Approximate Homomorphic Encryption over the Conjugate-invariant Ring

The Ring Learning with Errors (RLWE) problem over a cyclotomic ring has been the most widely used hardness assumption for the construction of practical homomorphic encryption schemes. However, this restricted choice of a base ring may cause a waste in terms of plaintext space usage. For example, an approximate homomorphic encryption scheme of Cheon et al. (ASIACRYPT 2017) is able to store a complex number in each of the plaintext slots since its canonical embedding of a cyclotomic field has a complex image. The imaginary part of a plaintext is not underutilized at all when the computation is performed over the real numbers, which is required in most of the real-world applications such as machine learning. In this paper, we are proposing a new homomorphic encryption scheme which supports arithmetic over the real numbers. Our scheme is based on RLWE over a subring of a cyclotomic ring called conjugate-invariant ring. We show that this problem is no easier than a standard lattice problem over ideal lattices by the reduction of Peikert et al. (STOC 2017). Our scheme allows real numbers to be packed in a ciphertext without any waste of a plaintext space and consequently we can encrypt twice as many plaintext slots as the previous scheme while maintaining the same security level, storage, and computational costs

Simpler and Faster BFV Bootstrapping for Arbitrary Plaintext Modulus from CKKS

Bootstrapping is a key operation in fully homomorphic encryption schemes that enables the evaluation of arbitrary multiplicative depth circuits. In the BFV scheme, bootstrapping corresponds to reducing the size of accumulated noise in lower bits while preserving the plaintext in the upper bits. The previous instantiation of BFV bootstrapping is achieved through the digit extraction procedure. However, its performance is highly dependent on the plaintext modulus, so only a limited form of the plaintext modulus, a power of a small prime number, was used for the efficiency of bootstrapping. In this paper, we present a novel approach to instantiate BFV bootstrapping, distinct from the previous digit extraction-based method. The core idea of our bootstrapping is to utilize CKKS bootstrapping as a subroutine, so the performance of our method mainly depends on the underlying CKKS bootstrapping rather than the plaintext modulus. We implement our method at a proof-of-concept level to provide concrete benchmark results. When performing the bootstrapping operation for a 51-bits plaintext modulus, our method improves the previous digit extraction-based method by a factor of 37.9 in latency and 29.4 in throughput. Additionally, we achieve viable bootstrapping performance for large plaintext moduli, such as 144-bits and 234-bits, which has never been measured before

Adult Mouse Subventricular Zone Stem and Progenitor Cells Are Sessile and Epidermal Growth Factor Receptor Negatively Regulates Neuroblast Migration

Background: The adult subventricular zone (SVZ) contains stem and progenitor cells that generate neuroblasts throughout life. Although it is well accepted that SVZ neuroblasts are migratory, recent evidence suggests their progenitor cells may also exhibit motility. Since stem and progenitor cells are proliferative and multipotential, if they were also able to move would have important implications for SVZ neurogenesis and its potential for repair. Methodology/Principal Findings: We studied whether SVZ stem and/or progenitor cells are motile in transgenic GFP+ slices with two photon time lapse microscopy and post hoc immunohistochemistry. We found that stem and progenitor cells; mGFAP-GFP+ cells, bright nestin-GFP+ cells and Mash1+ cells were stationary in the SVZ and rostral migratory stream (RMS). In our search for motile progenitor cells, we uncovered a population of motile bIII-tubulin+ neuroblasts that expressed low levels of epidermal growth factor receptor (EGFr). This was intriguing since EGFr drives proliferation in the SVZ and affects migration in other systems. Thus we examined the potential role of EGFr in modulating SVZ migration. Interestingly, EGFr low neuroblasts moved slower and in more tortuous patterns than EGFr-negative neuroblasts. We next questioned whether EGFr stimulation affects SVZ cell migration by imaging Gad65-GFP+ neuroblasts in the presence of transforming growth factor alpha (TGF-a), an EGFr-selective agonist. Indeed, acute exposure to TGF-a decreased the percentage of motile cells by approximately 40%

Toward Practical Lattice-based Proof of Knowledge from Hint-MLWE

In the last decade, zero-knowledge proof of knowledge protocols have been extensively studied to achieve active security of various cryptographic protocols. However, the existing solutions simply seek zero-knowledge for both message and randomness, which is an overkill in many applications since protocols may remain secure even if some information about randomness is leaked to the adversary. We develop this idea to improve the state-of-the-art proof of knowledge protocols for RLWE-based public-key encryption and BDLOP commitment schemes. In a nutshell, we present new proof of knowledge protocols without using noise flooding or rejection sampling which are provably secure under a computational hardness assumption, called Hint-MLWE. We also show an efficient reduction from Hint-MLWE to the standard MLWE assumption. Our approach enjoys the best of two worlds because it has no computational overhead from repetition (abort) and achieves a polynomial overhead between the honest and proven languages. We prove this claim by demonstrating concrete parameters and compare with previous results. Finally, we explain how our idea can be further applied to other proof of knowledge providing advanced functionality

Logistic regression model training based on the approximate homomorphic encryption

Background: Security concerns have been raised since big data became a prominent tool in data analysis. For instance, many machine learning algorithms aim to generate prediction models using training data which contain sensitive information about individuals. Cryptography community is considering secure computation as a solution for privacy protection. In particular, practical requirements have triggered research on the efficiency of cryptographic primitives. Methods: This paper presents a method to train a logistic regression model without information leakage. We apply the homomorphic encryption scheme of Cheon et al. (ASIACRYPT 2017) for an efficient arithmetic over real numbers, and devise a new encoding method to reduce storage of encrypted database. In addition, we adapt Nesterov's accelerated gradient method to reduce the number of iterations as well as the computational cost while maintaining the quality of an output classifier. Results: Our method shows a state-of-the-art performance of homomorphic encryption system in a real-world application. The submission based on this work was selected as the best solution of Track 3 at iDASH privacy and security competition 2017. For example, it took about six minutes to obtain a logistic regression model given the dataset consisting of 1579 samples, each of which has 18 features with a binary outcome variable. Conclusions: We present a practical solution for outsourcing analysis tools such as logistic regression analysis while preserving the data confidentiality

Semi-Parallel logistic regression for GWAS on encrypted data

Background The sharing of biomedical data is crucial to enable scientific discoveries across institutions and improve health care. For example, genome-wide association studies (GWAS) based on a large number of samples can identify disease-causing genetic variants. The privacy concern, however, has become a major hurdle for data management and utilization. Homomorphic encryption is one of the most powerful cryptographic primitives which can address the privacy and security issues. It supports the computation on encrypted data, so that we can aggregate data and perform an arbitrary computation on an untrusted cloud environment without the leakage of sensitive information. Methods This paper presents a secure outsourcing solution to assess logistic regression models for quantitative traits to test their associations with genotypes. We adapt the semi-parallel training method by Sikorska et al., which builds a logistic regression model for covariates, followed by one-step parallelizable regressions on all individual single nucleotide polymorphisms (SNPs). In addition, we modify our underlying approximate homomorphic encryption scheme for performance improvement. Results We evaluated the performance of our solution through experiments on real-world dataset. It achieves the best performance of homomorphic encryption system for GWAS analysis in terms of both complexity and accuracy. For example, given a dataset consisting of 245 samples, each of which has 10643 SNPs and 3 covariates, our algorithm takes about 43 seconds to perform logistic regression based genome wide association analysis over encryption. Conclusions We demonstrate the feasibility and scalability of our solution

Accelerating HE Operations from Key Decomposition Technique

Lattice-based homomorphic encryption (HE) schemes are based on the noisy encryption technique, where plaintexts are masked with some random noise for security. Recent advanced HE schemes rely on a decomposition technique to manage the growth of noise, which involves a conversion of a ciphertext entry into a short vector followed by multiplication with an evaluation key. Prior to this work, the decomposition procedure turns out to be the most time-consuming part, as it requires discrete Fourier transforms (DFTs) over the base ring for efficient polynomial arithmetic. In this paper, an expensive decomposition operation over a large modulus is replaced with relatively cheap operations over a ring of integers with a small bound. Notably, the cost of DFTs is reduced from quadratic to linear with the level of a ciphertext without any extra noise growth. We demonstrate the implication of our approach by applying it to the key-switching procedure. Our experiments show that the new key-switching method achieves a speedup of 1.2--2.3 or 2.1--3.3 times over the previous method, when the dimension of a base ring is $2^{15}$ or $2^{16}$, respectively

Nestin Reporter Transgene Labels Multiple Central Nervous System Precursor Cells

Embryonic neuroepithelia and adult subventricular zone (SVZ) stem and progenitor cells express nestin. We characterized a transgenic line that expresses enhanced green fluorescent protein (eGFP) specified to neural tissue by the second intronic enhancer of the nestin promoter that had several novel features. During embryogenesis, the dorsal telencephalon contained many and the ventral telencephalon few eGFP+ cells. eGFP+ cells were found in postnatal and adult neurogenic regions. eGFP+ cells in the SVZ expressed multiple phenotype markers, glial fibrillary acidic protein, Dlx, and neuroblast-specific molecules suggesting the transgene is expressed through the lineage. eGFP+ cell numbers increased in the SVZ after cortical injury, suggesting this line will be useful in probing postinjury neurogenesis. In non-neurogenic regions, eGFP was strongly expressed in oligodendrocyte progenitors, but not in astrocytes, even when they were reactive. This eGFP+ mouse will facilitate studies of proliferative neuroepithelia and adult neurogenesis, as well as of parenchymal oligodendrocytes