Faster Secure Arithmetic Computation Using Switchable Homomorphic Encryption

Secure computation on encrypted data stored on untrusted clouds is an important goal. Existing secure arithmetic computation techniques, such as fully homomorphic encryption (FHE) and somewhat homomorphic encryption (SWH), have prohibitive performance and/or storage costs for the majority of practical applications. In this work, we investigate a new secure arithmetic computation primitive called switchable homomorphic encryption (or SHE) that securely switches between existing inexpensive partially homomorphic encryption techniques to evaluate arbitrary arithmetic circuits over integers. SHE is suited for use in a two-cloud model that is practical, but which makes stronger assumptions than the standard single-cloud server model. The security of our SHE solution relies on two non-colluding parties, in which security holds as long as one of them is honest. We benchmark SHE directly against existing secure arithmetic computation techniques—FHE and SWH—on real clouds (Amazon and Rackspace) using microbenchmarks involving fundamental operations utilized in many privacy-preserving computation applications. Experimentally, we find that SHE offers a new design point for computing on large data—it has reasonable ciphertext and key sizes, and is consistently faster by several (2–3) orders of magnitude compared to FHE and SWH on circuits involving long chain of multiplications. SHE exhibits slower performance only in certain cases, when batch (or parallel) homomorphic evaluation is possible, only against SWH schemes (which have limited expressiveness and potentially high ciphertext and key storage costs).

[1]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[2]  Craig Gentry,et al.  Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers , 2010, CRYPTO.

[3]  Moti Yung,et al.  Two-Party Computing with Encrypted Data , 2007, ASIACRYPT.

[4]  Eike Kiltz,et al.  Unconditionally Secure Constant Round Multi-Party Computation for Equality, Comparison, Bits and Exponentiation , 2006, IACR Cryptol. ePrint Arch..

[5]  Ben Riva,et al.  Garbled Circuits Checking Garbled Circuits: More Efficient and Secure Two-Party Computation , 2013, IACR Cryptol. ePrint Arch..

[6]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[7]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[8]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[9]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[10]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[11]  R. Mollin RSA and Public-Key Cryptography , 2002 .

[12]  Vinod Vaikuntanathan,et al.  On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption , 2012, STOC '12.

[13]  Brian Rogers,et al.  SecureME: a hardware-software approach to full system security , 2011, ICS '11.

[14]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[15]  Stefan Katzenbeisser,et al.  Efficiently Outsourcing Multiparty Computation Under Multiple Keys , 2013, IEEE Transactions on Information Forensics and Security.

[16]  Masahiro Yagisawa,et al.  Fully Homomorphic Encryption without bootstrapping , 2015, IACR Cryptol. ePrint Arch..

[17]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[18]  Florian Kerschbaum,et al.  Automatic Protocol Selection in Secure Two-Party Computations , 2013, NDSS.

[19]  Vladimir Kolesnikov,et al.  A Practical Universal Circuit Construction and Secure Evaluation of Private Functions , 2008, Financial Cryptography.

[20]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[21]  Frederik Vercauteren,et al.  Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes , 2010, Public Key Cryptography.

[22]  Rafail Ostrovsky,et al.  Distributed Oblivious RAM for Secure Two-Party Computation , 2013, TCC.

[23]  Craig Gentry,et al.  Fully Homomorphic Encryption with Polylog Overhead , 2012, EUROCRYPT.

[24]  Moni Naor,et al.  A minimal model for secure computation (extended abstract) , 1994, STOC '94.

[25]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[26]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[27]  Rosario Gennaro,et al.  New Efficient and Secure Protocols for Verifiable Signature Sharing and Other Applications , 1998, J. Comput. Syst. Sci..

[28]  Johann-Christoph Freytag,et al.  Almost Optimal Private Information Retrieval , 2002, Privacy Enhancing Technologies.

[29]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[30]  Jonathan Katz,et al.  Constant-Round Private Function Evaluation with Linear Complexity , 2011, ASIACRYPT.

[31]  Tal Malkin,et al.  Secure Computation in Heterogeneous Environments: How to Bring Multiparty Computation Closer to Practice? , 2012 .

[32]  Feng-Hao Liu,et al.  Efficient Secure Two-Party Exponentiation , 2011, CT-RSA.

[33]  Emmanuela Orsini,et al.  Between a Rock and a Hard Place: Interpolating Between MPC and FHE , 2013, IACR Cryptol. ePrint Arch..

[34]  Emiliano De Cristofaro,et al.  Efficient Techniques for Privacy-Preserving Sharing of Sensitive Information , 2011, TRUST.

[35]  Lakshminarayanan Subramanian,et al.  Two-Party Computation Model for Privacy-Preserving Queries over Distributed Databases , 2009, NDSS.

[36]  Markus Jakobsson,et al.  Addition of ElGamal Plaintexts , 2000, ASIACRYPT.

[37]  Ruby B. Lee,et al.  Scalable architectural support for trusted software , 2010, HPCA - 16 2010 The Sixteenth International Symposium on High-Performance Computer Architecture.

[38]  Ming Li,et al.  Computing encrypted cloud data efficiently under multiple keys , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[39]  Anna Lysyanskaya,et al.  How to Securely Outsource Cryptographic Computations , 2005, TCC.

[40]  Tomas Toft Sub-linear, Secure Comparison with Two Non-colluding Parties , 2011, Public Key Cryptography.

[41]  Berk Sunar,et al.  Homomorphic AES Evaluation using NTRU , 2014, IACR Cryptol. ePrint Arch..

[42]  Craig Gentry,et al.  Private Database Queries Using Somewhat Homomorphic Encryption , 2013, ACNS.

[43]  Craig Gentry,et al.  Homomorphic Evaluation of the AES Circuit , 2012, IACR Cryptol. ePrint Arch..

[44]  Adnan Aziz,et al.  Binary Decision Graph , 2008, Encyclopedia of Algorithms.

[45]  Simha Sethumadhavan,et al.  Silencing Hardware Backdoors , 2011, 2011 IEEE Symposium on Security and Privacy.

[46]  Wenliang Du,et al.  A practical approach to solve Secure Multi-party Computation problems , 2002, NSPW '02.

[47]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[48]  Bart Mennink,et al.  Modulo Reduction for Paillier Encryptions and Application to Secure Statistical Analysis , 2010, Financial Cryptography.

[49]  Brent Waters,et al.  Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based , 2013, CRYPTO.

[50]  Kevin S. McCurley,et al.  A key distribution system equivalent to factoring , 1988, Journal of Cryptology.

[51]  Yuval Ishai,et al.  Constant-Round Multiparty Computation Using a Black-Box Pseudorandom Generator , 2005, CRYPTO.

[52]  I. Damglurd Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation , 2006 .

[53]  Yihua Zhang,et al.  PICCO: a general-purpose compiler for private distributed computation , 2013, CCS.

[54]  Jun Han,et al.  KISS: "Key It Simple and Secure" Corporate Key Management , 2013, TRUST.

[55]  Emmanuel Bresson,et al.  A Simple Public-Key Cryptosystem with a Double Trapdoor Decryption Mechanism and Its Applications , 2003, ASIACRYPT.

[56]  Eric Torng,et al.  Bypassing Space Explosion in Regular Expression Matching for Network Intrusion Detection and Prevention Systems , 2012, NDSS.

[57]  Mariana Raykova,et al.  Outsourcing Multi-Party Computation , 2011, IACR Cryptol. ePrint Arch..

[58]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[59]  Vinod Vaikuntanathan,et al.  Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE , 2012, EUROCRYPT.

[60]  Jonathan Katz,et al.  Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose , 2013, CRYPTO.

[61]  Shweta Shinde,et al.  AUTOCRYPT: enabling homomorphic computation on servers to protect sensitive web content , 2013, CCS.

[62]  Ahmad-Reza Sadeghi,et al.  TASTY: tool for automating secure two-party computations , 2010, CCS '10.

[63]  Elaine Shi,et al.  Multi-cloud oblivious storage , 2013, CCS.

[64]  Yehuda Lindell,et al.  Secure Computation on the Web: Computing without Simultaneous Interaction , 2011, IACR Cryptol. ePrint Arch..

[65]  Matthew K. Franklin,et al.  Joint encryption and message-efficient secure computation , 1993, Journal of Cryptology.

[66]  Ahmad-Reza Sadeghi,et al.  Twin Clouds: Secure Cloud Computing with Low Latency - (Full Version) , 2011, Communications and Multimedia Security.