nach oben

Designs, Codes and Cryptography

Erschienen in:

01.08.2016

Homomorphic AES evaluation using the modified LTV scheme

verfasst von: Yarkın Doröz, Yin Hu, Berk Sunar

Erschienen in: Designs, Codes and Cryptography | Ausgabe 2/2016

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Since its introduction more than a decade ago the homomorphic properties of the NTRU encryption scheme have gone largely ignored. A variant of NTRU proposed by Stehlé and Steinfeld was recently extended into a full fledged multi-key fully homomorphic encryption scheme by López-Alt, Tromer and Vaikuntanathan (LTV). This NTRU based FHE presents a viable alternative to the currently dominant BGV style FHE schemes. While the scheme appears to be more efficient, a full implementation and comparison to BGV style implementations has been missing in the literature. In this work, we develop a customized implementation of the LTV. First parameters are selected to yield an efficient and yet secure LTV instantiation. We present an analysis of the noise growth that allows us to formulate a modulus cutting strategy for arbitrary circuits. Furthermore, we introduce a specialization of the ring structure that allows us to drastically reduce the public key size making evaluation of deep circuits such as the AES block cipher viable on a standard computer with a reasonable amount of memory. Moreover, with the modulus specialization the need for key switching is eliminated. Finally, we present a generic bit-sliced implementation of the LTV scheme that embodies a number of optimizations. To assess the performance of the scheme we homomorphically evaluate the full 10 round AES circuit in 29 h with 2048 message slots resulting in 51 s per AES block evaluation time.

Vorheriger Artikel Characterising pointsets in that correspond to conics

Nächster Artikel Squaring attacks on McEliece public-key cryptosystems using quasi-cyclic codes of even dimension

Ignoring those terms will result in a more conservative estimation.

Gentry C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, Ser. STOC ’09, pp. 169–178. ACM, New York (2009).

Rivest R., Adleman L., Dertouzos M.: On Data Banks and Privacy Homomorphisms, pp. 169–177. Academic Press, New York (1978).

Gentry C., Halevi S.: Implementing gentrys fully-homomorphic encryption scheme. In: Paterson K. (ed.) Advances in Cryptology (EUROCRYPT 2011). Lecture Notes in Computer Science, vol. 6632, pp. 129–148. Springer, Berlin (2011).

Wang W., Hu Y., Chen L., Huang X., Sunar B.: Accelerating fully homomorphic encryption using GPU. In: High Performance Extreme Computing (HPEC), Sept 2012, pp. 1–5 (2012).

Brakerski Z., Gentry C., Vaikuntanathan V.: (leveled) fully homomorphic encryption without bootstrapping. In: Proceedings of the 3rd Innovations in Theoretical Computer Science Conference (ITCS ’12), pp. 309–325. ACM, New York (2012).

Gentry C., Halevi S., Smart N.: Homomorphic evaluation of the AES circuit. In: Safavi-Naini R., Canetti R. (eds.) Advances in Cryptology (CRYPTO 2012). Lecture Notes in Computer Science, vol. 7417, pp. 850–867. Springer, Berlin (2012). doi:10.1007/978-3-642-32009-5_49.

Gentry C., Halevi S., Smart N.: Fully homomorphic encryption with polylog overhead. In: Pointcheval D., Johansson T. (eds.) Advances in Cryptology (EUROCRYPT 2012). Lecture Notes in Computer Science, vol. 7237, pp. 465–482. Springer, Berlin (2012). doi:10.1007/978-3-642-29011-4_28.

Smart N., Vercauteren F.: Fully homomorphic SIMD operations. Des. Codes Cryptogr. 71(1), 57–81, (2014). doi:10.1007/s10623-012-9720-4.

López-Alt A., Tromer E., Vaikuntanathan V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: Proceedings of the 44th Annual ACM Symposium on Theory of Computing (STOC ’12), pp. 1219–1234. ACM, New York (2012).

10.

Hoffstein J., Pipher J., Silverman J.: NTRU: a ring-based public key cryptosystem. In: Buhler J. (ed.) Algorithmic Number Theory. Lecture Notes in Computer Science, vol. 1423, pp. 267–288. Springer, Berlin. doi:10.1007/BFb0054868.

11.

Stehl D., Steinfeld R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson K. (ed.) Advances in Cryptology (EUROCRYPT 2011). Lecture Notes in Computer Science, vol. 6632, pp. 27–47. Springer, Berlin (2011). doi:10.1007/978-3-642-20465-4_4.

12.

Bos J., Lauter K., Loftus J., Naehrig M.: Improved security for a ring-based fully homomorphic encryption scheme. In: Stam M. (ed.) Cryptography and Coding. Lecture Notes in Computer Science, vol. 8308, pp. 45–64. Springer, Berlin (2013). doi:10.1007/978-3-642-45239-0_4.

13.

Brakerski Z.: Fully homomorphic encryption without modulus switching from classical gapSVP. In: Safavi-Naini R., Canetti R. (eds.) Advances in Cryptology (CRYPTO 2012). Lecture Notes in Computer Science, vol. 7417, pp. 868–886. Springer, Berlin (2012). doi:10.1007/978-3-642-32009-5_50.

14.

Micciancio D., Regev O.: Worst-case to average-case reductions based on gaussian measures. SIAM J. Comput. 37(1), 267–302 (2007). doi:10.1137/S0097539705447360.

15.

Lyubashevsky V., Peikert C., Regev O.: On ideal lattices and learning with errors over rings. In: Gilbert H. (ed.) Advances in Cryptology (EUROCRYPT 2010). Lecture Notes in Computer Science, vol. 6110, pp. 1–23. Springer, Berlin (2010). doi:10.1007/978-3-642-13190-5_1.

16.

Micciancio D., Regev O.: Lattice-based cryptography. In: Bernstein D., Buchmann J., Dahmen E. (eds.) Post-quantum Cryptography, pp. 147–191. Springer, Berlin (2009). doi:10.1007/978-3-540-88702-7_5.

17.

Lindner R., Peikert C.: Better key sizes (and attacks) for LWE-based encryption. In: Kiayias A. (ed.) Topics in Cryptology (CT-RSA 2011). Lecture Notes in Computer Science, vol. 6558, pp. 319–339. Springer, Berlin (2011). doi:10.1007/978-3-642-19074-2_21.

18.

Hoffstein J., Silverman J.H., Whyte W.: Estimated breaking times for NTRU lattices. version 2, NTRU Cryptosystems, Technical Report (2003).

19.

Gama N., Nguyen P.: Predicting lattice reduction. In: Smart N. (ed.) Advances in Cryptology (EUROCRYPT 2008). Lecture Notes in Computer Science, vol. 4965, pp. 31–51. Springer, Berlin (2008). doi:10.1007/978-3-540-78967-3_3.

20.

Coppersmith D., Shamir A.: Lattice attacks on NTRU. In: Fumy W. (ed.) Advances in Cryptology (EUROCRYPT 97). Lecture Notes in Computer Science, vol. 1233, pp. 52–61. Springer, Berlin (1997). doi:10.1007/3-540-69053-0_5.

21.

Schnorr C., Euchner M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. Math. Program., 66(1–3), 181–199 (1994). doi:10.1007/BF01581144.

22.

Shoup V.: NTL: A Library for Doing Number Theory. http://www.shoup.net/ntl

23.

van de Pol J., Smart N.: Estimating key sizes for high dimensional lattice-based systems. In: Stam M. (ed.) Cryptography and Coding. Lecture Notes in Computer Science, vol. 8308, pp. 290–303. Springer, Berlin (2013). doi:10.1007/978-3-642-45239-0_17.

24.

Chen Y., Nguyen P.: BKZ 2.0: better lattice security estimates. In: Lee D., Wang X. (eds.) Advances in Cryptology (ASIACRYPT 2011). Lecture Notes in Computer Science, vol. 7073, pp. 1–20. Springer, Berlin (2011). doi:10.1007/978-3-642-25385-0_1.

25.

Lepoint T., Naehrig M.: A comparison of the homomorphic encryption schemes FV and YASHE. In: Pointcheval D., Vergnaud D. (eds.) Progress in Cryptology (AFRICACRYPT 2014). Lecture Notes in Computer Science, vol. 8469, pp. 318–335. Springer, Berlin (2014). doi:10.1007/978-3-319-06734-6_20.

26.

Chen Y., Nguyen P.: BKZ 2.0: Better Lattice Security Estimates. (2013). http://www.di.ens.fr/ychen/research/Full_BKZ.pdf.

27.

Silverman J.H.: Invertibility in Truncated Polynomial Rings. Technical report, NTRU Cryptosystems (1998).

28.

Schnhage A., Strassen V.: Schnelle multiplikation großer zahlen. Computing 7(3–4), 281–292 (1971).

29.

Canright D.: A very compact S-Box for AES. In: Rao J., Sunar B. (eds.) Cryptographic Hardware and Embedded Systems (CHES 2005). Lecture Notes in Computer Science, vol. 3659, pp. 441–455. Springer, Berlin (2005). doi:10.1007/11545262_32.

30.

Gentry C., Halevi S., Smart N.: Homomorphic evaluation of the AES circuit (updated implementation). (2015). https://eprint.iacr.org/2012/099.pdf.

31.

Mella S., Susella R.: On the homomorphic computation of symmetric cryptographic primitives. In: Stam M. (ed.) Cryptography and Coding. Lecture Notes in Computer Science, vol. 8308, pp. 28–44. Springer, Berlin (2013). doi:10.1007/978-3-642-45239-0_3.

32.

Helib: A Software Library that Implements Homomorphic Encryption (HE). https://github.com/shaih/HElib.

33.

Dai W., Doröz Y., Sunar B.: Accelerating NTRU based homomorphic encryption using GPUs. IACR Cryptology ePrint Archive, vol. 389 (2014). http://eprint.iacr.org/2014/389.

34.

Öztürk E., Doröz Y., Sunar B., Savaş E.: Accelerating somewhat homomorphic evaluation using FPGAs. Cryptology ePrint Archive, Report 2015/294 (2015). http://eprint.iacr.org/.

Titel: Homomorphic AES evaluation using the modified LTV scheme
verfasst von: Yarkın Doröz
Yin Hu
Berk Sunar
Publikationsdatum: 01.08.2016
Verlag: Springer US
Erschienen in: Designs, Codes and Cryptography / Ausgabe 2/2016
Print ISSN: 0925-1022
Elektronische ISSN: 1573-7586
DOI: https://doi.org/10.1007/s10623-015-0095-1

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Weitere Artikel der Ausgabe 2/2016

Switchings of semifield multiplications

Barker sequences of odd length

Dimensional dual hyperovals in classical polar spaces

Squaring attacks on McEliece public-key cryptosystems using quasi-cyclic codes of even dimension

Convolutional block codes with cryptographic properties over the semi-direct product

A construction and decomposition of orthogonal arrays with non-prime-power numbers of symbols on the complement of a Baer subplane