13 research outputs found
A First Practical Fully Homomorphic Crypto-Processor Design: The Secret Computer is Nearly Here
Following a sequence of hardware designs for a fully homomorphic
crypto-processor - a general purpose processor that natively runs encrypted
machine code on encrypted data in registers and memory, resulting in encrypted
machine states - proposed by the authors in 2014, we discuss a working
prototype of the first of those, a so-called `pseudo-homomorphic' design. This
processor is in principle safe against physical or software-based attacks by
the owner/operator of the processor on user processes running in it. The
processor is intended as a more secure option for those emerging computing
paradigms that require trust to be placed in computations carried out in remote
locations or overseen by untrusted operators.
The prototype has a single-pipeline superscalar architecture that runs
OpenRISC standard machine code in two distinct modes. The processor runs in the
encrypted mode (the unprivileged, `user' mode, with a long pipeline) at 60-70%
of the speed in the unencrypted mode (the privileged, `supervisor' mode, with a
short pipeline), emitting a completed encrypted instruction every 1.67-1.8
cycles on average in real trials.Comment: 6 pages, draf
An Open Question on the Uniqueness of (Encrypted) Arithmetic
We ask whether two or more images of arithmetic may inhabit the same space via different encodings. The answers have significance for a class of processor design that does all its computation in an encrypted form, without ever performing any decryption or encryption itself. Against the possibility of algebraic attacks against the arithmetic in a `crypto-processor' (KPU) we propose a defence called `ABC encryption' and show how this kind of encryption makes it impossible for observations of the arithmetic to be used by an attacker to discover the actual values. We also show how to construct such encrypted arithmetics
An Obfuscating Compiler
Privacy for arbitrary encrypted remote computation in the cloud depends on the running code on the server being obfuscated from the standpoint of the operator in the computer room. This paper shows formally as well as practically that that may be arranged on a platform with the appropriate machine code architecture, given the obfuscating compiler described
Chaotic Compilation for Encrypted Computing: Obfuscation but Not in Name
An `obfuscation' for encrypted computing is quantified exactly here, leading
to an argument that security against polynomial-time attacks has been achieved
for user data via the deliberately `chaotic' compilation required for security
properties in that environment. Encrypted computing is the emerging science and
technology of processors that take encrypted inputs to encrypted outputs via
encrypted intermediate values (at nearly conventional speeds). The aim is to
make user data in general-purpose computing secure against the operator and
operating system as potential adversaries. A stumbling block has always been
that memory addresses are data and good encryption means the encrypted value
varies randomly, and that makes hitting any target in memory problematic
without address decryption, yet decryption anywhere on the memory path would
open up many easily exploitable vulnerabilities. This paper `solves (chaotic)
compilation' for processors without address decryption, covering all of ANSI C
while satisfying the required security properties and opening up the field for
the standard software tool-chain and infrastructure. That produces the argument
referred to above, which may also hold without encryption.Comment: 31 pages. Version update adds "Chaotic" in title and throughout
paper, and recasts abstract and Intro and other sections of the text for
better access by cryptologists. To the same end it introduces the polynomial
time defense argument explicitly in the final section, having now set that
denouement out in the abstract and intr
On the Security of Practical and Complete Homomorphic Encrypted Computation
Security with respect to the operator as an adversary is considered for processors supporting unbounded general purpose homomorphic encrypted computation. An efficient machine code architecture is defined for those platforms and it is proved that user programs expressed in it are cryptographically obfuscated, guaranteeing privacy though they, their traces and (encrypted) data are visible to the operator.
It is proved that encrypted user data cannot be deciphered by the operator, nor may programs be altered to give an intended result. A compiler is defined and it is proved that any recompilation produces uniformly distributed random variations in runtime data, supporting cryptographic obfuscation
Safe Compilation for Encrypted Computing
Encrypted computing is an emerging field in which inputs, outputs and intermediates are maintained in encrypted form in a processor, conferring security on user data against the operator and operating system as adversaries, which run unencrypted in the same machine. Systems that pass encrypted addresses to memory without decryption close a major attack vector and allow off-the-shelf memory to be used. But that makes memory unreliable from the program\u27s perspective, as the many different encryptions of a plaintext address access different memory locations that the program sees as the same with varying contents. A clever `obfuscating\u27 compiler solves the problem, opening up the field