HOMOMORPHIC ENCRYPTION METHOD AND ASSOCIATED DEVICES AND SYSTEM TECHNICAL FIELD The disclosed technology concerns methods, devices and systems for homomorphic encryption. BACKGROUND Homomorphic encryption, which allows one to perform calculations or data processing on encrypted data, without decrypting it first, has attracted a lot of attention recently. Indeed, digital data processing of personal data has become ubiquitous in our everyday lives. Confidentiality and privacy protection of such data has thus become critical, as such personal data tends to circulate more and more in our digital environment. In this context, homomorphic encryption is a very promising solution, as it enables to process data while preserving very securely data anonymization and privacy at the same time, as the data is not decrypted during its processing. Homomorphic encryption is usually based on the “learning with error” encryption scheme, in which the encrypted message c=(a,b) is derived from the unencrypted message m according to the following formula: b=m+e+a.s, where: - s is a secret key, - a is randomly chosen vector, for projecting the secret key s, and - e is a random noise component, added to m+a.s. To decrypt the message, someone possessing the secret key s may compute the quantity b-a.s (equal to m+e), and then round the result to remove the noise component e and retrieve the message m. Of course, the noise term e has to be, and to remain small enough, if one wants to be able to retrieve the message m. When two encrypted messages are summed up, or even worse, when they are homomorphically multiplied together, one obtains an encrypted message, which is an encrypted version of the sum, or product of the two initial, unencrypted messages, whose noise component is higher than for the two initial encrypted messages. So, to prevent the noise term from increasing and increasing in the course of data processing, a refreshing procedure, usually named “bootstrapping”, is executed repeatedly, usually after each operation on the encrypted message c. This procedure produces a refreshed version of c, that is an encrypted message c’ which is decrypted as m (when decrypted using s), and whose noise component is smaller than the one of c. The bootstrapping procedure usually comprises the homomorphic (that is: in encrypted form) computation of X ^q .V(X) where: - V(X) is the following polynomial:1+X+X ² +X ³ +…+X ^N-1 , - and q is equal to the integer number that is the nearest to 2N(b-a.s) : The constant term of X ^q .V(X) mod (X ^N +1), that is coef _o (X ^q .V(X)), is a refreshed version of c: it is an encrypted version of m, but with a noise component e’ smaller than the noise component e of c. One may note that the initial noise e is somehow washed out when (homomorphically) computing q, thanks to the rounding operation In this operation, the factor 2N plays the role of an expansion factor, that enables to spread the possible values of b-a.s (impaired by some noise) sufficiently, before rounding. Such a bootstrapping procedure is very useful and ingenious, but also very time- consuming (in particular because the operations involved have to be carried on homomorphically), all the more that it has to be executed repeatedly. The homomorphic encryption scheme succinctly described above, which combines “learning with error” and a bootstrapping procedure, is usually carried on with binary messages (that is, messages whose values are either 0 or 1). Indeed, in this technical field, most of the tools have been specifically developed and optimized for such messages. To perform homomorphic operations on a longer message, the message is decomposed into binary messages (classical binary decomposition), each binary message is encrypted separately, and the operation is then carried on, homomorphically, bit by bit. But in this process, one has to take into account the (encrypted) carry resulting from each binary addition, and to propagate this carry to the next binary operation. The process is thus a serial one, which is time consuming. Besides, each binary operation is carried homomorphically, which multiplies the number of homomorphic (and thus time-consuming) operations. SUMMARY In this context, a homomorphic encryption technology, that enables to process efficiently messages longer than binary ones, is disclosed. An aspect of this technology concerns a method for determining an encrypted message c _i , which is an encrypted version of a message mi, c _i being equal to (a _i ,b _i ) where b _i is determined from mi and from a secret key s, b _i being equal to mi+ei+a _i .s with a _i being a randomly selected vector for projecting s and ei being a random noise component added to mi+a _i .s, wherein the message mi belongs to a discrete set consisting of p _i distinct elements, with p _i being an odd number and wherein the elements of said discrete set are such that twice the difference between any two of these elements is not an integer number, said discrete set being the discrete torus or the set T _pi ,N[X] of polynomials of degree N-1 whose coefficients belong to T _pi , or another discrete set in bijective relationship with T _pi . The inventors have developed a homomorphic cryptographic technique for such “long” messages (longer than binary messages), enabling, among other things, adding, multiplying and refreshing (i.e.: bootstrapping) these messages while they remain encrypted. These operations are carried on without decomposing the message into binary, independently encrypted, smaller messages. In other words, the encrypted message is treated as a whole, with no decomposition onto smaller fields. So, the burden of dealing with encrypted carries and serial processing of the numerous and encrypted bits is avoided. It may be noted that the fact that a homomorphic processing is possible for long messages (without decomposing it), and the fact that this processing can be fast and efficient is far from being an immediate, straightforward result. Indeed, as mentioned above, most of the homomorphic cryptography tools currently available are adapted specifically to binary messages. So, the inventors had to go against the usual practice and prejudices and had to move forward in the development of specific (and elaborated) tools intended for longer messages, without knowing whether a direct homomorphic processing of long messages was actually possible or not, or whether it could be executed efficiently or not. In particular, the inventors had to elaborate a new homomorphic multiplication scheme and a new bootstrapping method (presented below), to develop such an encryption protocol. Only once these quite complex tools had been developed could the inventors be sure that such a treatment could actually be carried out. And, in the process of developing these new tools, the inventors realized that working with messages belonging to the discrete Torus T _pi , or to the set of polynomials T _pi ,N[X], or to another equivalent discrete set, with: - pi being an odd number, - and such that for any couple grouping two of the elements of said set, twice the difference between these two elements is not an integer number was very fruitful, as it turns out that these specific features make different operations, involved in the multiplication and bootstrapping process mentioned above, feasible (as will be described in more details later). The fact that a direct homomorphic processing of a "long" message is not only possible, but that it can also be achieved efficiently, in a limited time, is also far from obvious, at first glance. Indeed, when the message mi is long, that is when the integer number p _i is quite large, for example equal to 17, 21, or more, one would expect at first sight to have to use polynomials whose degree N-1 is high, during bootstrapping operations. Indeed, as explained above, in the calculation of the quantity q, the integer N acts as a kind of expansion coefficient. So, when p _i is large, as the possible values of the message mi (distributed in the interval ]-1/2;1/2]) are then close to each other, one expects to have to choose a number N that is large, in order to be able to spread these values sufficiently apart, before the rounding operation involved in the calculation of the quantity q. And a large N considerably increases the calculation time. More precisely, a rough estimate leads to the conclusion that N would have to be of the order of 10000 (with p _i =20 and n=500, for instance), or greater, for the bootstrapping operation to work properly (that is with a low probability of losing of degrading the message m during this operation). And such values of N are almost prohibitive, in terms of computation time. But in fact, a complete, acute probability calculation shows that such a bootstrapping operation can be successfully performed with polynomials whose degree N-1 is much smaller than what the first approximate estimate mentioned above suggests. More precisely, it can be shown that an integer number N of the order of 1000 (e.g.1024) turns out to be sufficient for typical values of pi (about 20-40, for example). According to the disclosed technology, N may be selected as small as 50 times p _i , or below, or even below 30 times p _i , to take advantage of this surprisingly favorable scaling and accelerate the bootstrapping processing. The method for bootstrapping developed by the inventors, mentioned above, is a method for bootstrapping an encrypted message c _i =(ai,b _i ) determined as described above, this method comprising a determination of a refreshed encrypted message c _i ’=(a _i ’,b _i ’), which is an encrypted version of a value g(mi) of a function g applied to the message mi, c _i ’ having a noise component ei’ smaller than ei. The determination of c _i ’ comprises a step of determining homomorphically the constant coefficient coef _o (X ^q .Wg(X)) of X ^q .Wg(X) mod (X ^N +1), where is a polynomial of degree N-1, whose coefficients wj are given by the following formula: with being the integer number that is the nearest to 2nM _i and with being the ceiling function applied to and where q is the integer number that is the nearest to So, during this bootstrapping operation, in addition to reducing (refreshing) the noise component of a cipher text, an arbitrary function g can be applied to the corresponding message mi. This accelerates considerably numerous data processing routines. Indeed, to apply such a function g to a message, instead of: carrying on an elementary operation (homomorphically), then bootstrapping the result (to counter the noise increase due to the preceding operation), carrying on another elementary operation, then bootstrapping the result, and so on, one just has to execute one time the special bootstrapping procedure presented above. In this bootstrapping procedure, the degree N-1 of the polynomial Wg(X) may be selected so as to be above p _i , or even above 5 times p _i . The disclosed technology concerns also a method for homomorphically multiplying two messages m1 _i and m2 _i , each belonging to the discrete torus T _pi or to the set of polynomials T _pi ,N[X], the method comprising a determination of an encrypted message c3 _i which is an encrypted version of the product of m1 _i by m2 _i , c3 _i being determined from encrypted versions c1 _i and c2 _i of the messages m1 _i and m2 _i , without decrypting c1 _i or c2 _i , the method comprising homomorphically determining Where and or and or and are determined homomorphically by executing the method for bootstrapping presented above, the function g being the function or, respectively, It may be noted that the tools presented above, for homomorphic processing of messages m _i belonging to such a discrete set of p _i elements (with p _i odd), can, in addition to their own benefits, be applied in an extremely beneficial manner to a cryptographic technic for even longer messages, decomposed into smaller components mi, based on the Chinese remainder theorem decomposition, which, again, enables to avoid the burden of dealing with carries (so, in other words, the tools mentioned above are some kinds of basic bricks of this Chinese-remainder processing method, presented in more detail below). The disclosed technology concerns also a method for determining an encrypted message cf,i, which is an encrypted version of a value f(m1 _i ,m2 _i ) of a two-variable function f applied to messages m1 _i and m2 _i , m1 _i and m2 _i belonging each to the discrete set mentioned above (for instance the torus T _pi or the set of polynomials T _pi ,N[X]), cf,i being determined from encrypted messages c1 _i and c2 _i without decrypting c1 _i or c2 _i , c1 _i and c2 _i being encrypted versions of m1 _i and m2 _i respectively, that have been determined according to the method for encrypting presented above, the determination of cf,i comprising: - determining c1’i and c2’i, from c1 _i and c2 _i respectively, by executing the method for bootstrapping presented above, the function g employed during this bootstrapping being a function gmap that maps said discrete set onto a set S whose elements µj belong each to the torus T=]-1/2,1/2] and are such that, for any set of indexes (i,j,k,l) with (i,j)≠(k,l), (k,l) being different from (j,i): α.µi+β.µj is different from α.µk+ β.µl modulo ½, with α and β being two constant and integer, given numbers, c1’i and c2’i being the encrypted versions of m1 _i =gmap(m1 _i ) and m2 _i =gmap(m2 _i ) respectively, where m1 _i and m2 _i belong each to S, - determining homomorphicically, from c1’i and c2’I, an encrypted message cs which is an encrypted version of α.m1 _i +β.m2 _i , - determining cf,i from cs by executing the method for bootstrapping presented above, the function g employed during this bootstrapping being a one-variable function gf from T to T _pi , defined by the following condition: for any couple of messages m1 ^j , m2 ^j belonging each to said discrete set, g _f (α. m1 _j + β. m2 _j ) = f(m1 _j , m2 _j ) that is: According to an aspect of this technology, the elements of the set are such that for any set of indexes (i,j,k,l) with (i,j)≠(k,l), β is different from modulo ½, even when (k,l)=(j,i). In this case, one may have, in particular : α=1 and β=-1, cs being determined by computing the homomorphic difference between or α=-1 and β=1, cs being determined by computing the homomorphic difference between c2’i and c1’: According to another aspect of this technology, the function f is symmetric, f(m1 _i ,m2 _i ) being equal to f(m2 _i ,m1 _i ) for any couple of messages m1 _i and m2 _i , α and β are each equal to 1, and cs is determined by computing the homomorphic sum of c1’i and The disclosed technology also concerns such a method for determining an encrypted message cf,i, which is an encrypted version of a value f(m1 _i ,m2 _i ) of a two- variable function f, as such, independently from the bootstrapping method in question. Indeed, as the skilled person will appreciate, the method for homomorphically evaluating f, based on the intermediate mapping of said discrete set (e.g.:T _pi ) onto S, can be achieved independently from this specific bootstrapping procedure, using any method for homomorphically mapping said discrete set on S (the mapping method being possibly different from the one described above), and using then any method for homomorphically applying a function like the function gf to the quantity According to an aspect of the disclosed technology, any of the methods presented above is executed by a computer (programmed or otherwise arranged to execute the method in question), that is an electronic device or system (possibly distributed among several distant, remote devices) comprising at least one processor for executing logical operations, and one memory device for storing data. In particular, an aspect of the technology concerns an encrypting device, comprising one or more processors and at least one memory, the encrypting device being programmed to make the processor or processors executing the following steps: - receiving data representative of an unencrypted message mi, that belongs to the discrete set mentioned above, - processing said data according to the method for encrypting presented above, to determine encrypted data representative of the encrypted message c _i , the secret key s employed during said processing, stored at least transitorily in the memory of the encrypting device, being accessed by the processor or processors during said processing. An aspect of the disclosed technology concerns a cryptographic system comprising such an encrypting device and a processing device, the processing device comprising one or more processors and at least one memory, the processing device being programmed to make the processor or processors executing the following steps: - receiving data, representative of an encrypted message c _i produced by the encrypting device, - processing said data, according to the method for bootstrapping that has been presented above, to determine refreshed data, representative of the encrypted message c’i, said processing being achieved without decrypting c _i and without using, reading or accessing the secret key s. In particular, the secret key s may be completely absent from the processing device (which is a separate device distinct from the encrypting device), and remain absent from the processing device at all time. The disclosed technology also concerns such a processing device, as such, independently from the encrypting device. The processing device may also be programmed to execute the method for multiplying presented above, and the method for determining an encrypted message cf,i, which is an encrypted version of a value f(m1 _i ,m2 _i ) of the two-variable function f. The disclosed technology concerns also a computer-readable program product comprising instructions that, when executed by a computer, make the computer to execute any of the method presented above. The disclosed technology concerns also a method for determining an encrypted message C, which is an encrypted version of a message x belonging to being equal to where the integer numbers p _i are pairwise coprime, the method comprising: - decomposing x into its components x _i , i=1...r, with x _i equal to x modulo p _i , - for each componen xt _i whose associated factor p _i is odd, determining an encrypted version c _i of a message mi, according to the method for encrypting that has been presented above mi being, among the elements of said discrete set, the element that is associated to x _i by a given bijective relationship between and said discrete set, - if a component x _i is associated to a factor p _i equal to 2, determining an encrypted version c _i of a quantity Q _i associated to x _i and that can takes two distinct values c _i being equal to (a _i ,b _i ) with b _i = Q _i +e _i +a _i .s, - returning C=(c ₁ ,...c _i ,...c _r ). An aspect of this technology concerns a method for bootstrapping the encrypted message C=(c ₁ ,...c _i ,...c _r ) determined according the encrypting method that has just been described, this (generalized) bootstrapping method comprising: - for each c _i whose associated factor p _i is odd, determining a refreshed encrypted message c'i, from c _i , by executing the method for bootstrapping that has been presented before, - returning C'=(c' ₁ ,...,c' _i ,...c' _r ). This technology concerns also a method for determining an encrypted message C3=(c3 ₁ ,...c3 _i ,...c3 _r ), which is an encrypted version of the product of two messages x1 and x2, each belonging to C3 being determined from encrypted messages C1 and C2, without decrypting C1 or C2, C1 and C2 being encrypted versions of x1 and x2 respectively, C1=(c1 ₁ ,...c1 _i ,...c1 _r ) and C2=(c2 ₁ ,...c2 _i ,...c2 _r ) having been determined from x1 and x2 respectively, according to the method for encrypting that has just been presented, wherein said discrete set is T _pi or T _pi ,N[X], and wherein each component c3 _i of C3 is determined from the corresponding components c1 _i and c2 _i of C1 and C2, according to the method for multiplying that was described above for messages belonging to the discrete torus T _pi , when c1 _i and c2 _i are associated to a factor p _i that is odd. The disclosed technology concerns such a method for bootstrapping a message C, or such a method for multiplying homomorphically two messages x1 and x2, in itself, independently from the bootstrapping method (for messages belonging to T _pi ) that has been presented above. Indeed, as the skilled person will appreciate, these two methods, for processing encrypted messages, associated to unencrypted messages x belonging to (with p being equal to where the integer numbers p _i are pairwise coprime), take advantage of the Chinese remainder theorem to process the encrypted “sub- messages” c _i , i=1..r, independently from each other, without having to deal with, or anyhow considering (encrypted) carries. This technique could clearly be applied using other “sub-routines” than the one presented above, for the homomorphic processing of the sub-messages mi. In particular, any multiplying or bootstrapping method for elements belonging to the discrete set mentioned above (e.g.: the discrete torus T _pi ) could be used, instead of the one described above. According to the disclosed technology, these encrypting and processing techniques (based on a “Chinese remainder” decomposition), could be executed by a computer. The disclosed technology concerns also an electronic device, comprising at least one processor and one memory, programmed or otherwise configured to execute one of these methods. The disclosed technology concerns also a computer-readable program product comprising instructions, whose execution by a computer make the computer to execute anyone of these methods. BRIEF DESCRIPTION OF THE DRAWINGS Other characteristics and benefits of the disclosed technology will become clear from the description which is given below, by way of example and non-restrictively, in reference to the figure, in which: Figure 1 represents, as a block-diagram, operations carried on to multiply homomorphically two messages. Figure 2 represents, as a block-diagram, operations carried on to evaluate homomorphically a two-variable function. Figure 3 represents, as a block-diagram, an encryption step of a long message x, based on a Chinese remainder decomposition. Figure 4 represents, as a block-diagram, operations carried on to add homomorphically two encrypted messages obtained previously according to the encryption step of figure 3. Figure 5 represents, as a block-diagram, operations carried on to multiply homomorphically two encrypted messages, obtained previously according to the encryption step of figure 3, said multiplication comprising several sub-multiplications carried on according to the process represented in figure 1. Figure 6 schematically illustrate a cryptographic system according to the disclosed technology. DETAILED DESCRIPTION As mentioned above, the disclosed technology concerns an homomorphic encryption technique that enables to carry on operations on encrypted messages without decrypting them, these encrypted messages being associated to unencrypted messages that are each longer than a single bit, and that are processed without being decomposed into individual binary messages. The disclosed technology concerns more particularly a technique for encrypting and processing messages mi, that belong to a discrete set consisting of p _i distinct elements, with p _i being an odd number, these messages being encrypted and processed directly, without decomposing these messages into smaller (for instance binary) messages that would be encrypted separately. This technology is presented below in the case where the discrete set in question is the discrete torus or the set T _pi ,N[X] of polynomials of degree N-1 whose coefficients belong to T _pi . Still, as the skilled person will appreciate, this technology can be applied as well (possibly, with minor modifications for the homomorphic addition or multiplication) to another discrete set of messages in bijective relationship with T _pi , like (that is T _pi with an offset of +1/p _i ; it may be noted that for this alternative example, the different operations described below – including the bootstrapping procedure, but also the homomorphic multiplication - can be implemented in the same manner as in the case of T _pi , even if the values may have to be shifted to reintegrate them in the interval [-1/2, 1/2[ ) for instance. The disclosed technology concerns also a technique for encrypting and processing even longer messages x, using a specific decomposition of the message x into smaller messages mi, this decomposition being based on the Chinese remainder theorem decomposition and enabling to process the sub-messages mi separately from each other, without having to take into account possible carries. The encryption technique for encrypting and processing a message m ⁱ , without decomposing it, will be presented first. The technique for encrypting and processing a longer message x, composed of several such messages mi, based on a Chinese remainder theorem decomposition, will be presented then. Finally, electronic devices and systems for implementing such methods will be presented. Homomorphic encryption and processing of a message mi belonging to T _pi , or to T _pi ,N[X]. As mentioned above, this homomorphic encryption technique is applied to messages mi that belong to the discrete torus or to the set T _pi ,N[X] of polynomials of degree N-1 whose coefficients belong to T _pi . More precisely, the set of polynomials T _pi ,N[X] is the finite field composed of the polynomials of degree N-1 defined modulo X ^N +1, and whose coefficients belong to T _pi : T _pi ,N[X]=T _pi [X]/(X ^N +1). Remarkably, the integer number p _i is odd (which makes some of the operations described below possible). Encryption An unencrypted message mi, belonging to T _pi , is encrypted according to the “learning with error” scheme: the encrypted message c _i =(a _i ,b _i ) (or, in other words, the cypher text c _i ), which is the encrypted version of mi, is determined by: - randomly choosing a vector a _i , and - computing the quantity b _i =m _i +e _i +a _i .s where s is a secret key and where ei is a noise component, added to mi+a _i .s. When mi belongs to T _pi , the noise component ei belongs to the torus T=]-1/2,1/2]. And when mi belongs to T _pi ,N[X], ei belongs to the set TN[X] of polynomials of degree N- 1, defined modulo (X ^N +1) and whose coefficients belong each to T. ei is randomly chosen according to a predefined statistical distribution. At least one feature of this distribution, for instance its standard deviation (or the standard deviation of each of its coefficients, when ei is a polynomial), is determined depending on the integer number p _i . For instance, the standard deviation of this distribution is all the smaller than p _i is high (this standard deviation may be inversely proportional to p _i , for example). The secret key s is a vector having n components, each belonging to the set of integers Z, or to the set of polynomials of degree N-1, defined modulo (X ^N +1) and whose coefficients belong each to Z. In other words, s belongs to Z ⁿ , or to ZN[X] ⁿ , where ZN[X]= Z[X]/(X ^N +1). The secret key s may more particularly belong to B ⁿ , or to BN[X] ⁿ , where B={0,1} (B being the set constituted by the binary values 0 and 1). The vector a _i has also n components, and is such that the scalar product a _i .s belongs either to T _pi (when mi belongs to T _pi ), or to T _pi ,N[X] (when mi belongs to T _pi ,N[X]). For instance, if mi belongs of T _pi , and if s belongs to B ⁿ , a _i belongs to T _pi ⁿ (each of the n components of a _i belongs to T _pi ). In the following, for the sake of clarity, we consider that mi belongs to T _pi , and that s belongs to Z ⁿ or B ⁿ . Besides, in the following, we consider more specifically that s belongs to B ⁿ (which simplifies some of the operations involved in the bootstrapping procedure described below). To decrypt the encrypted message c _i =(a _i ,b _i ), a decryption module or a decryption device that has access to the secret key s computes b _i -a _i .s (which is equal to mi+ei), and then rounds it to the nearest value belonging to the discrete Torus T _pi , thus removing the noise component ei and obtaining mi. The encrypted message c _i , obtained by encrypted mi using the secret key s, may be also noted Homomorphic operations An objective of the instant technology is to carry on operations homomorphically, that is to say to carry on operations on one, two or more messages m1 _i , m2 _i , …, but using their encrypted version c1 _i , c2 _i , … (instead of the unencrypted messages m1 _i , m2 _i , …) and without decrypting them, without knowing or having access to the secret key s. More generally, determining homomorphically a given quantity is meant determining an encrypted version of this quantity, on the basis of encrypted messages, without using or determining unencrypted versions (unencrypted counterparts) of these encrypted messages, and without using (in particular without accessing) the secret key s. In practice, it is particularly interesting to be able to achieve two-operands homomorphic operations, like a homomorphic addition, multiplication or comparison of two messages (which is very useful for sorting encrypted data without decrypting them). In the case of a two-operands operation, the usual (“normal”) operation, whose operands are m1 _i and m2 _i , is noted Op and its result is noted m3 _i : m3 _i =Op(m1 _i ,m2 _i ). The corresponding homomorphic operation (that is, the homomorphic counterpart of Op) is noted Hop. So, the homomorphic operation Hop is an operation: - whose operands are two cipher texts c1 _i and c2 _i , which are encrypted versions of two messages m1 _i and m2 _i respectively (each belonging to T _pi ); - which produces a cipher text c3 _i =Hop(c1 _i ,c2 _i ), that it determined from c1 _i and c2 _i without decrypting c1 _i or c2 _i , without using the secret key s (in particular, without knowing or accessing the secret key s); - the cipher text c3 _i being an encrypted version of m3 _i =Op(m1 _i ,m2 _i ). In other words, when decrypting c1 _i , c2 _i and c3 _i using the secret key s, one gets respectively m1 _i , m2 _i and m3 _i =Op(m1 _i ,m2 _i ). Homomorphic addition The homomorphic addition is noted ⊕, (Hop=⊕). The homomorphic addition of two cipher texts, c3 _i =c1 _i ⊕c2 _i , is readily achieved by summing the two cipher texts c1 _i =(a1 _i ,b1 _i ) and c2 _i =(a2 _i ,b2 _i ) component by component: c3 _i =(a3 _i ,b3 _i ) with a3 _i =a1 _i +a2 _i and b3 _i =b1 _i +b2 _i . Indeed, b3 _i - s.a3 _i =m1 _i +m2 _i +e1 _i +e2 _i is rounded as m1 _i +m2 _i (provided that e1 _i +e2 _i is small enough). So, c3 _i =c1 _i ⊕c2 _i is indeed decrypted as m3 _i =m1 _i +m2 _i . A homomorphic subtraction ⊖ can be achieved similarly by subtracting two cipher texts component by component. A homomorphic multiplication for messages belonging to the discrete torus is much more complicated to develop and to implement. It will be presented later, after having described a new bootstrapping technique for messages belonging to the discrete torus (as this bootstrapping technique is used to carry on the homomorphic multiplication in question). Method for bootstrapping an encrypted message c _i A method for bootstrapping an encrypted message c _i =(a _i ,b _i ), that had been determined, as described above, by encrypting a message mi using the secret key s, is presented below. This method comprises a homomorphic determination of a refreshed encrypted message c _i ’=(a _i ’,b _i ’), which is an encrypted version of a value g(mi) of a function g applied to the message mi, c _i ’ having a noise component ei’ smaller than the noise component ei of c _i . The result c _i ’ of this bootstrapping method, applied to c _i , is noted G(c _i ). So, this new bootstrapping method is a bootstrapping method adapted to messages mi that belong to the discrete torus T _pi . It enables to refresh encrypted messages c _i associated to such messages mi, that is to say to reduce the noise components ei of these cypher texts c _i . And it enables also, at the same time, to apply an arbitrary function g to the message mi. In other words, this method enables to homomorphically determine the value g(mi) of the function g, applied to mi. The function g can be any function from T _pi to T _pi . In other words, g maps elements of T _pi to elements of T _pi (or elements of T _pi ,N[X] to elements of T _pi ,N[X]). The determination of c _i ’ comprises a step of determining homomorphically the constant coefficient coef _o (X ^q .W _g (X)) of a polynomial X ^q .Wg(X) mod (X ^N +1), where q is the integer number that is the nearest to 2N(b _i -a _i .s): q = The homomorphic determination of coef _o (X ^q .Wg(X)) is carried on in a way similar to prior art techniques, like described in section 6 of Ilaria Chillotti, Nicolas Gama, Mariya Georgieva, and Malika Izabachène, “TFHE: Fast fully homomorphic encryption over the torus”, Journal of Cryptology, 33(1):34–91, 2020, for instance, but using a specially designed polynomial W _g (X), associated to the function g considered. The coefficients of the polynomial Wg(X), of degree N-1, are noted wj: They belong each to T _pi and are determined as follow. Let’s consider a function fw, from Z to T _pi , defined as: denoting the ceiling function. The coefficients wj of Wg(X) are then defined, depending on g, such that, for any mi belonging to T _pi : So, the coefficients wj are related to the function g by the following equation: It can be proven that, given that p _i is odd, and that twice the difference between any two of the elements of the discrete set considered (namely T _pi , here) is not an integer number: a) it is possible, for any function g from T _pi to T (and more generally for any function from any discrete set of p _i elements such as defined above, to T), to construct a corresponding function fw, and thus a polynomial Wg(X), that fulfills the conditions given above, and that b) thanks to this particular choice of polynomial (i.e.: thanks to the use of the particular polynomial Wg(X)), homomorphically determining coef _o (X ^q .Wg(X)) actually leads to the determination of an encrypted version of g(mi). The detailed (and quite elaborate) proof of these results is not presented here, for the sake of conciseness and as it not directly useful in view of implementing the instant technology. Still, it is noted that point a) is far from being immediate. Indeed, it can be readily noted that, for any z belonging to Z, So the function fw defined above is quite constrained, and a detailed analysis is in fact required to ensure that an adequate fw function can actually be constructed for any function g (provided that the conditions above, regarding p _i and the elements of the set, are fulfilled). It may be noted that this bootstrapping technique, presented above in the case where the discrete set with p _i elements is T _pi (or T _pi ,N[X]), can be applied as well in the case of another discrete set consisting of p _i elements (with pi odd, and such that twice the difference between any two of the elements of this set is not an integer number). In particular, the formula giving the values of the coefficients wj of the polynomial Wg remains the same. As mentioned in the section entitled “summary”, the degree N-1 of the polynomial W _g (X) can be chosen so that N is below 50 times p _i , or even below 30 times p _i , which is high enough to avoid enables erasing or degrading the message mi, while leading to a reasonably fast execution of this bootstrapping procedure. Besides, N may be chosen as equal to or higher p _i , or even than 5 times p _i . The coefficients w _j of W _g (X) are then numerous enough to adjust the polynomial Wg(X) to any, arbitrary function g, from T _pi to T _pi . Some details regarding the homomorphic evaluation of coef _o (X ^q .Wg(X)) in itself are presented now. They are outlined briefly, as this evaluation is carried on in a way similar to prior art techniques (such as the one described in ***Ref1), apart from the specific choice of the polynomial W _g (X). As known in the art, a polynomial such as X ^q .Wg(X) modulo (X ^N +1) can be decomposed into several successive modular products : where In the equation above, each product “.” is a modular product: the left term, for instance belongs to Z _N [X], while the right term, for instance W _g (X), or belongs to T _pi,N [X]. Such a product is completely similar to the product y.mi of an integer number y with a number mi belonging to T _pi , which is usually designated as a modular product (due to the modular structure of T _pi , defined modulo 1). It is known that a modular product y.mi, or X ^j .Wg(X), can be computed homomorphically in the form of a so-called external product where is the encrypted version of the message m _i (c _i being computed as explained above), and where χ _s ,(z) is the so-called TGSW encrypted form of z (TGSW standing for “Gentry, Sahai, Waters” Torus encryption, the TGSW scheme having been suggested in the article “Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attribute-based”, by C. Gentry, A. Sahai, and B. Waters, InCrypto’13, 2013). Besides, as known in the art, a quantity like χ _s , can be computed without knowing the secret key component sk, k=1...n (more generally, without knowing the secret key s). Indeed, as the secret key components sk, k=1...n belong each to B={0,1}, the quantity is equal to which is encrypted as And so, an encrypted version of X ^q .Wg(X) modulo (X ^N +1) can be computed without knowing or having access to the secret key s as it can be computed using an encrypted versions χ _s ,(s _k ) of the secret key components sk, sometimes designated as a Bootstrap Key BKk in the literature. Usually, the Bootstrap Key BK _k = χ _s ,(s _k ), which is an encrypted version of the secret key component sk, encrypted using another key s’, is a public key. The way to compute the TGSW encrypted version χ _s ,(y) of an integer number y or, equivalently, to compute the TRGSW (GSW Torus 'Ring') encrypted version χ _s ,(P) of a polynomial P belonging to Z _N [X], is recalled below. The way to compute the external product is also recalled. χ _s ,(y) is defined as being equal to with: - where the z _j , j=1…l(n+1) are l(n+1) distinct encrypted versions of 0, the null value 0 being encrypted with and where l is a given, fixed integer number; and - a matrix whose dimension is (n + 1) x (n + 1) x l and whose coefficients belong to the Torus being equal to: B being an integer number higher than or equal to 2. The external product between: - an encrypted message corresponding to a message m belonging to the discrete torus T _pi , more generally to the torus T, and - an encrypted version C = χ _s ,(y) of an integer number y, C ∈ is computed as explained below. The n+1 components c _j , j=1..n+1 of the encrypted message are each decomposed, using a kind of numeral system of base B (like the one used to compute χ _c8 ) : Then, one computes where ^∑ _h,i ^I^ z denotes the usual row-vector matrix product and where is a matrix of dimension (n+1)×l whose expression is: with The result, which be ⁿ⁺¹ longs to T , is an encrypted version of y.m . In other words, decrypting this quantity using s gives y.m. This technique can be applied to any message m belonging to the torus T. So, it can also be applied, like here, to messages belonging to the discrete torus T _pi . Homomorphic multiplication First, it is noted that the usual, natural multiplication cannot be used as such for multiplying two messages belonging to the discrete torus T _pi . For elements belonging to the discrete torus T _pi , a multiplication, noted x _T , can however be defined, according to the following equation: where m1 _i =x1 _i /p _i and m2 _i =x2 _i /p _i each belong each to T _pi , x1 _i and x2 _i being integer numbers, and where “.” is the usual, natural multiplication. Clearly, the product m3 _i = m1 _i x _T m2 _i belongs also to T _pi . Besides, this multiplication between elements of the discrete torus complies with the modular nature of T _pi . Indeed, for any couple of messages m1 _i , m2 _i belonging to T _pi ² : as x2 _i is an integer number, and so, (m1 _i + 1) x _T m2 _i = m1 _i x _T m2 _i . The homomorphic multiplication procedure described here is noted It produces a cyphertext which is an encrypted version of m3 _i = m1 _i x _T m2 _i , c1 _i and c2 _i being encrypted versions of m1 _i and m2 _i respectively. To determine c3 _i , that is to say to determine homomorphically the quantity (x1 _i . x2 _i )/p _i mod (1), the bootstrapping procedure described above is exploited, as well as the fact that xy=((x+y) ² -(x-y) ² )/4. This identity is employed to switch from the two-operands multiplication operation xy to a single-operand squaring operation, this squaring operation being carried on homomorphically thanks to this specific bootstrapping procedure (thanks to an appropriate choice of the function g). More precisely, to determine homomorphically one determines homomorphically the quantity M below : where (m1 _i + m2 _i ) ² = (m1 _i + m2 _i ) · (m1 _i + m2 _i ), “.” being the usual, natural multiplication. Indeed,

as (pi+1)/2 is the inverse of 2, in Z _pi . In this respect, it is noted that it is useful to have p _i odd, as it allows 2 to be inversible, in Z _pi . To determine homomorphically the quantity one computes where Gsq denotes the bootstrapping procedure described above, in the particular case where the function g is the function: And so, finally c3 _i is determined, homomorphically, from c1 _i and c2 _i , according to the following equation, where is the external product mentioned above (see figure 1): As the skilled person will appreciate, several modifications can be made to this homomorphic multiplication procedure, without departing from the disclosed technology. For instance, instead of using the bootstrapping “function” G _sq to determine homomorphically the quantity M, one could use another bootstrapping “function”, noted G _sq , which corresponds to the bootstrapping procedure described above in the particular case where the function g is the function: In this case the encrypted product c3 _i is determined, homomorphically, according to the following equation: Still, using G _sq will enable a faster computation than G _sq' , as it prevents from computing two extra external products And for even faster computation, c3 _i could be determined homomorphically, from c1 _i and c2 _i , according to the following equation: where G _sq'' denotes the bootstrapping function presented above in the case where the function g is the function: Homomorphic evaluation of a two-variable function The disclosed technology concerns also a method for evaluating a two-variable function, that is an arbitrary two-operands function, homomorphically. Being able to evaluate such a quantity is very useful for homomorphic data bases processing. Indeed, it enables, inter alia, to compare two ciphers texts c1 _i and c2 _i without decrypting them (for instance to sort the data base). To this end, the two-variable function employed could be the Max, or Min function. In this respect, one may note that a function returning (in an encrypted form) the maximum, or the minimum of a set of two messages is a two-variable function. And due to the modular nature of the messages employed here, the maximum or minimum of two messages cannot be determined by simply looking at the sign of the difference of these two messages. As explained below, to evaluate homomorphically a two-variable function f, each of the two inputs of this function (which belong each to T _pi ) is mapped on a specifically designed set of values S. The elements µj of Sbelong each to T, and such that, for any set of indexes (i,j,k,l) with (i,j)≠(k,l), (k,l) being also different from (j,i) : is different from modulo ½, where α and β are two constant and integer, given numbers. So: Then, taking advantage of this property, the two-operand function f is transformed into a one-operand function gf by first computing a linear combination of these two messages (multiplied respectively by the coefficients α and β), in order to obtain a single operand (the two messages having been preliminarily mapped onto The one- operand function gf is then homomorphically evaluated, by using the specific bootstrapping procedure described above. More precisely, the two input messages m1 _i and m2 _i are first mapped onto corresponding elements of thanks to a mapping function gmap: where m is one of the elements of S. g _map is chosen among the different possible functions that map T _pi on It may be noted that it can be proven that it is always possible to build a set fulfilling the condition above (and fulfilling also one the additional conditions given below for In practice, the set can be chosen among different sets fulfilling these conditions. Preferably, the set S that is chosen is the one for which the values of the set are the more spaced apart from each other. The “mapped” messages associated respectively to m1 _i and m2 _i are noted and respectively: The “one-operand” function gf corresponding to f is then defined as: that is: The fact that two different couples of messages (m1 _i , m2 _i ) and (m1’i, m2’i) always lead to two different values of the intermediate quantity (respectively, due to the specific structure of S, is one of the elements that enables to apply the method to any, arbitrary two variable function f from T _pi ×T _pi to T _pi , or even from T _pi ×T _pi to T. The encrypted version of f(m1 _i , m2 _i ) is noted When c _ƒ,i is decrypted using the secret key s, it gives f(m1 _i , m2 _i ). c _ƒ,i is determined, homomorphically, from the ciphertexts c1 _i and c2 _i (without decrypting c1 _i or c2 _i ), according to the following equation: where Gf denotes the bootstrapping function described above in the particular case where g is gf, and where Gmap denotes the bootstrapping function described above, in the particular case where g is gmap. It may be noted that the uncyphered values of = and β are used directly to compute c _ƒ,i . In other words, the coefficients = and β are not ciphered. This method can be applied to any function f (in particular, whether f is symmetric or not). When the function f is symmetric, α and β are chosen equal to each other. For instance, they may be chosen each as being equal to 1. In this case, c _ƒ,i is determined homomorphically from c1 _i and c2 _i according to the following equation (see figure 2): This way to compute c _ƒ,i is beneficial as there is no multiplication by α or β to be carried on, and as the noise terms are not amplified, as they are multiplied by 1. It may be noted that the Max(c1 _i , c2 _i ) function, for instance, whose output is the cipher text c1 _i , or c2 _i , that is associated to the highest of the two messages m1 _i and m2 _i (highest, with respect to usual order of T _pi values), is a symmetric function. When the function f is not symmetric, α and β are chosen different from each other, and the elements of are such that, for any set of indexes (i,j,k,l) with (i,j)≠(k,l), α.µi+β.µj is different from modulo ½, even when (k,l)=(j,i). In this case, α and β can be chosen as being equal to +1 and -1 respectively, for instance. c _ƒ,i is then determined homomorphically from c1 _i and c2 _i according to the following equation Again, this kind of implementation is beneficial, as it involves no multiplication by a coefficient higher than 1, and so no noise amplification. This method for evaluating homomorphically a two-variable function has been presented above in a case where the function f is a function from T _pi ×T _pi to T _pi , or from T _pi ×T _pi to T. Still, it can be implemented identically when the two variables of the function f each belongs to a discrete set of p _i elements (possibly different from T _pi , but consisting of p _i elements, with pi odd, and such that twice the difference between any two of the elements of this set is not an integer number), the values of function f belonging to T. Carry-less processing of a message m, by decomposing it into orthogonal sub-messages mi. As mentioned above, the disclosed technology also concerns a technique for encrypting and processing 'very long' messages x (or m), using a specific decomposition of the message x into smaller messages x _i , this decomposition being based on the Chinese remainder theorem decomposition and enabling to process the sub-messages xi, or, for instance, their counterparts x _i /p _i , separately from each other, without having to take into account possible carries. This technique can be applied to any message belonging to p being equal to where the integer numbers p _i are pairwise coprime. More precisely, for any message x belonging to the corresponding encrypted message C is determined by executing the following operations (figure 3): - Step D: decomposing x into its components x _i , i=1...r, with x _i equal to x modulo p _i (the Chinese remainder theorem stating that such a decomposition is always possible), - Step E: for each component x _i whose associated factor p _i is odd, determining an encrypted version c _i of a message mi, according to the encryption method presented above, mi being, among the elements of the discrete set of p _i elements mentioned above (e.g.: T _pi ), the element that is associated to x _i by a given bijective relationship between and said discrete set, - if a component x _i is associated to a factor p _i equal to 2, determining an encrypted version c _i of a quantity Qi associated to x _i and that can takes two distinct values, c _i being equal to (a _i ,b _i ) with b _i = Q _i +e _i +a _i .s, - returning C=(c ₁ ,...c _i ,...c _r ). Below, we consider the case in which the discrete set consisting of p _i distinct elements is T _pi . The componen xt _i may be associated (bijectively) to a corresponding element mi of T _pi according to the following equation, for instance: m _i =x _i /p _i , or according to the following equation mi=-x _i /p _i , or, alternatively, according to the following equation mi=(x _i +1)/p _i . Besides, we consider below that the same secret key s is used on the different fields In other words, here, the same secret key s is used to cipher the different messages m ₁ , …m _i , …m _r . Still, in alternative, different keys could be used to cipher the different (sub-) messages m ₁ , …m _i , …m _r . In may be noted that, in other embodiments, the discrete set in question may be another set than T _pi , and that another operation than the one mentioned above could be used to map onto this discrete set (for instance, mi could be obtained by multiplying xi by any integer number that is coprime with p _i , and then be divided by p _i ). Besides, here, the decomposition of x is carried on such that the only even factor p _i , should there be one, is two. So, except from, possibly, a factor two, all the other factors p _i are odd. And so, their corresponding messages mi can all be processed, individually, according to the methods described in detail above, for elements belonging to T _pi , except, possibly, for one of them, associated to a factor p _i equal to two, which is processed, for instance, according to existing, known techniques for binary messages. When processing such an encrypted message C=(c ₁ ,...c _i ,...cr), or when processing a couple (C1,C2) of two such messages C1=(c1 ₁ ,...c1 _i ,...c1 _r ) and C2=(c2 ₁ ,...c2 _i ,...c2 _r ), the components c ₁ ,...c _i ,...c _r of C, or the couples of components (c1 ₁ , c2 ₁ ) ... (c1 _i , c2 _i ),... (c1 _r , c2 _r ) are processed, homomorphically, independently from each other (that is, without taking into account any carry). For instance, the homomorphic addition of two such messages C1 and C2 is achieved as follow (see figure 4): Similarly, the homomorphic multiplication of two such messages C1 and C2 is achieved as follow, based on the T _pi ×T _pi homomorphic multiplication ⊙ presented above (see figure 5): Similarly, a refreshed version C’ of such an encrypted message C=(c ₁ ,...c _i ,...c _r ) is determined by computing the following quantity Electronic devices and system Figure 6 represents schematically a cryptographic system 1 comprising an encrypting device 2 and a processing device 3, for processing encrypted messages without decrypting them. The encrypting device 2 and the processing device 3 comprise each at least one processor, and at least one memory. The encrypting device 2 is programmed, or otherwise arranged for executing the following steps: - receiving data representative of an unencrypted message mi, that belongsto a discrete set consisting of p _i distinct elements, with pi being an odd number, said discrete set being the discrete torus T _pi = or the set T _pi ,N[X] of polynomials of degree N-1 whose coefficients belong to T _pi , or to another discrete set in bijective relationship with T _pi , - processing said data according to the method for encrypting such messages, that has been presented above, to determine encrypted data representative of the encrypted message c _i , the secret key s employed during said processing, for instance stored, at least temporarily, in the memory of the encrypting device, being accessed by the processor or processors during said processing. The processing device 3, which is distinct from the encrypting device 2, is configured for receiving the encrypted message c _i from the encrypting device 2, and, possibly, to receive other such encrypted messages. The processing device 3 is programmed, or otherwise arranged to execute the following steps: - receiving data, representative of the encrypted message c _i produced by the encrypting device 2, - processing said data, according to the method for bootstrapping described above, to determine refreshed data, representative of the encrypted message c' _i , said processing being achieved without decrypting c _i and without using, reading or accessing the secret key s. In particular, during this bootstrapping, the unencrypted message mi corresponding to c _i does not appear nor result from an operation, nor it is used, read or accessed. The unencrypted message mi, just as the secret key s, thus remains absent from the processing device 3 at all time. The processing device could also be programmed to execute the homomorphic multiplication method presented above and/or to homomorphic evaluate of a two- variable function like the one presented above. The processing device 3 could also be programmed to execute one or several of the homomorphic processing methods for encrypted messages like the message C=(c ₁ ,...c _i ,...c _r ), that has been presented above. And the encrypting device 2 could be programmed to produce such encrypted messages, from unencrypted messages x belonging to Zp.