A High-Throughput AES-GCM Implementation on GPUs for Secure, Policy-Based Access to Massive Astronomical Catalogs
- URL: http://arxiv.org/abs/2602.23067v1
- Date: Thu, 26 Feb 2026 14:54:24 GMT
- Title: A High-Throughput AES-GCM Implementation on GPUs for Secure, Policy-Based Access to Massive Astronomical Catalogs
- Authors: Samuel Lemes-Perera, Miguel R. Alarcon, Pino Caballero-Gil, Miquel Serra-Ricart,
- Abstract summary: Large astronomical surveys generate massive image catalogs requiring efficient and secure access.<n>We present a framework that integrates a flexible policy engine for fine-grained access control with a novel GPU-accelerated implementation of the AES-GCM authenticated encryption protocol.
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The era of large astronomical surveys generates massive image catalogs requiring efficient and secure access, particularly during pre-publication periods where data confidentiality and integrity are paramount. While Findable, Accessible, Interoperable, and Reusable (FAIR) principles guide the eventual public dissemination of data, traditional security methods for restricted phases often lack granularity or incur prohibitive performance penalties. To address this, we present a framework that integrates a flexible policy engine for fine-grained access control with a novel GPU-accelerated implementation of the AES-GCM authenticated encryption protocol. The novelty of this work lies in the adaptation and optimization of a parallel tree-reduction strategy to overcome the main performance bottleneck in authenticated encryption on GPUs: the inherently sequential Galois/Counter Mode (GCM) authentication hash (GHASH). We present both the algorithmic adaptation and its efficient execution on GPU architectures. Although similar parallelization techniques have been explored in cryptographic research, this is, to our knowledge, the first demonstration of their integration into a high-throughput encryption framework specifically designed for large-scale astronomical data. Our implementation transforms the sequential GHASH computation into a highly parallelizable, logarithmic-time process, achieving authenticated encryption throughput suitable for petabyte-scale image analysis. Our solution provides a robust mechanism for data providers to enforce access policies, ensuring both confidentiality and integrity without hindering research workflows, thereby facilitating a secure and managed transition of data to public, FAIR archives.
Related papers
- Towards Privacy-Preserving Range Queries with Secure Learned Spatial Index over Encrypted Data [8.495233108444202]
We propose a novel privacy-preserving range query scheme over encrypted datasets.<n>SLS-INDEX integrates the Paillier cryptosystem with a hierarchical prediction architecture and noise-injected buckets.<n> SLRQ significantly outperforms existing solutions in query efficiency while ensuring dataset, query, result, and access pattern privacy.
arXiv Detail & Related papers (2025-12-03T10:59:40Z) - Design and Optimization of Cloud Native Homomorphic Encryption Workflows for Privacy-Preserving ML Inference [0.0]
Homomorphic Encryption (HE) has emerged as a compelling technique that enables cryptographic computation on encrypted data.<n>The integration of HE within large scale cloud native pipelines remains constrained by high computational overhead, orchestration complexity, and model compatibility issues.<n>This paper presents a systematic framework for the design and optimization of cloud native homomorphic encryption that support privacy ML inference.
arXiv Detail & Related papers (2025-10-28T15:13:32Z) - Secure and Scalable Face Retrieval via Cancelable Product Quantization [48.58859061524146]
homomorphic encryption (HE) offers strong security guarantees by enabling arithmetic computations in the cipher space.<n>We propose Cancelable Product Quantization, a highly efficient framework for secure face representation retrieval.
arXiv Detail & Related papers (2025-08-31T10:19:55Z) - Performance and Storage Analysis of CRYSTALS Kyber as a Post Quantum Replacement for RSA and ECC [45.88028371034407]
CRYSTALS-Kyber is a post-quantum cryptographic solution standardized by NIST in 2022.<n>This study evaluates Kyber's practical viability through performance testing across various implementation schemes.
arXiv Detail & Related papers (2025-08-03T09:53:45Z) - Practical Secure Aggregation by Combining Cryptography and Trusted Execution Environments [1.3068730884406587]
Secure aggregation enables a group of mutually distrustful parties, each holding private inputs, to collaboratively compute an aggregate value.<n>A major challenge in adopting secure aggregation approaches for practical applications is the significant computational overhead of the underlying cryptographic protocols.<n> Hardware-based security techniques such as trusted execution environments (TEEs) enable computation at near-native speeds.<n>In this work, we introduce several secure aggregation architectures that integrate both cryptographic and TEE-based techniques.
arXiv Detail & Related papers (2025-04-11T07:49:09Z) - Secure Semantic Communication With Homomorphic Encryption [52.5344514499035]
This paper explores the feasibility of applying homomorphic encryption to SemCom.<n>We propose a task-oriented SemCom scheme secured through homomorphic encryption.
arXiv Detail & Related papers (2025-01-17T13:26:14Z) - FRAG: Toward Federated Vector Database Management for Collaborative and Secure Retrieval-Augmented Generation [1.3824176915623292]
This paper introduces textitFederated Retrieval-Augmented Generation (FRAG), a novel database management paradigm tailored for the growing needs of retrieval-augmented generation (RAG) systems.
FRAG enables mutually-distrusted parties to collaboratively perform Approximate $k$-Nearest Neighbor (ANN) searches on encrypted query vectors and encrypted data stored in distributed vector databases.
arXiv Detail & Related papers (2024-10-17T06:57:29Z) - Multi-Layered Security System: Integrating Quantum Key Distribution with Classical Cryptography to Enhance Steganographic Security [0.0]
We present a novel cryptographic system that integrates Quantum Key Distribution (QKD) with classical encryption techniques.
Our approach leverages the E91 QKD protocol to generate a shared secret key between communicating parties.
This key is then hashed using the Secure Hash Algorithm (SHA) to provide a fixedlength, high-entropy key.
arXiv Detail & Related papers (2024-08-13T15:20:29Z) - Enc2DB: A Hybrid and Adaptive Encrypted Query Processing Framework [47.11111145443189]
We introduce Enc2DB, a novel secure database system following a hybrid strategy on and openGauss.
We present a micro-benchmarking test and self-adaptive mode switch strategy that can choose the best execution path (cryptography or TEE) to answer a given query.
We also design and implement a ciphertext index compatible with native cost model and querys to accelerate query processing.
arXiv Detail & Related papers (2024-04-10T08:11:12Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive
Privacy Analysis and Beyond [57.10914865054868]
We consider vertical logistic regression (VLR) trained with mini-batch descent gradient.
We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
arXiv Detail & Related papers (2022-07-19T05:47:30Z) - Faster Secure Data Mining via Distributed Homomorphic Encryption [108.77460689459247]
Homomorphic Encryption (HE) is receiving more and more attention recently for its capability to do computations over the encrypted field.
We propose a novel general distributed HE-based data mining framework towards one step of solving the scaling problem.
We verify the efficiency and effectiveness of our new framework by testing over various data mining algorithms and benchmark data-sets.
arXiv Detail & Related papers (2020-06-17T18:14:30Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.