322                                                        软件学报  2026  年第  37  卷第  1  期


                      based. In: Proc. of the 33rd Annual Cryptology Conf. on Advances in Cryptology. Santa Barbara: Springer, 2013. 75–92. [doi: 10.1007/
                      978-3-642-40041-4_5]
                 [27]   Chillotti I, Gama N, Georgieva M, Izabachène M. TFHE: Fast fully homomorphic encryption over the torus. Journal of Cryptology,
                      2020, 33(1): 34–91. [doi: 10.1007/s00145-019-09319-x]
                 [28]   Cheon JH, Kim A, Kim M, Song Y. Homomorphic encryption for arithmetic of approximate numbers. In: Proc. of the 23rd Int’l Conf.
                      on Advances in Cryptology. Hong Kong: Springer, 2017. 409–437. [doi: 10.1007/978-3-319-70694-8_15]
                 [29]   Myers  S,  Shull  A.  Practical  revocation  and  key  rotation.  In:  Proc.  of  the  Cryptographers’  Track  at  the  RSA  Conf.  San  Francisco:
                      Springer, 2018. 157–178. [doi: 10.1007/978-3-319-76953-0_9]
                 [30]   Li BY, Micciancio D. On the security of homomorphic encryption on approximate numbers. In: Proc. of the 40th Annual Int’l Conf. on
                      the Theory and Applications of Cryptographic Techniques on Advances in Cryptology. Zagreb: Springer, 2021. 648–677. [doi: 10.1007/
                      978-3-030-77870-5_23]
                 [31]   Dai  YR,  Zhang  J,  Xiang  BW,  Deng  Y.  Overview  on  the  research  status  and  development  route  of  fully  homomorphic  encryption
                      technology. Journal of Electronics & Information Technology, 2024, 46(5): 1774–1789 (in Chinese with English abstract). [doi: 10.
                      11999/JEIT230703]
                 [32]   Dwork C, Kenthapadi K, McSherry F, Mironov I, Naor M. Our data, ourselves: Privacy via distributed noise generation. In: Proc. of the
                      24th  Annual  Int’l  Conf.  on  the  Theory  and  Applications  of  Cryptographic  Techniques  on  Advances  in  Cryptology.  St.  Petersburg:
                      Springer, 2006. 486–503. [doi: 10.1007/11761679_29]
                 [33]   Dwork C. Differential privacy. In: Proc. of the 33rd Int’l Conf. on Automata, Languages and Programming. Venice: Springer, 2006.
                      1–12. [doi: 10.1007/11787006_1]
                 [34]   Kasiviswanathan SP, Lee HK, Nissim K, Raskhodnikova S, Smith A. What can we learn privately? SIAM Journal on Computing, 2011,
                      40(3): 793–826. [doi: 10.1137/090756090]
                 [35]   Bittau A, Erlingsson Ú, Maniatis P, Mironov I, Raghunathan A, Lie D, Rudominer M, Kode U, Tinnes J, Seefeld B. Prochlo: Strong
                      privacy for analytics in the crowd. In: Proc. of the 26th Symp. on Operating Systems Principle. Shanghai: ACM, 2017. 441–459. [doi:
                      10.1145/3132747.3132769]
                 [36]   Mironov I. Rényi differential privacy. In: Proc. of the 30th Computer Security Foundations Symp. Santa Barbara: IEEE, 2017. 263–275.
                      [doi: 10.1109/CSF.2017.11]
                 [37]   Jiang YF, Luo XJ, Wu YC, Xiao XK, Ooi BC. Protecting label distribution in cross-silo federated learning. In: Proc. of the 2024 IEEE
                      Symp. on Security and Privacy (SP). San Francisco: IEEE, 2024. 4828–4847. [doi: 10.1109/SP54263.2024.00113]
                 [38]   Rényi A. On measures of entropy and information. In: Proc. of the 4th Berkeley Symp. on Mathematical Statistics and Probability.
                      Berkeley: The Regents of the University of California, 1961. 547–561.
                 [39]   Tan Q, Li Q, Zhao Y, Liu ZT, Guo XB, Xu K. Defending against data reconstruction attacks in federated learning: An information
                      theory approach. In: Proc. of the 33rd USENIX Conf. on Security Symp. Philadelphia: USENIX Association, 2024. 19.
                 [40]   Yao AC. Protocols for secure computations. In: Proc. of the 23rd Annual Symp. on Foundations of Computer Science. Chicago: IEEE,
                      1982. 160–164. [doi: 10.1109/SFCS.1982.38]
                 [41]   Ben-Or M, Goldwasser S, Wigderson A. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proc.
                      of the 20th Annual ACM Symp. on Theory of Computing. Chicago: ACM, 1988. 1–10. [doi: 10.1145/62212.62213]
                 [42]   Goldreich  O,  Micali  S,  Wigderson  A.  How  to  play  ANY  mental  game.  In:  Proc.  of  the  19th  Annual  ACM  Symp.  on  Theory  of
                      Computing. New York: ACM, 1987. 218–229. [doi: 10.1145/28395.28420]
                 [43]   Yao ACC. How to generate and exchange secrets. In: Proc. of the 27th Annual Symp. on Foundations of Computer Science. Toronto:
                      IEEE, 1986. 162–167. [doi: 10.1109/SFCS.1986.25]
                 [44]   Lindell Y. Fast cut-and-choose-based protocols for malicious and covert adversaries. Journal of Cryptology, 2016, 29(2): 456–490. [doi:
                      10.1007/s00145-015-9198-0]
                 [45]   Beaver D, Micali S, Rogaway P. The round complexity of secure protocols. In: Proc. of the 22nd Annual ACM Symp. on Theory of
                      Computing. Baltimore: ACM, 1990. 503–513. [doi: 10.1145/100216.100287]
                 [46]   Keller  M,  Pastro  V,  Rotaru  D.  Overdrive:  Making  SPDZ  great  again.  In:  Proc.  of  the  37th  Annual  Int’l  Conf.  on  the  Theory  and
                      Applications of Cryptographic Techniques on Advances in Cryptology. Tel Aviv: Springer, 2018. 158–189. [doi: 10.1007/978-3-319-
                      78372-7_6]
                 [47]   Fiat A, Shamir A. How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko AM, ed. Advances in
                      Cryptology (CRYPTO 1986). Berlin, Heidelberg: Springer, 1987. 186–194. [doi: 10.1007/3-540-47721-7_12]
                 [48]   Bitansky N, Canetti R, Chiesa A, Tromer E. From extractable collision resistance to succinct non-interactive arguments of knowledge,