 Hello, my name is Ilder Vitor Ima Pereira, I'm going to present the paper final faster full homomorphic encryption instantiated with N-True and LWE. This is a joint work with Charlotte Bonte, Ilya Ilyashenko, John Gumpark and Professor Nigel Smart. The starting point of this work is the observation that most FHE schemes are based on the RWE problem. And what this problem allows us to do is to sample pairs of polynomials in some polynomial ring with integer polynomials of degree bounded by some parameter N. And these pairs have a special structure but they look random modulo sum integer q. But there is this kind of similar problem, which is the N-True, that allows us to sample one single polynomial also with a hidden structure. And that also looks random modulo q. But now we have one single polynomial instead of one pair of polynomials. So if we could somehow replace the RWE problem by the N-True problem in these FHE schemes, the intuition is that we should use half of the memory and maybe half of the running time. However, the N-True problem is a bit more complicated than the RWE problem because for the RWE we have essentially these key recovery attacks that take exponential time in N. But for the N-True problem on top of that we also have these sublots attacks and the hardness of this problem varies very strongly on q. It depends very strongly on q. So the picture we have is the following. When q is linear in N, the sublots attacks are very expensive and then the N-True problem is hard. But as we start to increase q, these sublots attacks become very easy and then at some point the sublots attack even takes polynomial time. So the N-True problem becomes easy. So there is this turning point where the sublots attacks cost essentially the same as the key recovery attack and we call this the fatigue point. So when we want to construct the schemes based on the N-True, we have to choose the parameters on this region. If we choose above the fatigue point, we are in this overstretched regime and then the security of the N-True is not the same. So this means that we are much more limited with the choice of parameters when compared to the RLWE. So the contributions of this paper are the following. We will use the N-True problem to construct FHE with parameters that lie outside of the overstretched regime. So our parameters are always here. And then, so using the N-True we construct a scheme that is similar to the GSW but has a faster external product. We call this scheme NGS and then we use the NGS to bootstrap a scheme that is based on the N-True. So because both NGS and this scheme are based on the N-True, this means that we construct FHE based only on the N-True problem. We also used NGS to bootstrap a scheme based on the LWE problem. And this combination of LWE with N-True gives us a scheme that is about 28% faster than TFHE and uses about half of the memory that TFHE uses. So the main source of gain is the following. When we compare NGS with GSW, we have scalar ciphertexts. In our case it's just one polynomial instead of a pair of polynomials. A full ciphertext in our case is a vector of polynomials with L polynomials. And in the GSW we have a matrix with four times L polynomials. And because of this the external product costs only L multiplications in our case instead of four times L. We have a proof of concept implementation in C++ and you can find it in this GitHub repository. So when we run the TFHE in our experiments one bootstrapping takes about 6-6 milliseconds. And then the two last rows here are for our scheme. So this second row is our scheme based only on the N-True problem. And you can see that our run times are kind of similar but they are more expensive. However, when we combined the LWE with the N-True we got bootstrapping that is faster than TFHE's bootstrapping. Essentially the key material here you can see that it's about half of the key material of TFHE. And the bootstrapping is about 28% faster. So if you want more information please you can check the paper it's available in E-Print. And of course if you have any questions you can contact me. Thank you very much.