Article

Homomorphic Evaluation of the AES Circuit

Authors:

Nigel P. SmartAuthors Info & Claims

Proceedings of the 32nd Annual Cryptology Conference on Advances in Cryptology --- CRYPTO 2012 - Volume 7417

Pages 850 - 867

https://doi.org/10.1007/978-3-642-32009-5_49

Published: 19 August 2012 Publication History

Abstract

We describe a working implementation of leveled homomorphic encryption without bootstrapping that can evaluate the AES-128 circuit in three different ways. One variant takes under over 36 hours to evaluate an entire AES encryption operation, using NTL over GMP as our underlying software platform, and running on a large-memory machine. Using SIMD techniques, we can process over 54 blocks in each evaluation, yielding an amortized rate of just under 40 minutes per block. Another implementation takes just over two and a half days to evaluate the AES operation, but can process 720 blocks in each evaluation, yielding an amortized rate of just over five minutes per block. We also detail a third implementation, which theoretically could yield even better amortized complexity, but in practice turns out to be less competitive.

For our implementations we develop both AES-specific optimizations as well as several "generic" tools for FHE evaluation. These last tools include among others a different variant of the Brakerski-Vaikuntanathan key-switching technique that does not require reducing the norm of the ciphertext vector, and a method of implementing the Brakerski-Gentry-Vaikuntanathan modulus-switching transformation on ciphertexts in CRT representation.

References

[1]

Boyar, J., Peralta, R.: A depth-16 circuit for the AES S-box 2011 manuscript, http://eprint.iacr.org/2011/332

[2]

Brakerski, Z.: Fully homomorphic encryption without modulus switching from classical GapSVP 2012 manuscript, http://eprint.iacr.org/2012/078

[3]

Brakerski, Z., Gentry, C., Vaikuntanathan, V.: Fully homomorphic encryption without bootstrapping. In: Innovations in Theoretical Computer Science, ITCS 2012 2012, http://eprint.iacr.org/2011/277

[4]

Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from standard LWE. In: FOCS 2011. IEEE Computer Society 2011

Digital Library

[5]

Brakerski, Z., Vaikuntanathan, V.: Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages. In: Rogaway, P. ed. CRYPTO 2011. LNCS, vol. 6841, pp. 505---524. Springer, Heidelberg 2011

Digital Library

[6]

Coron, J.-S., Mandal, A., Naccache, D., Tibouchi, M.: Fully Homomorphic Encryption over the Integers with Shorter Public Keys. In: Rogaway, P. ed. CRYPTO 2011. LNCS, vol. 6841, pp. 487---504. Springer, Heidelberg 2011

Digital Library

[7]

Coron, J.-S., Naccache, D., Tibouchi, M.: Public Key Compression and Modulus Switching for Fully Homomorphic Encryption over the Integers. In: Pointcheval, D., Johansson, T. eds. EUROCRYPT 2012. LNCS, vol. 7237, pp. 446---464. Springer, Heidelberg 2012

Digital Library

[8]

Damgård, I., Keller, M.: Secure Multiparty AES. In: Sion, R. ed. FC 2010. LNCS, vol. 6052, pp. 367---374. Springer, Heidelberg 2010

Digital Library

[9]

Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. ed. STOC, pp. 169---178. ACM 2009

Digital Library

[10]

Gentry, C., Halevi, S.: Implementing Gentry's Fully-Homomorphic Encryption Scheme. In: Paterson, K.G. ed. EUROCRYPT 2011. LNCS, vol. 6632, pp. 129---148. Springer, Heidelberg 2011

Digital Library

[11]

Gentry, C., Halevi, S., Smart, N.P.: Fully Homomorphic Encryption with Polylog Overhead. In: Pointcheval, D., Johansson, T. eds. EUROCRYPT 2012. LNCS, vol. 7237, pp. 465---482. Springer, Heidelberg 2012, Full version at http://eprint.iacr.org/2011/566

Digital Library

[12]

Huang, Y., Evans, D., Katz, J., Malka, L.: Faster secure two-party computation using garbled circuits. In: USENIX Security Symposium 2011

Digital Library

[13]

Orlandi, C., Nielsen, J.B., Nordholt, P.S., Sheshank, S.: A new approach to practical active-secure two-party computation 2011 manuscript

[14]

Lauter, K., Naehrig, M., Vaikuntanathan, V.: Can homomorphic encryption be practical? In: CCSW, pp. 113---124. ACM 2011

Digital Library

[15]

Lòpez-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: STOC. ACM 2012

Digital Library

[16]

Lyubashevsky, V., Peikert, C., Regev, O.: On Ideal Lattices and Learning with Errors over Rings. In: Gilbert, H. ed. EUROCRYPT 2010. LNCS, vol. 6110, pp. 1---23. Springer, Heidelberg 2010

Digital Library

[17]

Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure Two-Party Computation Is Practical. In: Matsui, M. ed. ASIACRYPT 2009. LNCS, vol. 5912, pp. 250---267. Springer, Heidelberg 2009

Digital Library

[18]

Rivain, M., Prouff, E.: Provably Secure Higher-Order Masking of AES. In: Mangard, S., Standaert, F.-X. eds. CHES 2010. LNCS, vol. 6225, pp. 413---427. Springer, Heidelberg 2010

Digital Library

[19]

Smart, N.P., Vercauteren, F.: Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes. In: Nguyen, P.Q., Pointcheval, D. eds. PKC 2010. LNCS, vol. 6056, pp. 420---443. Springer, Heidelberg 2010

Digital Library

[20]

Smart, N.P., Vercauteren, F.: Fully homomorphic SIMD operations 2011, Manuscript at http://eprint.iacr.org/2011/133

Cited By

Zhang JCheng XYang LHu JLiu XChen K(2024)SoK: Fully Homomorphic Encryption AcceleratorsACM Computing Surveys10.1145/367695556:12(1-32)Online publication date: 5-Jul-2024
https://dl.acm.org/doi/10.1145/3676955
Yang XCai LWang YYin KSun LHu JQuek TGao DZhou JCardenas A(2024)Efficient Unbalanced Quorum PSI from Homomorphic EncryptionProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3657001(1003-1016)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3657001
Samardzic NSanchez DTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)BitPacker: Enabling High Arithmetic Efficiency in Fully Homomorphic Encryption AcceleratorsProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 210.1145/3620665.3640397(137-150)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620665.3640397
Show More Cited By

Homomorphic Evaluation of the AES Circuit
1. Security and privacy
2. Theory of computation

Recommendations

Poster: Efficient AES-GCM Decryption Under Homomorphic Encryption
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

Computation delegation to untrusted third-party while maintaining data confidentiality is possible with homomorphic encryption (HE). However, in many cases, the data was encrypted using another cryptographic scheme such as AES-GCM. Hybrid encryption (...
Homomorphic AES evaluation using the modified LTV scheme

Since its introduction more than a decade ago the homomorphic properties of the NTRU encryption scheme have gone largely ignored. A variant of NTRU proposed by Stehlé and Steinfeld was recently extended into a full fledged multi-key fully homomorphic ...
On CCA-Secure somewhat homomorphic encryption
SAC'11: Proceedings of the 18th international conference on Selected Areas in Cryptography

It is well known that any encryption scheme which supports any form of homomorphic operation cannot be secure against adaptive chosen ciphertext attacks. The question then arises as to what is the most stringent security definition which is achievable ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

Proceedings of the 32nd Annual Cryptology Conference on Advances in Cryptology --- CRYPTO 2012 - Volume 7417

August 2012

886 pages

ISBN:9783642320088

Editors:
Reihaneh Safavi-Naini
Department of Computer Science, University of Calgary, Calgary, Canada
,
Ran Canetti
Department of Computer Science, University of Boston, Boston, USA

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 19 August 2012

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

153
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 06 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang JCheng XYang LHu JLiu XChen K(2024)SoK: Fully Homomorphic Encryption AcceleratorsACM Computing Surveys10.1145/367695556:12(1-32)Online publication date: 5-Jul-2024
https://dl.acm.org/doi/10.1145/3676955
Yang XCai LWang YYin KSun LHu JQuek TGao DZhou JCardenas A(2024)Efficient Unbalanced Quorum PSI from Homomorphic EncryptionProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3657001(1003-1016)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3657001
Samardzic NSanchez DTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)BitPacker: Enabling High Arithmetic Efficiency in Fully Homomorphic Encryption AcceleratorsProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 210.1145/3620665.3640397(137-150)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620665.3640397
Frimpong ENguyen KBudzys MKhan TMichalas AHong JPark J(2024)GuardML: Efficient Privacy-Preserving Machine Learning Services Through Hybrid Homomorphic EncryptionProceedings of the 39th ACM/SIGAPP Symposium on Applied Computing10.1145/3605098.3635983(953-962)Online publication date: 8-Apr-2024
https://dl.acm.org/doi/10.1145/3605098.3635983
Miao WWu W(2024)Privacy-Preserving Logistic Regression Model Training Scheme by Homomorphic EncryptionInformation and Communications Security10.1007/978-981-97-8798-2_14(271-291)Online publication date: 27-Aug-2024
https://dl.acm.org/doi/10.1007/978-981-97-8798-2_14
Chen MChen YZong RLi ZJiang Z(2024)F-FHEW: High-Precision Approximate Homomorphic Encryption with Batch BootstrappingInformation Security and Privacy10.1007/978-981-97-5025-2_7(121-140)Online publication date: 15-Jul-2024
https://dl.acm.org/doi/10.1007/978-981-97-5025-2_7
Xia HLiu FWang H(2024)More Efficient Functional Bootstrapping for General Functions in Polynomial ModulusTheory of Cryptography10.1007/978-3-031-78023-3_5(130-163)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1007/978-3-031-78023-3_5
Liu YLi ZWang RLu XWang K(2024)Efficient Blind Rotation in FHEW Using Refined Decomposition and NTTInformation Security10.1007/978-3-031-75757-0_16(315-334)Online publication date: 24-Oct-2024
https://dl.acm.org/doi/10.1007/978-3-031-75757-0_16
Xu YZhu GWang HWang L(2024)Large-Plaintext Functional Bootstrapping with Small Parameters for BGV EncodingInformation Security10.1007/978-3-031-75757-0_13(252-272)Online publication date: 24-Oct-2024
https://dl.acm.org/doi/10.1007/978-3-031-75757-0_13
Li BMicciancio DRaykova MSchultz-Wu M(2024)Hintless Single-Server Private Information RetrievalAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68400-5_6(183-217)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68400-5_6
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Table of Contents