HEROIC: Homomorphically EncRypted One Instruction Computer

As cloud computing becomes mainstream, the need to ensure the privacy of the data entrusted to third parties keeps rising. Cloud providers resort to numerous security controls and encryption to thwart potential attackers. Still, since the actual computation inside cloud microprocessors remains unencrypted, the opportunity of leakage is theoretically possible. Therefore, in order to address the challenge of protecting the computation inside the microprocessor, we introduce a novel general purpose architecture for secure data processing, called HEROIC (Homomorphically EncRypted One Instruction Computer). This new design utilizes a single instruction architecture and provides native processing of encrypted data at the architecture level. The security of the solution is assured by a variant of Paillier's homomorphic encryption scheme, used to encrypt both instructions and data. Experimental results using our hardware-cognizant software simulator, indicate an average execution overhead between 5 and 45 times for the encrypted computation (depending on the security parameter), compared to the unencrypted variant, for a 16-bit single instruction architecture.

[1]  Caroline Fontaine,et al.  A Survey of Homomorphic Encryption for Nonspecialists , 2007, EURASIP J. Inf. Secur..

[2]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[3]  William P. Marnane,et al.  Efficient architectures for implementing montgomery modular multiplication and RSA modular exponentiation on reconfigurable logic , 2002, FPGA '02.

[4]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[5]  Daniele Micciancio,et al.  A first glimpse of cryptography's Holy Grail , 2010, CACM.

[6]  Srinivas Devadas,et al.  A secure processor architecture for encrypted computation on untrusted programs , 2012, STC '12.

[7]  Christof Paar,et al.  Stealthy dopant-level hardware Trojans: extended version , 2013, Journal of Cryptographic Engineering.

[8]  C.-C. Jay Kuo,et al.  Secure and efficient cryptosystem for smart grid using homomorphic encryption , 2012, 2012 IEEE PES Innovative Smart Grid Technologies (ISGT).

[9]  Siani Pearson,et al.  Taking account of privacy when designing cloud computing services , 2009, 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing.

[10]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[11]  David H. K. Hoe,et al.  Design and characterization of parallel prefix adders using FPGAs , 2011, 2011 IEEE 43rd Southeastern Symposium on System Theory.

[12]  Nektarios Georgios Tsoutsos,et al.  Investigating the Application of One Instruction Set Computing for Encrypted Data Computation , 2013, SPACE.

[13]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[14]  J. Zhan,et al.  Cloud Computing Security Case Studies and Research , 2013 .

[15]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[16]  Oleg Mazonka,et al.  A Simple Multi-Processor Computer Based on Subleq , 2011, ArXiv.

[17]  David A. Patterson,et al.  Computer Architecture: A Quantitative Approach , 1969 .