Improving the Efficiency of Homomorphic Encryption Schemes

Hu, Yin

25 April 2013

In this dissertation, we explore different approaches to practical homomorphic encryption schemes. For partial homomorphic encryption schemes, we observe that the versatility is the main bottleneck. To solve this problem, we propose general approaches to improve versatility of them by either extending the range of supported circuits or extending the message space. These general approaches can be applied to a wide range of partial HE schemes and greatly increase the number of applications that they support. For fully homomorphic encryption schemes, the slow running speed and the large ciphertext are the main challenges. Therefore, we propose efficient implementations as well as methods to compress the ciphertext. In detail, the Gentry Halevi FHE scheme and the LTV FHE scheme are implemented and the resulting performance shows significant improvement over previous works. For ciphertext compression, the concept of scheme conversion is proposed. Given a scheme converter, we can convert between schemes with compact ciphertext for communication and homomorphic schemes for computation.

homomorphic encryption

Popping Bubbles: Cryptanalysis of Homomorphic Encryption

Steele, Corre

28 April 2016

Imagine an encryption scheme where it is possible to add and multiply numbers without any knowledge of the numbers. Instead one could manipulate encryptions of the numbers and then the decryption of the result would give the result of the arithmetic on the original numbers. Encryption algorithms with this property are called homomorphic and have various applications in cloud computing. Homomorphic encryption schemes exist but are generally so inefficient that they are not practical. This report introduces a toy cryptosystem called Bubbles: a somewhat homomorphic encryption scheme created by Professor Martin and Professor Sunar at Worcester Polytechnic Institute. We will show that the original scheme is insecure and may be efficiently "popped". We will then examine two variations of the scheme that introduce noise to increase security and show that Bubbles is still vulnerable except when parameters are carefully chosen. However these safe parameter choices make Bubbles more inefficient than other recent homomorphic schemes.

homomorphic encryption

cryptanalysis

Towards practical fully homomorphic encryption

Alperin-Sheriff, Jacob

21 September 2015

Fully homomorphic encryption (FHE) allows for computation of arbitrary func- tions on encrypted data by a third party, while keeping the contents of the encrypted data secure. This area of research has exploded in recent years following Gentry’s seminal work. However, the early realizations of FHE, while very interesting from a theoretical and proof-of-concept perspective, are unfortunately far too inefficient to provide any use in practice. The bootstrapping step is the main bottleneck in current FHE schemes. This step refreshes the noise level present in the ciphertexts by homomorphically evaluating the scheme’s decryption function over encryptions of the secret key. Bootstrapping is necessary in all known FHE schemes in order to allow an unlimited amount of computation, as without bootstrapping, the noise in the ciphertexts eventually grows to a point where decryption is no longer guaranteed to be correct. In this work, we present two new bootstrapping algorithms for FHE schemes. The first works on packed ciphertexts, which encrypt many bits at a time, while the second works on unpacked ciphertexts, which encrypt a single bit at a time. Our algorithms lie at the heart of the fastest currently existing implementations of fully homomorphic encryption for packed ciphertexts and for single-bit encryptions, respectively, running hundreds of times as fast for practical parameters as the previous best implementations.

Homomorphic encryption

Cryptography

Secure computation

Fully homomorphic encryption

Applications of Fully Homomorphic Encryption

Cetin, Gizem S

18 April 2019

Homomorphic encryption has progressed rapidly in both efficiency and versatility since its emergence in 2009. Meanwhile, a multitude of pressing privacy needs --- ranging from cloud computing to healthcare management to the handling of shared databases such as those containing genomics data --- call for immediate solutions that apply fully homomorpic encryption (FHE) and somewhat homomorphic encryption (SHE) technologies. Recent rapid progress in fully homomorphic encryption has catalyzed renewed efforts to develop efficient privacy preserving protocols. Several works have already appeared in the literature that provide solutions to these problems by employing leveled or somewhat homomorphic encryption techniques. Here, we propose efficient ways of adapting the most fundamental programming problems; boolean algebra, arithmetic in binary and higher radix representation, sorting, and search to the fully homomorphic encryption domain by focusing on the multiplicative depth of the circuits alongside the more traditional metrics. The reduced depth allows much reduced noise growth and thereby makes it possible to select smaller parameter sizes in leveled FHE instantiations resulting in greater efficiency savings. We begin by exploring already existing solutions to these programming problems, and analyze them in terms of homomorphic evaluation and memory costs. Most of these algorithms appear to be not the best candidates for FHE solutions, hence we propose new methods and improvements over the existing algorithms to optimize performance.

encrypted computing

fully homomorphic encryption

private computation

Accelerating Cryptosystems on Hardware Platforms

Wang, Wei

13 April 2014

In the past decade, one of the major breakthroughs in computer science theory is the first construction of fully homomorphic encryption (FHE) scheme introduced by Gentry. Using a FHE one may perform an arbitrary numbers of computations directly on the encrypted data without revealing of the secret key. Therefore, a practical FHE provides an invaluable security application for emerging technologies such as cloud computing and cloud-based storage. However, FHE is far from real life deployment due to serious efficiency impediments. The main part of this dissertation focuses on accelerating the existing FHE schemes using GPU and hardware design to make them more efficient and practical towards real-life applications. Another part of this dissertation is for the hardware design of the large key-size RSA cryptosystem. As the Moore law continues driving the computer technology, the key size of the Rivest-Shamir-Adelman (RSA) encryption is necessary to be upgraded to 2048, 4096 or even 8192 bits to provide higher level security. In this dissertation, the FFT multiplication is employed for the large-size RSA hardware design instead of using the traditional interleaved Montgomery multiplication to show the feasibility of the FFT multiplication for large-size RSA design.

RSA

VLSI

Fully homomorphic encryption

GPU

CRT Based Somewhat Homomorphic Encryption Over the Integers

Alzahrani, Ali Saeed

24 April 2015

Over the last decade, the demand for privacy and data confidentiality in communication and storage processes have increased exponentially. Cryptography can be the solution for this demand. However, the critical issue occurs when there is a need for computing publicly on sensitive information or delegating computation to untrusted machines. This must be done in such a way that preserves the information privacy and accessibility. For this reason, we need an encryption algorithm that allows computation on information without revealing details about them. In 1978 Rivest, Adleman and Dertouzos raised a crucial question: can we use a special privacy homomorphism to encrypt the data and do an unlimited computations on it while it remains encrypted without the necessity of decrypting it? Researchers made extensive efforts to achieve such encryption algorithm. In this paper, we introduce the implementation of the CRT-based somewhat homomorphic encryption over the integers scheme. The main goal is to provide a proof of concept of this new and promising encryption algorithm. / Graduate

Homomorphic Encryption

CRT Based

Over the Integers

Méthodes de calculs sur les données chiffrées / Outsourcing computation on encrypted data

Paindavoine, Marie

27 January 2017

L'annonce de l'essor du chiffrement des données se heurte à celle de l'avènement du "big data". Il n'est maintenant plus suffisant d'envoyer et de recevoir des données, il faut pouvoir les analyser, les exploiter ou encore les partager à grande échelle. Or, les données à protéger sont de plus en plus nombreuses, notamment avec la prise de conscience de l'impact qu'ont les nouvelles technologies (smartphones, internet of things, cloud,...) sur la vie privée des utilisateurs. En rendant ces données inaccessibles, le chiffrement bloque a priori les fonctionnalités auxquelles les utilisateurs et les fournisseurs de service sont habitués. Pour rétablir ces fonctionnalités, il est nécessaire de savoir calculer des fonctions de données chiffrées, et cette thèse explore plusieurs pistes dans ce sens. Dans une première partie, nous nous intéressons au chiffrement totalement homomorphe qui permet de réaliser des calculs arbitraires sur les données chiffrées. Ce type de chiffrement est cependant particulièrement coûteux, notamment à cause de l'appel souvent nécessaire à une procédure très coûteuse : le réamorçage. Nous prouvons ici que minimiser le nombre de réamorçages est un problème NP-complet et donnons une méthode pratique pour approximer ce minimum. Dans une seconde partie, nous étudions des schémas dédiés à une fonctionnalité donnée. Le premier cas d'usage considéré est celui de la déduplication vérifiable de données chiffrées. Il s'agit pour un serveur de stockage externe d'être assuré qu'il ne conserve qu'un seul exemplaire de chaque fichier, même si ceux-ci sont chiffrés, ce qui lui permet d'optimiser l'usage de ses ressources mémoires. Ensuite, nous proposons un schéma de chiffrement cherchable permettant de détecter des intrusions dans un réseau de télécommunications chiffrés. En effet, le travail d'inspection du réseau par des moteurs d'analyse est actuellement entravé par la croissance du trafic chiffré. Les résultats obtenus permettent ainsi d'assurer la confidentialité des échanges tout en garantissant l'absence d'intrusions malveillantes dans le trafic / Nowadays, encryption and services issued of ``big data" are at odds. Indeed, encryption is about protecting users privacy, while big data is about analyzing users data. Being increasingly concerned about security, users tend to encrypt their sensitive data that are subject to be accessed by other parties, including service providers. This hinders the execution of services requiring some kind of computation on users data, which makes users under obligation to choose between these services or their private life. We address this challenge in this thesis by following two directions.In the first part of this thesis, we study fully homomorphic encryption that makes possible to perform arbitrary computation on encrypted data. However, this kind of encryption is still inefficient, and this is due in part to the frequent execution of a costly procedure throughout evaluation, namely the bootstrapping. Thus, efficiency is inversely proportional to the number of bootstrappings needed to evaluate functions on encrypted data. In this thesis, we prove that finding such a minimum is NP-complete. In addition, we design a new method that efficiently finds a good approximation of it. In the second part, we design schemes that allow a precise functionality. The first one is verifiable deduplication on encrypted data, which allows a server to be sure that it keeps only one copy of each file uploaded, even if the files are encrypted, resulting in an optimization of the storage resources. The second one is intrusion detection over encrypted traffic. Current encryption techniques blinds intrusion detection services, putting the final user at risks. Our results permit to reconcile users' right to privacy and their need of keeping their network clear of all intrusion

Cryptographie

Chiffrement homomorphe

Cryptography

Homomorphic encryption

004.21

Homomorphic Encryption: Working and Analytical Assessment : DGHV, HElib, Paillier, FHEW and HE in cloud security

Papisetty, Srinivas Divya

January 2017

Context: Secrecy has kept researchers spanning over centuries engaged in the creation of data protection techniques. With the growing rate of data breach and intervention of adversaries in confidential data storage and communication, efficient data protection has found to be a challenge. Homomorphic encryption is one such data protection technique in the cryptographic domain which can perform arbitrary computations on the enciphered data without disclosing the original plaintext or message. The first working fully homomorphic encryption scheme was proposed in the year 2009 and since then there has been a tremendous increase in the development of homomorphic encryption schemes such that they can be applied to a wide range of data services that demand security. All homomorphic encryption schemes can be categorized as partially homomorphic (PHE), somewhat homomorphic (SHE), leveled Homomorphic (LHE), and fully homomorphic encryption (FHE). Each encryption algorithm has its own importance and usage in different realms of security. DHGV, Paillier, HElib, and FHEW are the algorithms chosen in this study considering their wide usage and scope for further advancement in this subject area. A public-key algorithm named RSA is also chosen for comparison of the impact of HE and PKE (Public-key encryption) algorithm on the CPU and Memory. The utilization of various homomorphic schemes and concepts in the trending cloud storage systems is a prevailing field of research and can be expanded further by knowing the current state-of-the-art of homomorphic encryption. Hence, the necessity of comprehending the knowledge of homomorphic encryption schemes and their aspect in cloud security becomes vital. Objectives: The objective of this study is to analytically assess homomorphic encryption and various homomorphic encryption schemes. A comprehensive investigation on working and performance of the selected HE schemes is another objective of this research. Also, an experiment to run publicly available libraries of DGHV, Paillier, HElib, and FHEW is one of the main objectives. In addition to these, comprehending the impact of HE and PKE on CPU and Memory is also among the objectives of the study. The role and practice of homomorphic encryption in the cloud storage system are among the secondary objectives of this research in terms of securing confidential data. These objectives are set based on the research gap identified by conducting an exhaustive literature review. Methods: The objectives of this study are achieved by adopting the methods exhaustive literature review and experiment. Scientific databases such as IEEE Xplore, ACM Digital Library, Inspec, Springer Link etc. are used and literature is accordingly selected based on the relevance to the research topic. An exhaustive literature review is conducted and extensive bibliographic research is done to accomplish the objective of comprehending the working, applications, significance of homomorphic encryption. Apart from literature review, bibliographic research, an experiment is also conducted to run the publicly available homomorphic encryption libraries to evaluate, compare, and analyze the performance of DGHV, Paillier, HElib, and FHEW schemes. Experiment to run publicly available PKE algorithm is also conducted. Finally, the conclusion and outcome by adopting these research methods for accomplishing the objectives are theoretically presented in detail. Results: By conducting an exhaustive literature review, the importance, working, application of homomorphic encryption and its schemes is discerned. And by conducting an experiment, the impact of HE and PKE is also discerned. Apart from this, the limitations of HE and selected HE schemes along with the distinction between public and private key cryptography is understood by finding and mapping in connection with each other. From the experiment conducted, it is examined that despite the encryption libraries being publicly available for use, the possibility of running and employing few libraries successfully is remarkably low inferring that there is much improvement needed in this cryptographic discipline. Conclusions: From this research, it can be concluded that homomorphic encryption has a wide scope of extending towards efficiency and application in various fields concerned with data protection. It can also me concluded that the experimental assessment of state of the art of few HE schemes libraries that are available online are remarkably impractical for real-time practice. By analyzing the selected ii schemes, it can be concluded few HE schemes do not support any other operations on encrypted data other than addition and multiplication due to which chances of increasing noise for each encryption is relatively high. From the experiment conducted for Paillier encryption (HE) and RSA (PKE) encryption, it is concluded that both the schemes increase linearly with an increase in the input size when CPU and Memory utilization is measured. Apart from these conclusions, it can also be inferred that not all the homomorphic encryption algorithms are IND-CCA1 and IND-CCA2 secure. From this study, it can be deduced that more empirical validation and analysis of HE algorithms is required in terms of their performance and security. In order to address these problems, much research and improvement are required as it inferred from the results of this research that Homomorphic encryption is still in its early stage of development and enormous utility can be anticipated when enhanced correctly.

Homomorphic encryption

Homomorphic Encryption Schemes

Cloud security

Cryptography

Computer Sciences

Datavetenskap (datalogi)

Lattice-based digital signature and discrete gaussian sampling

Ricosset, Thomas

12 November 2018

Lattice-based cryptography has generated considerable interest in the last two decades due toattractive features, including conjectured security against quantum attacks, strong securityguarantees from worst-case hardness assumptions and constructions of fully homomorphicencryption schemes. On the other hand, even though it is a crucial part of many lattice-basedschemes, Gaussian sampling is still lagging and continues to limit the effectiveness of this newcryptography. The first goal of this thesis is to improve the efficiency of Gaussian sampling forlattice-based hash-and-sign signature schemes. We propose a non-centered algorithm, with aflexible time-memory tradeoff, as fast as its centered variant for practicable size of precomputedtables. We also use the Rényi divergence to bound the precision requirement to the standarddouble precision. Our second objective is to construct Falcon, a new hash-and-sign signaturescheme, based on the theoretical framework of Gentry, Peikert and Vaikuntanathan for latticebasedsignatures. We instantiate that framework over NTRU lattices with a new trapdoor sampler.

Cryptography

Lattices

Gaussian sampling

Digital signature

Fully homomorphic encryption

New Approaches for Efficient Fully Homomorphic Encryption

Doroz, Yarkin

14 June 2017

" In the last decade, cloud computing became popular among companies for outsourcing some of their services. Companies use cloud services to store crucial information such as financial and client data. Cloud services are not only cost effective but also easier to manage since the companies avoid maintenance of servers. Although cloud has its advantages, maintaining the security is a big concern. Cloud services might not have any malicious intent, but attacks targeting cloud systems could easily steal vital data belong to the companies. The only protection that assures the security of the information is a strong encryption. However, these schemes only protects the information but prevent you to do any computation on the data. This was an open problem for more than 30 years and it has been solved recently by the introduction of the first fully homomorphic encryption (FHE) scheme by Gentry. The FHE schemes allow you to do arbitrary computation on an encrypted data by still preserving the encryption. Namely, the message is not revealed (decrypted) at any given time while computing the arbitrary circuit. However, the first FHE scheme is not practical for any practical application. Later, numerous research work has been published aiming at making fully homomorphic encryption practical for daily use, but still they were too inefficient to be used in everyday practical applications. In this dissertation we tackle the efficiency problems of fully homomorphic encryption (FHE) schemes. We propose two new FHE schemes that improve the storage requirement and runtime performance. The first scheme (Doröz, Hu and Sunar) reduces the size of the evaluation keys in existing NTRU based FHE schemes. In the second scheme (F-NTRU) we designed an NTRU based FHE scheme which is not only free of costly evaluation keys but also competitive in runtime performance. We further proposed two hardware accelerators to increase the performance of arithmetic operations underlying the schemes. The first accelerator is a custom hardware architecture for realizing the Gentry-Halevi fully homomorphic encryption scheme. This contribution presents the first full realization of FHE in hardware. The architecture features an optimized multi-million bit multiplier based on the Schönhage-Strassen multiplication algorithm. Moreover, a number of optimizations including spectral techniques as well as a precomputation strategy is used to significantly improve the performance of the overall design. The other accelerator is optimized for a class of reconfigurable logic for somewhat homomorphic encryption (SWHE) based schemes. Our design works as a co-processor: the most compute-heavy operations are offloaded to this specialized hardware. The core of our design is an efficient polynomial multiplier as it is the most compute-heavy operation of our target scheme. The presented architecture can compute the product of very-large polynomials more efficiently than software implementations on CPUs. Finally, to assess the performance of proposed schemes and hardware accelerators we homomorphically evaluate the AES and the Prince block ciphers. We introduce various optimizations including a storage-runtime trade-off. Our benchmarking results show significant speedups over other existing instantiations. Also, we present a private information retrieval (PIR) scheme based on a modified version of Doröz, Hu and Sunar’s homomorphic scheme. The scheme is capable of privately retrieving data from a database containing 4 billion entries. We achieve asymptotically lower bandwidth cost compared to other PIR schemes which makes it more practical. "

fully homomorphic encryption

large integer multiplier

fhe hardware design