Flexible HLS-Based Implementation of the Karatsuba Multiplier Targeting Homomorphic Encryption Schemes

Custom accelerators for high-precision integer arithmetic are increasingly used in compute-intensive applications, in particular homomorphic encryption schemes. This work seeks to advance a strategy for faster deployment of these accelerators using the process of high-level synthesis (HLS). Insights from existing number theory software libraries and custom hardware accelerators are used to develop a scalable implementation of Karatsuba modular polynomial multiplication. The accelerator generated from this implementation by the high-level synthesis tool Vivado HLS achieves significant speedup over the implementations available in the highly-optimized FLINT software library. This is an important first step towards a larger goal of enabling HLS-based homomorphic encryption in the cloud

Accelerating Homomorphic Encryption in the Cloud Environment through High-Level Synthesis and Reconfigurable Resources

The recent surge in cloud services is revolutionizing the way that data is stored and processed. Everyone with an internet connection, from large corporations to small companies and private individuals, now have access to cutting-edge processing power and vast amounts of data storage. This rise in cloud computing and storage, however, has brought with it a need for a new type of security. In order to have access to cloud services, users must allow the service provider to have full access to their private, unencrypted data. Users are required to trust the integrity of the service provider and the security of its data centers. The recent development of fully homomorphic encryption schemes can offer a solution to this dilemma. These algorithms allow encrypted data to be used in computations without ever stripping the data of the protection of encryption. Unfortunately, the demanding memory requirements and computational complexity of the proposed schemes has hindered their wide-scale use. Custom hardware accelerators for homomorphic encryption could be implemented on the increasing number of reconfigurable hardware resources in the cloud, but the long development time required for these processors would lead to high production costs. This research seeks to develop a strategy for faster development of homomorphic encryption hardware accelerators using the process of High-Level Synthesis. Insights from existing number theory software libraries and custom hardware accelerators are used to develop a scalable, proof-of-concept software implementation of Karatsuba modular polynomial multiplication. This implementation was designed to be used with High-Level Synthesis to accelerate the large modular polynomial multiplication operations required by homomorphic encryption. The accelerator generated from this implementation by the High-Level Synthesis tool Vivado HLS achieved significant speedup over the implementations available in the highly-optimized FLINT software library

Homomorphic Data Isolation for Hardware Trojan Protection

The interest in homomorphic encryption/decryption is increasing due to its excellent security properties and operating facilities. It allows operating on data without revealing its content. In this work, we suggest using homomorphism for Hardware Trojan protection. We implement two partial homomorphic designs based on ElGamal encryption/decryption scheme. The first design is a multiplicative homomorphic, whereas the second one is an additive homomorphic. We implement the proposed designs on a low-cost Xilinx Spartan-6 FPGA. Area utilization, delay, and power consumption are reported for both designs. Furthermore, we introduce a dual-circuit design that combines the two earlier designs using resource sharing in order to have minimum area cost. Experimental results show that our dual-circuit design saves 35% of the logic resources compared to a regular design without resource sharing. The saving in power consumption is 20%, whereas the number of cycles needed remains almost the sam

Performance Development for Securing the Data Sharing Services in Cloud Storage using Hybrid Encryption

Information sharing among more numbers of users especially the end clients. Preferable people will use famous and financially savvy cloud-based help for associations to share information with clients, and accomplices need of insider clients. This sort of administration further develops information accessibility and I/O execution by delivering and dispersing copies of shared information. Notwithstanding, such a strategy expands the capacity/network assets usage. At present, the Organizations have another choice to re-appropriate their monstrous information in the cloud without stressing over the size of information or the limit of memory. Be that as it may, moving classified and delicate information from believed person, area of the information proprietors by sharing with the public cloud will cause different security and protection chances. Moreover, the expanding measure of huge information reevaluated in the cloud builds the possibility to penetrate the protection and security of these data. Despite all the exploration that has been done around here, enormous information stockpiling security and security stays one of the main issues of associations that embrace computing and huge information technologies

Enhancing data security in cloud using random pattern fragmentation and a distributed nosql database

© 2019 IEEE. The cloud computing model has become very popular among users, as it has proven to be a cost-effective solution to store and process data, thanks to recent advancements in virtualization and distributed computing. Nevertheless, in the cloud environment, the user entrusts the safekeeping of its data entirely to the provider, which introduces the problem of how secure such data is and whether its integrity has been maintained. This paper proposes an approach to the data security in cloud by utilizing a random pattern fragmentation algorithm and combining it with a distributed NoSQL database. This not only increases the security of the data by storing it in different nodes and scramble all the bytes, but also allows the user to implement an alternative method of securing data. The performance of the approach is compared to other approaches, along with AES 256 encryption. Results indicate a significant performance improvement over encryption, highlighting the capabilities of this method for cloud stored data, as it creates a layer of protection without additional overhead

Practical Aspects of Using Fully Homomorphic Encryption Systems to Protect Cloud Computing

Fully homomorphic encryption schemes are the most promising area of cryptographic information security, particularly in cloud computing. Over the last ten years, Fully Homomorphic Encryption (FHE) has moved from a theoretical idea to practical implementation in real-world cryptographic applications. The concept of homomorphic encryption is ideal for providing secure cloud computing, where user data will never be in plaintext at any stage of its processing. However, there are still many problems related to the performance and complexity of computing that need to be overcome. To confirm the effectiveness of homomorphic encryption in the cloud, a cryptographic cloud computing protection application based on homomorphic encryption was developed. Based on a detailed analysis of existing FHEs, studying their mathematical apparatus, and classifying them according to various criteria, two schemes were selected for implementation in the application—CKKS and BFV, which allow to performance of homomorphic processing of encrypted data. The proposed solution demonstrates a new approach to the design of FHE applications, where the user independently chooses the parameters for implementing the FHE scheme, according to his requirements. The proposed test local server allows to testing of selected scheme parameters by combining the execution of various homomorphic computations. Based on the tests, it is possible to customize the proposed application according to one’s tasks, sacrificing performance and security for the ability to perform more complex homomorphic computations, or vice versa, or even to maintain a balance between them

A Survey on Homomorphic Encryption Schemes: Theory and Implementation

Legacy encryption systems depend on sharing a key (public or private) among the peers involved in exchanging an encrypted message. However, this approach poses privacy concerns. Especially with popular cloud services, the control over the privacy of the sensitive data is lost. Even when the keys are not shared, the encrypted material is shared with a third party that does not necessarily need to access the content. Moreover, untrusted servers, providers, and cloud operators can keep identifying elements of users long after users end the relationship with the services. Indeed, Homomorphic Encryption (HE), a special kind of encryption scheme, can address these concerns as it allows any third party to operate on the encrypted data without decrypting it in advance. Although this extremely useful feature of the HE scheme has been known for over 30 years, the first plausible and achievable Fully Homomorphic Encryption (FHE) scheme, which allows any computable function to perform on the encrypted data, was introduced by Craig Gentry in 2009. Even though this was a major achievement, different implementations so far demonstrated that FHE still needs to be improved significantly to be practical on every platform. First, we present the basics of HE and the details of the well-known Partially Homomorphic Encryption (PHE) and Somewhat Homomorphic Encryption (SWHE), which are important pillars of achieving FHE. Then, the main FHE families, which have become the base for the other follow-up FHE schemes are presented. Furthermore, the implementations and recent improvements in Gentry-type FHE schemes are also surveyed. Finally, further research directions are discussed. This survey is intended to give a clear knowledge and foundation to researchers and practitioners interested in knowing, applying, as well as extending the state of the art HE, PHE, SWHE, and FHE systems.Comment: - Updated. (October 6, 2017) - This paper is an early draft of the survey that is being submitted to ACM CSUR and has been uploaded to arXiv for feedback from stakeholder