Teaching an Old Dog New Tricks: Verifiable FHE Using Commodity Hardware
- URL: http://arxiv.org/abs/2412.03550v2
- Date: Mon, 24 Mar 2025 15:19:50 GMT
- Title: Teaching an Old Dog New Tricks: Verifiable FHE Using Commodity Hardware
- Authors: Jules Drean, Fisher Jepsen, Edward Suh, Srini Devadas, Aamer Jaleel, Gururaj Saileshwar,
- Abstract summary: Argos is a simple approach for adding verifiability to fully homomorphic encryption schemes using trusted hardware.<n>Argos requires no dedicated hardware extensions and is supported on commodity processors from 2008 onward.
- Score: 4.8964380125993685
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: We present Argos, a simple approach for adding verifiability to fully homomorphic encryption (FHE) schemes using trusted hardware. Traditional approaches to verifiable FHE require expensive cryptographic proofs, which incur an overhead of up to seven orders of magnitude on top of FHE, making them impractical. With Argos, we show that trusted hardware can be securely used to provide verifiability for FHE computations, with minimal overhead relative to the baseline FHE computation. An important contribution of Argos is showing that the major security pitfall associated with trusted hardware, microarchitectural side channels, can be completely mitigated by excluding any secrets from the CPU and the memory hierarchy. This is made possible by focusing on building a platform that only enforces program and data integrity and not confidentiality. All secrets related to the attestation mechanism are kept in a separate coprocessor (e.g., a TPM)-inaccessible to any software-based attacker. Relying on a discrete TPM typically incurs significant performance overhead, which is why (insecure) software-based TPMs are used in practice. As a second contribution, we show that for FHE applications, the attestation protocol can be adapted to only incur a fixed cost. Argos requires no dedicated hardware extensions and is supported on commodity processors from 2008 onward. Our prototype implementation introduces 3% overhead for FHE evaluation, and 8% for more complex protocols. In particular, we show that Argos can be used for real-world applications of FHE, such as private information retrieval (PIR) and private set intersection (PSI), where providing verifiability is imperative. By demonstrating how to combine cryptography with trusted hardware, Argos paves the way for widespread deployment of FHE-based protocols beyond the semi-honest setting, without the overhead of cryptographic proofs.
Related papers
- Cryptanalysis of LC-MUME: A Lightweight Certificateless Multi-User Matchmaking Encryption for Mobile Devices [0.0]
We show that a Type-I adversary can successfully forge a validtext cipher without possessing the complete private key of the sender.<n>We propose a strategy to strengthen the security of matchmaking encryption schemes in mobile computing environments.
arXiv Detail & Related papers (2025-07-30T13:36:52Z) - Trusted Compute Units: A Framework for Chained Verifiable Computations [41.94295877935867]
This paper introduces the Trusted Compute Unit (TCU), a unifying framework that enables composable and interoperable computations across heterogeneous technologies.
By enabling secure off-chain interactions without incurring on-chain confirmation delays or gas fees, TCUs significantly improve system performance and scalability.
arXiv Detail & Related papers (2025-04-22T09:01:55Z) - Extractors: QLDPC Architectures for Efficient Pauli-Based Computation [42.95092131256421]
We propose a new primitive that can augment any QLDPC memory into a computational block well-suited for Pauli-based computation.<n>In particular, any logical Pauli operator supported on the memory can be fault-tolerantly measured in one logical cycle.<n>Our architecture can implement universal quantum circuits via parallel logical measurements.
arXiv Detail & Related papers (2025-03-13T14:07:40Z) - Research Directions for Verifiable Crypto-Physically Secure TEEs [0.0]
Web3 applications have to rely on cloud infrastruture to act as trusted guardians of hardware-based TEEs.
This work aims at exploring how we could potentially architect and implement chips that would be secure against physical attacks.
arXiv Detail & Related papers (2024-10-04T06:47:14Z) - NTTSuite: Number Theoretic Transform Benchmarks for Accelerating Encrypted Computation [2.704681057324485]
Homomorphic encryption (HE) is a cryptographic system that enables computation directly on encrypted data.
HE has seen little adoption due to extremely high computational overheads, rendering it impractical.
We develop a benchmark suite, named NTTSuite, to enable researchers to better address these overheads.
We find our implementation outperforms the state-of-the-art by 30%.
arXiv Detail & Related papers (2024-05-18T17:44:17Z) - HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs)
TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks.
We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - Towards Fast and Scalable Private Inference [2.2702420046035865]
New paradigm of computing exists, which we refer to as privacy-preserving (PPC)
PPC technologies can be leveraged for secure outsourced computation or to enable two parties to compute without revealing either users' secret data.
Despite their phenomenal potential to revolutionize user protection in the digital age, the realization has been limited due to exorbitant computational, communication, and storage overheads.
arXiv Detail & Related papers (2023-07-09T00:55:30Z) - Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive
Privacy Analysis and Beyond [57.10914865054868]
We consider vertical logistic regression (VLR) trained with mini-batch descent gradient.
We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
arXiv Detail & Related papers (2022-07-19T05:47:30Z) - THE-X: Privacy-Preserving Transformer Inference with Homomorphic
Encryption [112.02441503951297]
Privacy-preserving inference of transformer models is on the demand of cloud service users.
We introduce $textitTHE-X$, an approximation approach for transformers, which enables privacy-preserving inference of pre-trained models.
arXiv Detail & Related papers (2022-06-01T03:49:18Z) - Building Your Own Trusted Execution Environments Using FPGA [16.206300249987354]
BYOTee (Build Your Own Trusted Execution Environments) is an easy-to-use infrastructure for building multiple equally secure enclaves.
BYOTee creates enclaves with customized hardware TCBs, which include softcore CPUs, block RAMs, and peripheral connections, in FPGA on demand.
arXiv Detail & Related papers (2022-03-08T17:22:52Z) - Accelerating 2PC-based ML with Limited Trusted Hardware [7.080903507706396]
Otak is a system that allows two non-colluding cloud providers to run machine learning (ML) inference without knowing the inputs to inference.
Otak improves efficiency via a new 2PC protocol that tailors recent primitives such as function and homomorphic secret sharing to ML inference.
arXiv Detail & Related papers (2020-09-11T17:53:13Z) - FCOS: A simple and strong anchor-free object detector [111.87691210818194]
We propose a fully convolutional one-stage object detector (FCOS) to solve object detection in a per-pixel prediction fashion.
Almost all state-of-the-art object detectors such as RetinaNet, SSD, YOLOv3, and Faster R-CNN rely on pre-defined anchor boxes.
In contrast, our proposed detector FCOS is anchor box free, as well as proposal free.
arXiv Detail & Related papers (2020-06-14T01:03:39Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.