1618 |
| Carousel: Fully Homomorphic Encryption with Bootstrapping over Automorphism Group | Asiacrypt 2025 | https://eprint.iacr.org/2024/2032 |
集計結果
| Conference | BFV/BGV | CKKS | TFHE | その他 |
|---|---|---|---|---|
| 合計 | 2 | 15 | 18 | 36 |
| FSE | 0 | 0 | 1 | 0 |
| NDSS | 0 | 0 | 0 | 1 |
| RWC | 1 | 0 | 0 | 1 |
| Eurocrypt | 0 | 3 | 1 | 5 |
| PKC | 0 | 1 | 0 | 1 |
| IEEE S&P | 0 | 0 | 0 | 3 |
| IEEE Euro S&P | 0 | 0 | 0 | 0 |
| USENIX | 0 | 1 | 0 | 3 |
| Crypto | 0 | 2 | 2 | 3 |
| ESORICS | 0 | 0 | 1 | 1 |
| ACM CCS | 0 | 3 | 4 | 8 |
| CHES | 1 | 3 | 7 | 4 |
| Asiacrypt | 0 | 2 | 2 | 6 |
まとめ
今回は、主要な学会に絞って、秘密計算・耐量子計算機暗号の発表に関して調査しました
耐量子計算機暗号に関しては、格子がダントツで多くて、ついで符号ベース、多変数多項式と同種は同じぐらいでした
その他に含まれる論文は、実際の通信に応用したものなどがあり、耐量子計算機暗号の実用化がいよいよ迫ってきていることを感じました
また、準同型暗号に関しては、CKKS と TFHE が抜けているのは、毎年の傾向ですね
2方式で差がついたのは、主に CHES ですので、そのような意味で、理論は CKKS、実装はTFHEだった2025年だったと思います