4 research outputs found
A Survey on Homomorphic Encryption Schemes: Theory and Implementation
Legacy encryption systems depend on sharing a key (public or private) among
the peers involved in exchanging an encrypted message. However, this approach
poses privacy concerns. Especially with popular cloud services, the control
over the privacy of the sensitive data is lost. Even when the keys are not
shared, the encrypted material is shared with a third party that does not
necessarily need to access the content. Moreover, untrusted servers, providers,
and cloud operators can keep identifying elements of users long after users end
the relationship with the services. Indeed, Homomorphic Encryption (HE), a
special kind of encryption scheme, can address these concerns as it allows any
third party to operate on the encrypted data without decrypting it in advance.
Although this extremely useful feature of the HE scheme has been known for over
30 years, the first plausible and achievable Fully Homomorphic Encryption (FHE)
scheme, which allows any computable function to perform on the encrypted data,
was introduced by Craig Gentry in 2009. Even though this was a major
achievement, different implementations so far demonstrated that FHE still needs
to be improved significantly to be practical on every platform. First, we
present the basics of HE and the details of the well-known Partially
Homomorphic Encryption (PHE) and Somewhat Homomorphic Encryption (SWHE), which
are important pillars of achieving FHE. Then, the main FHE families, which have
become the base for the other follow-up FHE schemes are presented. Furthermore,
the implementations and recent improvements in Gentry-type FHE schemes are also
surveyed. Finally, further research directions are discussed. This survey is
intended to give a clear knowledge and foundation to researchers and
practitioners interested in knowing, applying, as well as extending the state
of the art HE, PHE, SWHE, and FHE systems.Comment: - Updated. (October 6, 2017) - This paper is an early draft of the
survey that is being submitted to ACM CSUR and has been uploaded to arXiv for
feedback from stakeholder
Accelerating Homomorphic Evaluation on Reconfigurable Hardware
Homomorphic encryption allows computation on encrypted data and makes it possible to securely outsource computational tasks to untrusted environments. However, all proposed schemes are quite inefficient and homomorphic evaluation of ciphertexts usually takes several seconds on high-end CPUs, even for evaluating simple functions. In this work we investigate the potential of FPGAs for speeding up those evaluation operations. We propose an architecture to accelerate schemes based on the ring learning with errors (RLWE) problem and specifically implemented the somewhat homomorphic encryption scheme YASHE, which was proposed by Bos, Lauter, Loftus, and Naehrig in 2013. Due to the large size of ciphertexts and evaluation keys, on-chip storage of all data is not possible and external memory is required. For efficient utilization of the external memory we propose an efficient double-buffered memory access scheme and a polynomial multiplier based on the number theoretic transform (NTT). For the parameter set (n=16384,log_2(q)=512) capable of evaluating 9 levels of multiplications, we can perform a homomorphic addition in 48.67 and a homomorphic multiplication in 0.94 ms
HEAX: An Architecture for Computing on Encrypted Data
With the rapid increase in cloud computing, concerns surrounding data
privacy, security, and confidentiality also have been increased significantly.
Not only cloud providers are susceptible to internal and external hacks, but
also in some scenarios, data owners cannot outsource the computation due to
privacy laws such as GDPR, HIPAA, or CCPA. Fully Homomorphic Encryption (FHE)
is a groundbreaking invention in cryptography that, unlike traditional
cryptosystems, enables computation on encrypted data without ever decrypting
it. However, the most critical obstacle in deploying FHE at large-scale is the
enormous computation overhead.
In this paper, we present HEAX, a novel hardware architecture for FHE that
achieves unprecedented performance improvement. HEAX leverages multiple levels
of parallelism, ranging from ciphertext-level to fine-grained modular
arithmetic level. Our first contribution is a new highly-parallelizable
architecture for number-theoretic transform (NTT) which can be of independent
interest as NTT is frequently used in many lattice-based cryptography systems.
Building on top of NTT engine, we design a novel architecture for computation
on homomorphically encrypted data. We also introduce several techniques to
enable an end-to-end, fully pipelined design as well as reducing on-chip memory
consumption. Our implementation on reconfigurable hardware demonstrates
164-268x performance improvement for a wide range of FHE parameters.Comment: To appear in proceedings of ACM ASPLOS 202