Cryptoleq: A Heterogeneous Abstract Machine for Encrypted and Unencrypted Computation

The rapid expansion and increased popularity of cloud computing comes with no shortage of privacy concerns about outsourcing computation to semi-trusted parties. Leveraging the power of encryption, in this paper, we introduce Cryptoleq: an abstract machine based on the concept of one instruction set computer, capable of performing general-purpose computation on encrypted programs. The program operands are protected using the Paillier partially homomorphic cryptosystem, which supports addition on the encrypted domain. Full homomorphism over addition and multiplication, which is necessary for enabling general-purpose computation, is achieved by inventing a heuristically obfuscated software re-encryption module written using Cryptoleq instructions and blended into the executing program. Cryptoleq is heterogeneous, allowing mixing encrypted and unencrypted instruction operands in the same program memory space. Programming with Cryptoleq is facilitated using an enhanced assembly language that allows the development of any advanced algorithm on encrypted data sets. In our evaluation, we compare Cryptoleq's performance against a popular fully homomorphic encryption library, and demonstrate correctness using a typical private information retrieval problem.

[1]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[2]  William P. Marnane,et al.  Efficient architectures for implementing montgomery modular multiplication and RSA modular exponentiation on reconfigurable logic , 2002, FPGA '02.

[3]  Rosario Gennaro,et al.  Fully Homomorphic Message Authenticators , 2013, IACR Cryptol. ePrint Arch..

[4]  Dan Boneh,et al.  Immunizing Multilinear Maps Against Zeroizing Attacks , 2014, IACR Cryptol. ePrint Arch..

[5]  Srinivas Devadas,et al.  A secure processor architecture for encrypted computation on untrusted programs , 2012, STC '12.

[6]  Alex J. Malozemoff,et al.  Implementing Cryptographic Program Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[7]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[8]  Nektarios Georgios Tsoutsos,et al.  Advanced techniques for designing stealthy hardware trojans , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[9]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003, ICS.

[10]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[11]  Brice Minaud,et al.  Cryptanalysis of the New CLT Multilinear Map over the Integers , 2016, EUROCRYPT.

[12]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[13]  Jean-Sébastien Coron,et al.  New Multilinear Maps Over the Integers , 2015, CRYPTO.

[14]  Gage Js,et al.  The great Internet Mersenne prime search. , 1998 .

[15]  Vinod Vaikuntanathan,et al.  On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption , 2012, STOC '12.

[16]  J. S. Gage The great Internet Mersenne prime search. , 1998, M.D. computing : computers in medical practice.

[17]  Thomas Blum,et al.  Montgomery modular exponentiation on reconfigurable hardware , 1999, Proceedings 14th IEEE Symposium on Computer Arithmetic (Cat. No.99CB36336).

[18]  Oleg Mazonka Bit Copying: The Ultimate Computational Simplicity , 2011, Complex Syst..

[19]  Elaine B. Barker,et al.  SP 800-57. Recommendation for Key Management, Part 1: General (revised) , 2007 .

[20]  Nektarios Georgios Tsoutsos,et al.  Fabrication Attacks: Zero-Overhead Malicious Modifications Enabling Modern Microprocessor Privilege Escalation , 2014, IEEE Transactions on Emerging Topics in Computing.

[21]  Craig Gentry,et al.  Zeroizing without zeroes: Cryptanalyzing multilinear maps without encodings of zero , 2014, IACR Cryptol. ePrint Arch..

[22]  Hoeteck Wee,et al.  On obfuscating point functions , 2005, STOC '05.

[23]  Ran Canetti,et al.  Practical UC security with a Global Random Oracle , 2014, CCS.

[24]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[25]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[26]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[27]  Nektarios Georgios Tsoutsos,et al.  The HEROIC Framework: Encrypted Computation Without Shared Keys , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[28]  William E. Burr,et al.  Recommendation for Key Management, Part 1: General (Revision 3) , 2006 .

[29]  Matthew Smith,et al.  Secret program execution in the cloud applying homomorphic encryption , 2011, 5th IEEE International Conference on Digital Ecosystems and Technologies (IEEE DEST 2011).

[30]  Oleg Mazonka,et al.  A Simple Multi-Processor Computer Based on Subleq , 2011, ArXiv.

[31]  Peter T. Breuer,et al.  A Fully Homomorphic Crypto-Processor Design , 2013, ESSoS.

[32]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[33]  M. McLoone,et al.  Fast Montgomery modular multiplication and RSA cryptographic processor architectures , 2003, The Thrity-Seventh Asilomar Conference on Signals, Systems & Computers, 2003.

[34]  Rosario Gennaro,et al.  Efficiently Verifiable Computation on Encrypted Data , 2014, CCS.

[35]  Jung Hee Cheon,et al.  Cryptanalysis of the Multilinear Map over the Integers , 2014, EUROCRYPT.

[36]  Craig Gentry,et al.  Fully Secure Functional Encryption without Obfuscation , 2014, IACR Cryptol. ePrint Arch..

[37]  Phillip A. Laplante,et al.  Instruction Set Completeness , 2003 .

[38]  Alexander Pretschner,et al.  Idea: Benchmarking Indistinguishability Obfuscation - A Candidate Implementation , 2015, ESSoS.

[39]  Christof Paar,et al.  Stealthy dopant-level hardware Trojans: extended version , 2013, Journal of Cryptographic Engineering.

[40]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[41]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[42]  Jonathan Katz,et al.  ALITHEIA: Towards Practical Verifiable Graph Processing , 2014, CCS.

[43]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[44]  Hector Zenil,et al.  Compression-Based Investigation of the Dynamical Properties of Cellular Automata and Other Systems , 2009, Complex Syst..

[45]  Michael Bedford Taylor,et al.  Bitcoin and the age of Bespoke Silicon , 2013, 2013 International Conference on Compilers, Architecture and Synthesis for Embedded Systems (CASES).

[46]  S. Halevi,et al.  Design and Implementation of a Homomorphic-Encryption Library , 2012 .

[47]  Frederik Vercauteren,et al.  Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes , 2010, Public Key Cryptography.

[48]  Guy N. Rothblum,et al.  On Best-Possible Obfuscation , 2007, TCC.

[49]  David Pointcheval,et al.  Efficient Public-Key Cryptosystems Provably Secure Against Active Adversaries , 1999, ASIACRYPT.

[50]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[51]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[52]  Phillip A. Laplante,et al.  Computer Architecture: A Minimalist Perspective , 2003 .

[53]  Tanja Lange,et al.  Bad directions in cryptographic hash functions , 2015, IACR Cryptol. ePrint Arch..

[54]  Joe Zimmerman,et al.  How to Obfuscate Programs Directly , 2015, EUROCRYPT.

[55]  Jean-Sébastien Coron,et al.  Cryptanalysis of Two Candidate Fixes of Multilinear Maps over the Integers , 2014, IACR Cryptol. ePrint Arch..

[56]  Shai Halevi,et al.  Bootstrapping for HElib , 2015, EUROCRYPT.

[57]  Yael Tauman Kalai,et al.  Improved Delegation of Computation using Fully Homomorphic Encryption , 2010, IACR Cryptol. ePrint Arch..

[58]  B. Sunar,et al.  Enhanced Flexibility for Homomorphic Encryption Schemes via CRT , 2012 .