Advertisement

High-Precision Arithmetic in Homomorphic Encryption

  • Hao Chen
  • Kim Laine
  • Rachel Player
  • Yuhou Xia
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10808)

Abstract

In most RLWE-based homomorphic encryption schemes the native plaintext elements are polynomials in a ring \(\mathbb {Z}_t[x]/(x^n+1)\), where n is a power of 2, and t an integer modulus. For performing integer or rational number arithmetic, one typically uses an encoding scheme which converts the inputs to polynomials, and allows the result of the homomorphic computation to be decoded to recover the result as an integer or rational number, respectively. The problem is that the modulus t often needs to be extremely large to prevent the plaintext polynomial coefficients from being reduced modulo t during the computation, which is a requirement for the decoding operation to work correctly. This results in larger noise growth, and prevents the evaluation of deep circuits, unless the encryption parameters are significantly increased.

We combine a trick of Hoffstein and Silverman, where the modulus t is replaced by a polynomial \(x-b\), with the Fan-Vercauteren homomorphic encryption scheme. This yields a new scheme with a very convenient plaintext space \(\mathbb {Z}/(b^n+1)\mathbb {Z}\). We then show how rational numbers can be encoded as elements of this plaintext space, enabling homomorphic evaluation of deep circuits with high-precision rational number inputs. We perform a fair and detailed comparison to the Fan-Vercauteren scheme with the Non-Adjacent Form encoder, and find that the new scheme significantly outperforms this approach. For example, when the new scheme allows us to evaluate circuits of depth 9 with 32-bit integer inputs, in the same parameter setting the Fan-Vercauteren scheme only allows us to go up to depth 2. We conclude by discussing how known applications can benefit from the new scheme.

Keywords

Homomorphic encryption Encoding Encrypted arithmetic 

References

  1. 1.
    Albrecht, M.R.: On dual lattice attacks against small-secret LWE and parameter choices in HElib and SEAL. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 103–129. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56614-6_4 CrossRefGoogle Scholar
  2. 2.
    Albrecht, M.R., Göpfert, F., Virdia, F., Wunderer, T.: Revisiting the expected cost of solving uSVP and applications to LWE. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 297–322. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70694-8_11 CrossRefGoogle Scholar
  3. 3.
    Albrecht, M.R., Player, R., Scott, S.: On the concrete hardness of learning with errors. J. Math. Cryptol. 9(3), 169–203 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Arita, S., Nakasato, S.: Fully homomorphic encryption for point numbers. In: Chen, K., Lin, D., Yung, M. (eds.) Inscrypt 2016. LNCS, vol. 10143, pp. 253–270. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-54705-3_16 CrossRefGoogle Scholar
  5. 5.
    Armknecht, F., Boyd, C., Carr, C., Gjøsteen, K., Jäschke, A., Reuter, C.A., Strand, M.: A guide to fully homomorphic encryption. Cryptology ePrint Archive, Report 2015/1192 (2015)Google Scholar
  6. 6.
    Benhamouda, F., Lepoint, T., Mathieu, C., Zhou, H.: Optimization of bootstrapping in circuits. In: SODA, pp. 2423–2433 (2017)Google Scholar
  7. 7.
    Bonte, C., Bootland, C., Bos, J.W., Castryck, W., Iliashenko, I., Vercauteren, F.: Faster homomorphic function evaluation using non-integral base encoding. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 579–600. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66787-4_28 CrossRefGoogle Scholar
  8. 8.
    Bos, J.W., Castryck, W., Iliashenko, I., Vercauteren, F.: Privacy-friendly forecasting for the smart grid using homomorphic encryption and the group method of data handling. In: Joye, M., Nitaj, A. (eds.) AFRICACRYPT 2017. LNCS, vol. 10239, pp. 184–201. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-57339-7_11 CrossRefGoogle Scholar
  9. 9.
    Bos, J.W., Lauter, K., Loftus, J., Naehrig, M.: Improved security for a ring-based fully homomorphic encryption scheme. In: Stam, M. (ed.) IMACC 2013. LNCS, vol. 8308, pp. 45–64. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-45239-0_4 CrossRefGoogle Scholar
  10. 10.
    Bos, J.W., Lauter, K.E., Naehrig, M.: Private predictive analysis on encrypted medical data. J. Biomed. Inform. 50, 234–243 (2014)CrossRefGoogle Scholar
  11. 11.
    Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: ITCS, pp. 309–325 (2012)Google Scholar
  12. 12.
    Brakerski, Z., Vaikuntanathan, V.: Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 505–524. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_29 CrossRefGoogle Scholar
  13. 13.
    Brenner, M., Rohloff, K. (eds.) Proceedings of WAHC 2017 - 5th Workshop on Encrypted Computing and Applied Homomorphic Cryptography (2017)Google Scholar
  14. 14.
    Chen, H., Laine, K., Player, R.: Simple encrypted arithmetic library - SEAL. In: Brenner and Rohloff [13]Google Scholar
  15. 15.
    Chen, H., Laine, K., Player, R., Xia, Y.: High-precision arithmetic in homomorphic encryption. Cryptology ePrint Archive, Report 2017/809 (2017)Google Scholar
  16. 16.
    Cheon, J.H., Jeong, J., Lee, J., Lee, K.: Privacy-preserving computations of predictive medical models with minimax approximation and non-adjacent form. In: Brenner and Rohloff [13]Google Scholar
  17. 17.
    Cheon, J.H., Kim, A., Kim, M., Song, Y.: Homomorphic encryption for arithmetic of approximate numbers. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 409–437. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70694-8_15 CrossRefGoogle Scholar
  18. 18.
    Chillotti, I., Gama, N., Georgieva, M., Izabachène, M.: Faster fully homomorphic encryption: bootstrapping in less than 0.1 seconds. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 3–33. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53887-6_1 CrossRefGoogle Scholar
  19. 19.
    Costache, A., Smart, N.P.: Which ring based somewhat homomorphic encryption scheme is best? In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 325–340. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-29485-8_19 CrossRefGoogle Scholar
  20. 20.
    Costache, A., Smart, N.P., Vivek, S., Waller, A.: Fixed-point arithmetic in SHE schemes. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 401–422. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-69453-5_22 CrossRefGoogle Scholar
  21. 21.
    Dowlin, N., Gilad-Bachrach, R., Laine, K., Lauter, K.E., Naehrig, M., Wernsing, J.: Manual for using homomorphic encryption for bioinformatics. Proc. IEEE 105(3), 552–567 (2017)Google Scholar
  22. 22.
    Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. Cryptology ePrint Archive, Report 2012/144 (2012)Google Scholar
  23. 23.
    Geihs, M., Cabarcas, D.: Efficient integer encoding for homomorphic encryption via ring isomorphisms. In: Aranha, D.F., Menezes, A. (eds.) LATINCRYPT 2014. LNCS, vol. 8895, pp. 48–63. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-16295-9_3 Google Scholar
  24. 24.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)Google Scholar
  25. 25.
    Gentry, C., Halevi, S., Smart, N.P.: Homomorphic evaluation of the AES circuit. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 850–867. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_49 CrossRefGoogle Scholar
  26. 26.
    Gentry, C., Sahai, A., Waters, B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 75–92. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40041-4_5 CrossRefGoogle Scholar
  27. 27.
    Gilad-Bachrach, R., Dowlin, N., Laine, K., Lauter, K.E., Naehrig, M., Wernsing, J.: CryptoNets: applying neural networks to encrypted data with high throughput and accuracy. In: ICML, pp. 201–210 (2016)Google Scholar
  28. 28.
    Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0054868 CrossRefGoogle Scholar
  29. 29.
    Hoffstein, J., Silverman, J.: Optimizations for NTRU. In: Proceedings of the International Conference on Public-Key Cryptography and Computational Number Theory (2001). https://assets.securityinnovation.com/static/downloads/NTRU/resources/TECH_ARTICLE_OPT.pdf
  30. 30.
    Khedr, A., Gulak, G., Vaikuntanathan, V.: SHIELD: scalable homomorphic implementation of encrypted data-classifiers. IEEE Trans. Comput. 65(9), 2848–2858 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  31. 31.
    Laine, K., Chen, H., Player, R.: Simple encrypted arithmetic library - SEAL v2.2. Technical report (2017)Google Scholar
  32. 32.
    Lauter, K., López-Alt, A., Naehrig, M.: Private computation on encrypted genomic data. In: Aranha, D.F., Menezes, A. (eds.) LATINCRYPT 2014. LNCS, vol. 8895, pp. 3–27. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-16295-9_1 Google Scholar
  33. 33.
    Lepoint, T., Naehrig, M.: A comparison of the homomorphic encryption schemes FV and YASHE. In: Pointcheval, D., Vergnaud, D. (eds.) AFRICACRYPT 2014. LNCS, vol. 8469, pp. 318–335. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-06734-6_20 CrossRefGoogle Scholar
  34. 34.
    Lindner, R., Peikert, C.: Better key sizes (and attacks) for LWE-based encryption. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 319–339. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19074-2_21 CrossRefGoogle Scholar
  35. 35.
    López-Alt, A., Naehrig, M.: Large integer plaintexts in ring-based fully homomorphic encryption (2014, unpublished)Google Scholar
  36. 36.
    Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. J. ACM (JACM) 60(6), 43 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  37. 37.
    Aguilar-Melchor, C., Barrier, J., Guelton, S., Guinet, A., Killijian, M.-O., Lepoint, T.: NFLlib: NTT-based fast lattice library. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 341–356. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-29485-8_20 CrossRefGoogle Scholar
  38. 38.
    Naehrig, M., Lauter, K.E., Vaikuntanathan, V.: Can homomorphic encryption be practical? In: CCSW, pp. 113–124 (2011)Google Scholar
  39. 39.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM (JACM) 56(6), 34 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  40. 40.
    Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. Found. Secur. Comput. 4(11), 169–180 (1978)MathSciNetGoogle Scholar
  41. 41.
    Smart, N.P., Vercauteren, F.: Fully homomorphic SIMD operations. Des. Codes Crypt. 71(1), 57–81 (2014)CrossRefzbMATHGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Microsoft ResearchRedmondUSA
  2. 2.Royal Holloway, University of LondonEghamUK
  3. 3.Princeton UniversityPrincetonUSA

Personalised recommendations