Is multiplication available between ciphertexts with different slots' numbers?

[macknight]

Hi,
Suppose we have two ciphertexts c1 and c2.
c1 is generated based on the param whose slots is 1024.
c2 is generated based on the param whose slots is 512.
Then is multiplication available between c1 and c2?
If not, can we shrink c1 to have 512 slots? If we can shrink, how to shrink? Any idea, steps or references? The only element I want to keep is the first element(value).

BR

[lilBuffaloEric]

The 4.4 section of this paper has briefly described the encoding method considering different number of slots.

[Shabby777]

Homomorphic encryption (HE) schemes allow computations to be performed on ciphertexts, producing an encrypted result which, when decrypted, is the same as if the computations were performed on the plaintexts.

Multiplication is one of the basic operations that can be performed on ciphertexts in some HE schemes, including the fully homomorphic encryption (FHE) scheme. However, not all HE schemes support multiplication and the exact operations that can be performed on ciphertexts depend on the specific scheme used.

Regarding your question, if the two ciphertexts c1 and c2 were encrypted using the same HE scheme, then it may be possible to perform multiplication on them, depending on the specific scheme and the size of the encryption parameters. However, it's not possible to shrink c1 to have 512 slots, as this would require changing the encryption parameters used to generate the ciphertext, which is not possible without access to the original plaintext.

In general, it's not possible to change the size of an encryption parameter without access to the original plaintext, as this would compromise the security of the encryption. The size of the encryption parameter determines the level of security of the encryption, and reducing the size of the parameter can make it easier for an attacker to break the encryption.

If you want to perform operations on ciphertexts encrypted using different parameters, you would need to perform homomorphic encryption and decryption on one of the ciphertexts to obtain a plaintext, and then encrypt it using the same parameters as the other ciphertext. This process is called "parameter switching", and it can be performed efficiently in some HE schemes. However, it's important to note that parameter switching can also affect the security of the encryption, so it's important to be careful when using this technique.

[Pro7ech]

This is not correct. Operations between ciphertexts of different slots are well defined. see my answer below.

[Pro7ech]

A ciphertext that encrypts a message of n slots in a ring degree of 2^{k+1}n is equivalent to a ciphertext that encrypts 2^{k} concatenations of this message but encoded as a message of 2^{k}n slots.

For examples of you encode m with 512 slots with N=2048, it will give the same plaintext polynomial as encoding m|m with 1024 slots.

Therefore multiplying m0 with 512 slots along with m1=m10|m11 with 1024 slots is effectively doing (m0|m0) x (m10|m11)