A Full RNS Variant of Approximate Homomorphic Encryption.

Jung Hee Cheon, Kyoohyung Han, Andrey Kim, Miran Kim, Yongsoo Song
{"title":"A Full RNS Variant of Approximate Homomorphic Encryption.","authors":"Jung Hee Cheon,&nbsp;Kyoohyung Han,&nbsp;Andrey Kim,&nbsp;Miran Kim,&nbsp;Yongsoo Song","doi":"10.1007/978-3-030-10970-7_16","DOIUrl":null,"url":null,"abstract":"<p><p>The technology of homomorphic encryption has improved rapidly in a few years. The cutting edge implementations are efficient enough to use in practical applications. Recently, Cheon et al. (ASI-ACRYPT'17) proposed a homomorphic encryption scheme which supports an arithmetic of approximate numbers over encryption. This scheme shows the current best performance in computation over the real numbers, but its implementation could not employ core optimization techniques based on the Residue Number System (RNS) decomposition and the Number Theoretic Transformation (NTT). In this paper, we present a variant of approximate homomorphic encryption which is optimal for implementation on standard computer system. We first introduce a new structure of ciphertext modulus which allows us to use both the RNS decomposition of cyclotomic polynomials and the NTT conversion on each of the RNS components. We also suggest new approximate modulus switching procedures without any RNS composition. Compared to previous exact algorithms requiring multi-precision arithmetic, our algorithms can be performed by using only word size (64-bit) operations. Our scheme achieves a significant performance gain from its full RNS implementation. For example, compared to the earlier implementation, our implementation showed speed-ups 17.3, 6.4, and 8.3 times for decryption, constant multiplication, and homomorphic multiplication, respectively, when the dimension of a cyclotomic ring is 32768. We also give experimental result for evaluations of some advanced circuits used in machine learning or statistical analysis. Finally, we demonstrate the practicability of our library by applying to machine learning algorithm. For example, our single core implementation takes 1.8 minutes to build a logistic regression model from encrypted data when the dataset consists of 575 samples, compared to the previous best result 3.5 minutes using four cores.</p>","PeriodicalId":93231,"journal":{"name":"Selected areas in cryptography : ... annual international workshop, SAC ... proceedings. SAC (Conference)","volume":"11349 ","pages":"347-368"},"PeriodicalIF":0.0000,"publicationDate":"2018-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1007/978-3-030-10970-7_16","citationCount":"188","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Selected areas in cryptography : ... annual international workshop, SAC ... proceedings. SAC (Conference)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/978-3-030-10970-7_16","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2019/1/13 0:00:00","PubModel":"Epub","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 188

Abstract

The technology of homomorphic encryption has improved rapidly in a few years. The cutting edge implementations are efficient enough to use in practical applications. Recently, Cheon et al. (ASI-ACRYPT'17) proposed a homomorphic encryption scheme which supports an arithmetic of approximate numbers over encryption. This scheme shows the current best performance in computation over the real numbers, but its implementation could not employ core optimization techniques based on the Residue Number System (RNS) decomposition and the Number Theoretic Transformation (NTT). In this paper, we present a variant of approximate homomorphic encryption which is optimal for implementation on standard computer system. We first introduce a new structure of ciphertext modulus which allows us to use both the RNS decomposition of cyclotomic polynomials and the NTT conversion on each of the RNS components. We also suggest new approximate modulus switching procedures without any RNS composition. Compared to previous exact algorithms requiring multi-precision arithmetic, our algorithms can be performed by using only word size (64-bit) operations. Our scheme achieves a significant performance gain from its full RNS implementation. For example, compared to the earlier implementation, our implementation showed speed-ups 17.3, 6.4, and 8.3 times for decryption, constant multiplication, and homomorphic multiplication, respectively, when the dimension of a cyclotomic ring is 32768. We also give experimental result for evaluations of some advanced circuits used in machine learning or statistical analysis. Finally, we demonstrate the practicability of our library by applying to machine learning algorithm. For example, our single core implementation takes 1.8 minutes to build a logistic regression model from encrypted data when the dataset consists of 575 samples, compared to the previous best result 3.5 minutes using four cores.

Abstract Image

近似同态加密的全RNS变体。
同态加密技术在近几年得到了迅速的发展。尖端的实现足够高效,可以在实际应用中使用。最近,Cheon等人(ASI-ACRYPT'17)提出了一种支持近似数字算法的同态加密方案。该方案在实数计算方面具有目前最好的性能,但其实现不能采用基于残数系统分解和数论变换的核心优化技术。本文提出了一种最适合在标准计算机系统上实现的近似同态加密算法。我们首先引入了一种新的密文模结构,它允许我们在每个RNS分量上同时使用环分多项式的RNS分解和NTT转换。我们还提出了新的近似模量转换程序,不需要任何RNS成分。与以前需要多精度运算的精确算法相比,我们的算法只需使用字长(64位)运算即可执行。我们的方案通过其完整的RNS实现实现了显著的性能增益。例如,与之前的实现相比,当切环的维数为32768时,我们的实现对解密、常数乘法和同态乘法的速度分别提高了17.3倍、6.4倍和8.3倍。我们还给出了一些用于机器学习或统计分析的高级电路的实验结果。最后,我们通过应用于机器学习算法来证明我们的库的实用性。例如,当数据集包含575个样本时,我们的单核实现需要1.8分钟才能从加密数据构建逻辑回归模型,而使用四核的最佳结果为3.5分钟。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信