The principle of cloud computing is to allow users to outsource computation resources to the cloud by allowing a remote service to execute, in their name, some procedures on their private data. While many commercial services are growing fast, to this day, all require the client to place total trust in the service regarding the confidentiality of their data. The aim of CRYPTOCOMP is to develop an efficient cloud-based crypto-calculus platform which, using the latest advances in Fully Homomorphic Encryption, would make it impossible for the cloud service to learn anything whatsoever about the user's data, while still executing the procedures as intended.

Who can I contact?

Dr. Pascal Paillier

Pascal Paillier , PhD

Senior Cryptography Expert


10 Partners

Related technologies

Homomorphic Encryption

Meet the Holy Grail of cryptography.

Homomorphic encryption is the ultimate cryptographic tool to build more secure cloud computing services that respect everybody's privacy. It allows to confidentialy share data, and the encrypted data can then be processed without ever needing to decrypt or reveal it. Homomorphic encryption is the future, and we can help you get there!


Post-Quantum Cryptography

You are not prepared.

One day, quantum computers will become a reality. When that day comes, RSA, Elliptic Curves and many other fundamental cryptographic primitives will become obsolete. Post-Quantum Cryptography offers secure alternatives and we can help you get ready.


Related service


We deliver highly-optimised bulletproof cryptographic software.

We have more than 20 years of experience in developing and delivering cycle-accurate optimized cryptographic implementations. We support standard and advanced cryptographic algorithms on a variety of software and hardware platforms.


Related research projects


Using Fully Homomorphic Encryption in Practice.

The HEAT project will develop advanced cryptographic technologies using Fully Homomorphic Encryption to process sensitive information in ecrypted form, without needing to compromise on the privacy and security of the citizens and organizations that provide the input data.



A french regroupment for post-quantum cryptography.

The RISQ project brings together the french digital security community (academics and industry) in order to prepare the post-quantum revolution. Combining the strong skills of its actors, the RISQ project aims to take part in the development of standards and of new technologies. It also aims to set up processes of migration, so that french industry can be reactive to this technological change. Considering the paramount importance of this project, several major companies decided to get on board even on their own expense.


State of the art

The current trend for data outsourcing, with the commercial success of services like DropBox or Google Drive (or more generally all the social networks) is easily understandable: letting someone else host your data frees you from many technical issues, and this for a nominal price. However, with this trend come many new security challenges:

  • How does one guarantee the confidentiality of the data with respect to other users?
  • And confidentiality with respect to the service provider?
  • What about data integrity or user privacy?

These problems existed before outsourcing became popular, but this particular context intensifies them even more.

The simplest solution to ensure the confidentiality of outsourced data is to encrypt it. This is very easy to implement as long as outsourced data is a simple backup with no real purpose beyond protecting against data-loss. But the strength of data outsourcing comes from the additional services offered by the service providers: indexing, sharing, collaborative work… This requires the service to perform computation on your outsourced data, which is impossible if it is encrypted, unless Fully Homomorphic Encryption is used!

Fully Homomorphic Encryption allows to perform arbitrary computations on encrypted data, in a sense solving the problem of secure cloud computing. Unfortunately, existing Fully Homomorphic Encryption schemes are fairly inefficient, with only asymptotic performance analysis. It is thus difficult to assess how far we are from their practical implementation in security solutions.

Objectives of the project

The first goal of the project is to select the best FHE solutions that exist and try to improve their performance as much as possible. This task is closely related with the task of properly selecting parameters and sizes that match an expected security level.

Then, the main goal of CRYPTOCOMP is to develop a fully automated “source to source” compiler allowing to convert any function into a “secure” version of this function able to run on encrypted data. The main features of this compiler should be:

  • complete transparency of the underlying fully homomorphic encryption scheme used
  • definition of low-level computation models (possibly down to levels such as Turing machines or random access machines) suitable for the efficient execution of certain algorithm classes (sorting, signal processing, etc.)
  • analysis and regulation of data dependent flow control to allow the service provider access to a given part of the data, and only to this part of the data
  • automatic and efficient parallelization (through the compiler) of the cryptographic computations

Expected outcome

By the end of the project, we expect to have a fully functional demonstration platform available. Users will be able to upload their encrypted private data, locally compile their normal program into a fully homomorphic program and outsource the execution of this program to the demonstration platform. Once the execution is complete, the user can download the encrypted result from the platform and decrypt it.

Related presentations & talks

  • 🇫🇷 Chiffrement (complètement) homomorphe : de la théorie à la pratique.
    Tancrède Lepoint.
    Séminaire confiance numérique, Clermont-Ferrand, France, October 09, 2014.

Related publications

  • Stream Ciphers: A Practical Solution for Efficient Homomorphic-Ciphertext Compression.
    Anne Canteaut, Sergiu Carpov, Caroline Fontaine, Tancrède Lepoint, María Naya-Plasencia, portrait ofPascal Paillier, Renaud Sirdey.
    In FSE 2016, pp. 313-333, 2016.
  • NFLlib: NTT-based Fast Lattice Library.
    Carlos Aguilar-Melchor, Joris Barrier, Serge Guelton, Adrien Guinet, Marc-Olivier Killijian, Tancrède Lepoint.
    In CT-RSA 2016, 2016.
  • Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance.
    Shi Bai, Adeline Langlois, Tancrède Lepoint, Damien Stehlé, Ron Steinfeld.
    In ASIACRYPT (1) 2015, 2015. Best Paper Award
  • Cryptanalysis of the Co-ACD Assumption.
    Pierre-Alain Fouque, Moon Sung Lee, Tancrède Lepoint, Mehdi Tibouchi.
    In CRYPTO (1) 2015, pp. 561-580, 2015.
  • Cryptanalysis of a (Somewhat) Additively Homomorphic Encryption Scheme Used in PIR.
    Tancrède Lepoint, Mehdi Tibouchi.
    In Financial Cryptography Workshops 2015, pp. 184-193, 2015.