In the CKKS scheme, rescaling is the operation that divides a ciphertext by a scale factor Δ immediately after a multiplication. This truncates the ciphertext modulus, reducing the absolute noise magnitude and preventing the scale factor from growing quadratically. It is functionally analogous to truncating the least significant bits of a floating-point number to maintain a fixed precision.
Glossary
Rescaling

What is Rescaling?
Rescaling is the core operation in the CKKS homomorphic encryption scheme that divides a ciphertext by a scale factor after multiplication to maintain a stable scale and manage noise growth.
Rescaling consumes one level from the ciphertext's modulus chain, meaning the number of possible rescalings defines the multiplicative depth of a computation. Without rescaling, the scale factor would grow exponentially, exhausting the noise budget and causing decryption failure. This operation is essential for implementing deep encrypted neural networks where successive linear layers require stable numerical precision.
Key Characteristics of Rescaling
Rescaling is the fundamental operation in the CKKS scheme that divides a ciphertext by a scale factor after multiplication, maintaining a stable scale and managing noise growth—analogous to truncating floating-point precision in approximate arithmetic.
Scale Factor Division
After multiplying two CKKS ciphertexts, the underlying scale factor becomes Δ² (squared). Rescaling divides the ciphertext by Δ, restoring the scale to its original value. This operation is mathematically equivalent to modulus switching in the BGV scheme but specifically adapted for CKKS's approximate fixed-point representation. The division truncates the least significant bits, which correspond to the noisy lower-order digits, simultaneously reducing both the scale and the noise magnitude proportionally.
Noise Growth Management
Every homomorphic multiplication in CKKS approximately squares the noise magnitude. Without rescaling, noise would grow exponentially, quickly exceeding the decryption threshold. Rescaling reduces noise linearly with each operation:
- Before rescaling: Noise ≈ σ² (squared after multiplication)
- After rescaling: Noise ≈ σ (reduced proportionally with scale) This ensures the noise budget remains stable across multiple multiplication levels, enabling deep circuits like neural network inference with dozens of encrypted layers.
Modulus Chain Consumption
Rescaling consumes one modulus level from the ciphertext's modulus chain. A freshly encrypted CKKS ciphertext starts with a chain of prime moduli q₀, q₁, ..., qₗ. Each rescaling operation drops the last modulus, reducing the total modulus Q and the remaining multiplicative depth by one. This creates a direct trade-off:
- More initial levels = deeper computation capacity
- Fewer initial levels = smaller ciphertexts and faster operations Circuit designers must pre-allocate levels based on the required multiplication depth.
Approximate Precision Preservation
Unlike exact integer schemes like BFV, CKKS treats plaintexts as approximate real numbers with inherent least-significant-bit errors. Rescaling truncates these noisy lower bits rather than rounding, which means:
- Precision loss is bounded and predictable
- The operation naturally aligns with floating-point arithmetic semantics
- After many rescalings, the effective precision decreases gradually This makes CKKS ideal for machine learning workloads where approximate computation is acceptable and the noise floor mimics quantization error in standard inference.
Rescaling vs. Bootstrapping
Rescaling and bootstrapping serve distinct but complementary roles in CKKS:
- Rescaling: Lightweight operation that manages scale and noise after each multiplication, consuming one modulus level
- Bootstrapping: Heavy cryptographic operation that refreshes the entire ciphertext, restoring consumed modulus levels and resetting the noise budget In practice, rescaling handles routine noise growth during leveled computation, while bootstrapping is invoked only when the modulus chain is exhausted, enabling unlimited-depth computation at significant computational cost.
Implementation in Libraries
Major FHE libraries implement rescaling with specific APIs:
- Microsoft SEAL:
evaluator.rescale_to_next()automatically divides by the scale factor and drops the last modulus - OpenFHE:
EvalMult()followed byRescale()provides explicit control over the operation - Lattigo:
Evaluator.Rescale()handles both CKKS and BGV rescaling with scheme-specific logic The operation is typically lazy-evaluated, meaning rescaling may be deferred until the next operation to optimize the modulus chain usage and minimize computational overhead.
Rescaling vs. Modulus Switching vs. Bootstrapping
A technical comparison of the three primary noise management operations in leveled homomorphic encryption schemes, detailing their mechanisms, triggers, and effects on ciphertext state.
| Feature | Rescaling | Modulus Switching | Bootstrapping |
|---|---|---|---|
Primary Purpose | Maintain scale stability after multiplication | Reduce absolute noise magnitude | Refresh exhausted noise budget |
Trigger Condition | After every ciphertext multiplication | Proactively during computation | When noise budget approaches zero |
Effect on Modulus | Divides ciphertext by scale factor, reducing modulus | Switches to a smaller modulus | Homomorphically evaluates decryption, resetting to high modulus |
Effect on Scale Factor | Restores scale to approximately original value | Scale factor remains proportional | Resets scale to initial parameters |
Computational Cost | Low | Low | High |
Requires Secret Key | |||
Enables Unlimited Depth | |||
Scheme Compatibility | CKKS | BGV, BFV | CKKS, TFHE, BGV, BFV |
Frequently Asked Questions
Clarifying the core mechanism that prevents ciphertexts from becoming unmanageably large and noisy after multiplication in approximate homomorphic encryption.
Rescaling is the operation in the CKKS homomorphic encryption scheme that divides a ciphertext by a scale factor after a multiplication to maintain a stable scale and manage noise growth. It is mathematically analogous to truncating the least significant bits of a floating-point number to prevent precision from exploding. Without rescaling, the scale factor would grow quadratically with each multiplication, quickly exhausting the modulus and corrupting the message. The operation consumes one of the ciphertext's modulus levels, which is why CKKS is a leveled scheme—the number of possible rescaling operations is fixed at encryption time based on the chosen parameter chain.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Master the core operations that interact with rescaling in the CKKS homomorphic encryption scheme.
Modulus Switching
The foundational noise management technique that rescaling instantiates. Modulus switching scales a ciphertext down to a smaller modulus, proportionally reducing the absolute noise magnitude without secret key access. In CKKS, rescaling is modulus switching applied after every multiplication to maintain a stable scale factor and prevent exponential noise growth. This operation is the primary mechanism enabling leveled homomorphic encryption to evaluate deep circuits.
Noise Budget
The finite capacity for error accumulation within a ciphertext. Each homomorphic multiplication consumes a significant portion of this budget. Rescaling directly manages this consumption by dividing the ciphertext by the scale factor, effectively discarding the least significant bits where noise dominates. Once the budget is exhausted, decryption becomes unreliable. Understanding the noise budget is critical for planning circuit depth in leveled FHE schemes.
Relinearization
A complementary operation to rescaling that addresses a different side effect of ciphertext multiplication. While rescaling manages scale and noise, relinearization reduces the ciphertext size from three ring elements back to two after multiplication. Without relinearization, subsequent multiplications would cause quadratic growth in ciphertext dimension. Both operations are typically applied sequentially after each multiplication in CKKS.
CKKS Scheme
The Cheon-Kim-Kim-Song fully homomorphic encryption scheme optimized for approximate fixed-point arithmetic on real numbers. Rescaling is the defining operation that enables CKKS to perform efficient floating-point-like computation on encrypted data. Unlike exact schemes (BFV/BGV), CKKS treats noise as part of the least significant bits, making rescaling analogous to truncating floating-point precision rather than exact modular reduction.
Leveled Fully Homomorphic Encryption
A variant of FHE supporting computation up to a predetermined multiplicative depth without bootstrapping. Each rescaling operation consumes one level from the modulus chain. The initial ciphertext modulus must be chosen to accommodate the maximum circuit depth, as each multiplication-rescaling pair reduces the available levels. Circuit depth must be known before encryption to set parameters correctly.
Bootstrapping
A cryptographic technique that refreshes a ciphertext by homomorphically evaluating the decryption circuit, resetting the noise budget to enable unlimited computation depth. In CKKS, bootstrapping also restores the modulus chain consumed by rescaling operations. This allows circuits deeper than the initial parameter selection would permit, at the cost of significant computational overhead.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us