Data plays a crucial role in driving innovation and efficiency across various domains. However, the concern of losing control over private information leads to data contributors’ hesitance to cooperate. The importance of data evidences the necessity of investigating secure computation techniques, such as garbled circuits (GC) and fully homomorphic encryption (FHE), as they empower data-driven collaboration without compromising privacy. But there is no free lunch – privacy protection is generally achieved at the expense of prohibitive computational and/or communication overhead, resulting in significant losses in system performance and scalability. This project aims to facilitate practical secure computation techniques, preparing them for large-scale, low-latency, and energy-efficient application scenarios. We specifically emphasize the following aspects:
First proposed in 1986 by the Turing Award winner Andrew Yao, the garbled circuits (GC) protocol is the cornerstone of various advanced solutions to realize secure computation. Starting from representing the target computation as a Boolean circuit, the protocol protects the privacy of participants by transferring Boolean operations on truth values to look-up operations on ciphertexts, a.k.a. garbling the logic gates in the circuit. The GC protocol typically suffers from a substantial communicational overhead, due to the necessity of distributing among participants the tables holding the ciphertexts, for execution.
Our research aims to solve this bottleneck by synthesizing the Boolean circuit that implements the target computation in a ciphertext-efficient manner. Towards this goal, we have proposed:
Fully homomorphic encryption (FHE) represents a revolutionary encryption paradigm that enables computation on ciphertexts without the need for decryption – widely regarded as the holy grail of modern cryptography.
Most modern HE schemes are based on the learning with error (LWE) problem, a hard lattice problem, and utilize noisy ciphertexts to ensure data privacy. However, as computation progresses, noise accumulates. Once noise exceeds a certain threshold, correct decryption becomes impossible. Such HE schemes are termed leveled, due to the constraint on the allowed number of homomorphic operations to be involved. Leveled HE schemes are parameterized. A parameter selection would allow a larger noise budget at the cost that each involved homomorphic operation is rather computationally intensive. While the concept of FHE dates back to 1978, the first realization did not come until the ground-breaking bootstrapping theorem by Craig Gentry in 2009. In his blueprint, bootstrapping refreshes the noise level within a ciphertext by homomorphically executing the decryption function, elevating leveled HE into the realm of FHE. Yet, bootstrapping’s computational demand remains high. With the computation paradigm modeled as a circuit of additions and multiplications, a.k.a. a homomorphic circuit, an effective strategy to enhance the practicality of leveled HE schemes entails reducing the levels of the circuit. In particular, homomorphic multiplication introduces significant noise, making minimizing the multiplicative depth (MD) pivotal. Lower MD offers flexible security parameters, hence accelerating each homomorphic operation. Meanwhile, lower MD commonly comes at the cost of higher multiplicative complexity (MC), leading to more homomorphic multiplications and potentially slowing down the overall homomorphic computation. We introduce an MC-aware MD minimization technique, a first in the field. Evaluation on practical benchmarks showcases an average 21.32% computation time reduction, with up to 60.87% improvement – an advancement with far-reaching implications.