75 research outputs found
Field switching in BGV-style homomorphic encryption
The security of contemporary homomorphic encryption schemes over cyclotomic number field relies on fields of very large dimension. This large dimension is needed because of the large modulus-to-noise ratio in the key-switching matrices that are used for the top few levels of the evaluated circuit. However, a smaller modulus-to-noise ratio is used in lower levels of the circuit, so from a security standpoint it is permissible to switch to lower-dimension fields, thus speeding up the homomorphic operations for the lower levels of the circuit. However, implementing such field-switching is nontrivial, since these schemes rely on the field algebraic structure for their homomorphic properties. A basic ring-switching operation was used by Brakerski, Gentry and Vaikuntanathan, over rings of the form Z[X]/(X 2n + 1), in the context of bootstrapping. In this work we generalize and extend this technique to work over any cyclotomic number field, and show how it can be used not only for bootstrapping but also during the computation itself (in conjunction with the “packed ciphertext ” techniques of Gentry, Halevi and Smart).
Efficiently processing complex-valued data in homomorphic encryption
We introduce a new homomorphic encryption scheme that is natively capable of computing with complex numbers. This is done by generalizing recent work of Chen, Laine, Player and Xia, who modified the Fan–Vercauteren scheme by replacing the integral plaintext modulus t by a linear polynomial X − b. Our generalization studies plaintext moduli of the form Xm + b. Our construction significantly reduces the noise growth in comparison to the original FV scheme, so much deeper arithmetic circuits can be homomorphically executed
Towards Improved Homomorphic Encryption for Privacy-Preserving Deep Learning
Mención Internacional en el título de doctorDeep Learning (DL) has supposed a remarkable transformation for many fields, heralded
by some as a new technological revolution. The advent of large scale models has increased
the demands for data and computing platforms, for which cloud computing has become
the go-to solution. However, the permeability of DL and cloud computing are reduced
in privacy-enforcing areas that deal with sensitive data. These areas imperatively call for
privacy-enhancing technologies that enable responsible, ethical, and privacy-compliant
use of data in potentially hostile environments.
To this end, the cryptography community has addressed these concerns with what
is known as Privacy-Preserving Computation Techniques (PPCTs), a set of tools that
enable privacy-enhancing protocols where cleartext access to information is no longer
tenable. Of these techniques, Homomorphic Encryption (HE) stands out for its ability
to perform operations over encrypted data without compromising data confidentiality or
privacy. However, despite its promise, HE is still a relatively nascent solution with efficiency
and usability limitations. Improving the efficiency of HE has been a longstanding
challenge in the field of cryptography, and with improvements, the complexity of the
techniques has increased, especially for non-experts.
In this thesis, we address the problem of the complexity of HE when applied to DL.
We begin by systematizing existing knowledge in the field through an in-depth analysis
of state-of-the-art for privacy-preserving deep learning, identifying key trends, research
gaps, and issues associated with current approaches. One such identified gap lies in the
necessity for using vectorized algorithms with Packed Homomorphic Encryption (PaHE),
a state-of-the-art technique to reduce the overhead of HE in complex areas. This thesis
comprehensively analyzes existing algorithms and proposes new ones for using DL with
PaHE, presenting a formal analysis and usage guidelines for their implementation.
Parameter selection of HE schemes is another recurring challenge in the literature,
given that it plays a critical role in determining not only the security of the instantiation
but also the precision, performance, and degree of security of the scheme. To address
this challenge, this thesis proposes a novel system combining fuzzy logic with linear
programming tasks to produce secure parametrizations based on high-level user input
arguments without requiring low-level knowledge of the underlying primitives.
Finally, this thesis describes HEFactory, a symbolic execution compiler designed to
streamline the process of producing HE code and integrating it with Python. HEFactory
implements the previous proposals presented in this thesis in an easy-to-use tool. It provides
a unique architecture that layers the challenges associated with HE and produces
simplified operations interpretable by low-level HE libraries. HEFactory significantly reduces
the overall complexity to code DL applications using HE, resulting in an 80% length
reduction from expert-written code while maintaining equivalent accuracy and efficiency.El aprendizaje profundo ha supuesto una notable transformación para muchos campos
que algunos han calificado como una nueva revolución tecnológica. La aparición de modelos
masivos ha aumentado la demanda de datos y plataformas informáticas, para lo cual,
la computación en la nube se ha convertido en la solución a la que recurrir. Sin embargo,
la permeabilidad del aprendizaje profundo y la computación en la nube se reduce en los
ámbitos de la privacidad que manejan con datos sensibles. Estas áreas exigen imperativamente
el uso de tecnologías de mejora de la privacidad que permitan un uso responsable,
ético y respetuoso con la privacidad de los datos en entornos potencialmente hostiles.
Con este fin, la comunidad criptográfica ha abordado estas preocupaciones con las
denominadas técnicas de la preservación de la privacidad en el cómputo, un conjunto de
herramientas que permiten protocolos de mejora de la privacidad donde el acceso a la información
en texto claro ya no es sostenible. Entre estas técnicas, el cifrado homomórfico
destaca por su capacidad para realizar operaciones sobre datos cifrados sin comprometer
la confidencialidad o privacidad de la información. Sin embargo, a pesar de lo prometedor
de esta técnica, sigue siendo una solución relativamente incipiente con limitaciones
de eficiencia y usabilidad. La mejora de la eficiencia del cifrado homomórfico en la
criptografía ha sido todo un reto, y, con las mejoras, la complejidad de las técnicas ha
aumentado, especialmente para los usuarios no expertos.
En esta tesis, abordamos el problema de la complejidad del cifrado homomórfico
cuando se aplica al aprendizaje profundo. Comenzamos sistematizando el conocimiento
existente en el campo a través de un análisis exhaustivo del estado del arte para el aprendizaje
profundo que preserva la privacidad, identificando las tendencias clave, las lagunas
de investigación y los problemas asociados con los enfoques actuales. Una de las
lagunas identificadas radica en el uso de algoritmos vectorizados con cifrado homomórfico
empaquetado, que es una técnica del estado del arte que reduce el coste del cifrado
homomórfico en áreas complejas. Esta tesis analiza exhaustivamente los algoritmos existentes
y propone nuevos algoritmos para el uso de aprendizaje profundo utilizando cifrado
homomórfico empaquetado, presentando un análisis formal y unas pautas de uso para su
implementación.
La selección de parámetros de los esquemas del cifrado homomórfico es otro reto recurrente
en la literatura, dado que juega un papel crítico a la hora de determinar no sólo la
seguridad de la instanciación, sino también la precisión, el rendimiento y el grado de seguridad del esquema. Para abordar este reto, esta tesis propone un sistema innovador que
combina la lógica difusa con tareas de programación lineal para producir parametrizaciones
seguras basadas en argumentos de entrada de alto nivel sin requerir conocimientos
de bajo nivel de las primitivas subyacentes.
Por último, esta tesis propone HEFactory, un compilador de ejecución simbólica diseñado
para agilizar el proceso de producción de código de cifrado homomórfico e integrarlo
con Python. HEFactory es la culminación de las propuestas presentadas en esta
tesis, proporcionando una arquitectura única que estratifica los retos asociados con el
cifrado homomórfico, produciendo operaciones simplificadas que pueden ser interpretadas
por bibliotecas de bajo nivel. Este enfoque permite a HEFactory reducir significativamente
la longitud total del código, lo que supone una reducción del 80% en la
complejidad de programación de aplicaciones de aprendizaje profundo que usan cifrado
homomórfico en comparación con el código escrito por expertos, manteniendo una precisión
equivalente.Programa de Doctorado en Ciencia y Tecnología Informática por la Universidad Carlos III de MadridPresidenta: María Isabel González Vasco.- Secretario: David Arroyo Guardeño.- Vocal: Antonis Michala
Subring Homomorphic Encryption
In this paper, we construct {\em subring homomorphic encryption} scheme that is a homomorphic encryption scheme build on the decomposition ring, which is a subring of cyclotomic ring. In the scheme, each plaintext slot contains an integer in , rather than an element of as in conventional homomorphic encryption schemes on cyclotomic rings. Our benchmark results indicate that the subring homomorphic encryption scheme is several times faster than HElib {\em for mod- plaintexts}, due to its high parallelism of mod- slot structure. We believe in that the plaintext structure composed of mod- slots will be more natural, easy to handle, and significantly more efficient for many applications such as outsourced data mining
Multi-dimensional Packing for HEAAN for Approximate Matrix Arithmetics
HEAAN is a homomorphic encryption (HE) scheme for approximate arithmetics. Its vector packing technique proved its potential in cryptographic applications requiring approximate computations, including data analysis and machine learning.
In this paper, we propose MHEAAN - a generalization of HEAAN to the case of a tensor structure of plaintext slots. Our design takes advantage of the HEAAN scheme, that the precision losses during the evaluation are limited by the depth of the circuit, and it exceeds no more than one bit compared to unencrypted approximate arithmetics, such as floating point operations. Due to the multi-dimensional structure of plaintext slots along with rotations in various dimensions, MHEAAN is a more natural choice for applications involving matrices and tensors. We provide a concrete two-dimensional construction and show the efficiency of our scheme on several matrix operations, such as matrix multiplication, matrix transposition, and inverse.
As an application, we implement the non-interactive Deep Neural Network (DNN) classification algorithm on encrypted data and encrypted model. Due to our efficient bootstrapping, the implementation can be easily extended to DNN structure with an arbitrary number of hidden layer
Fully Homomorphic SIMD Operations
At PKC 2010 Smart and Vercauteren presented a variant of
Gentry\u27s fully homomorphic public key encryption scheme
and mentioned that the scheme could support SIMD style
operations.
The slow key generation process of the Smart--Vercauteren
system was then addressed in a paper by Gentry and Halevi,
but their key generation method appears to exclude the SIMD
style operation alluded to by Smart and Vercauteren.
In this paper, we show how to select parameters to
enable such SIMD operations, whilst still maintaining
practicality of the key generation technique of Gentry
and Halevi.
As such, we obtain a somewhat homomorphic scheme supporting
both SIMD operations and operations on large finite fields
of characteristic two.
This somewhat homomorphic scheme can be made fully
homomorphic in a naive way by recrypting all data elements
seperately. However, we show that the SIMD operations can be
used to perform the recrypt procedure in parallel, resulting
in a substantial speed-up.
Finally, we demonstrate how such SIMD operations
can be used to perform various tasks by studying two use
cases: implementing AES homomorphically and encrypted database
lookup
Doubly Efficient Batched Private Information Retrieval
Private information retrieval (PIR) allows a client to read data from a server, without revealing which information they are interested in. A PIR is doubly efficient if the server runtime is, after a one-time pre-processing, sublinear in the database size. A recent breakthrough result from Lin, Mook, and Wichs [STOC’23] proposed the first-doubly efficient PIR with (online) server computation poly-logarithmic in the size of the database, assuming the hardness of the standard Ring-LWE problem.
In this work, we consider the problem of doubly efficient batched PIR (DEBPIR), where the client wishes to download multiple entries. This problem arises naturally in many practical applications of PIR, or when the database contains large entries. Our main result is a construction of DEBPIR where the amortized communication and server computation overhead is , from the Ring-LWE problem. This represents an exponential improvement compared with known constructions, and it is optimal up to poly-logarithmic factors in the security parameter. Interestingly, the server’s online operations are entirely combinatorial and all algebraic computations are done in the pre-processing or delegated to the client
Fully Homomorphic Encryption from the Finite Field Isomorphism Problem
If is a prime and is a positive integer then any two finite
fields of order are isomorphic. Elements of these fields can be
thought of as polynomials with coefficients chosen modulo , and a
notion of length can be associated to these polynomials. A
non-trivial isomorphism between the fields, in general, does not
preserve this length, and a short element in one field will usually
have an image in the other field with coefficients appearing to be
randomly and uniformly distributed modulo . This key feature
allows us to create a new family of cryptographic constructions based
on the difficulty of recovering a secret isomorphism between two
finite fields. In this paper we describe a fully homomorphic encryption scheme based on this new hard problem
Field Instruction Multiple Data
Fully homomorphic encryption~(FHE) has flourished since it was first constructed by Gentry~(STOC 2009). Single instruction multiple data~(SIMD) gave rise to efficient homomorphic operations on vectors in , for prime . RLWE instantiated with cyclotomic polynomials of the form dominate implementations of FHE due to highly efficient fast Fourier transformations. However, this choice yields very short SIMD plaintext vectors and high degree extension fields, e.g. for small primes~().
In this work, we describe a method to encode more data on top of SIMD, \emph{Field Instruction Multiple Data}, applying reverse multiplication friendly embedding~(RMFE) to FHE. With RMFE, length- vectors can be encoded into and multiplied once. The results have to be recoded~(decoded and then re-encoded) before further multiplications can be done. We introduce an FHE-specific technique to additionally evaluate arbitrary linear transformations on encoded vectors for free during the FHE recode operation. On top of that, we present two optimizations to unlock high degree extension fields with small for homomorphic computation: -fold RMFE, which allows products of up to encoded vectors before recoding, and a three-stage recode process for RMFEs obtained by composing two smaller RMFEs. Experiments were performed to evaluate the effectiveness of FIMD from various RMFEs compared to standard SIMD operations. Overall, we found that FIMD generally had better (amortized) multiplication times compared to FHE for the same amount of data, while using almost fewer ciphertexts required
Development of Cryptography since Shannon
This paper presents the development of cryptography since Shannon\u27s seminal paper ``Communication Theory of Secrecy Systems\u27\u27 in 1949
- …