Skip to main content
Springer Nature Link
Log in

Revisiting Stream-Cipher-Based Homomorphic Transciphering in the TFHE Era

  • Conference paper
  • First Online:
Foundations and Practice of Security (FPS 2021)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13291))

Included in the following conference series:

  • 1459 Accesses

Abstract

Transciphering allows to workaround the large expansion of the size of FHE encrypted data, thanks to the use of symmetric cryptography. Transciphering is a recryption technique that delegates the effective homomorphic encryption to the cloud. As a result, a client only has to encrypt (once) a symmetric key \({\textsf {SYM}}.\!{\textsf {sk}}\) under a homomorphic encryption system, while his payload data are encrypted under \({\textsf {SYM}}.\!{\textsf {sk}}\) using the chosen symmetric encryption algorithm.

In this work, we study the performances of some symmetric encryption algorithms in light of the TFHE cryptosystem and its properties. This allows us to unleash the use of additional existing symmetric algorithms which were not viable candidates for efficient encrypted domain execution with levelled-FHEs. In particular, we provide experimental evidences that Grain128-AEAD, a well established and well respected stream-cipher which is a finalist of the NIST competition for light-weight cryptography, is amenable to practical performances when run in the encrypted domain. As such, our work extends practical transciphering capabilities to include authenticated encryption for the first time.

The research leading to these results has been funded in part from the European Union’s Preparatory Action on Defence Research (PADR-FDDT-OPEN-03-2019). This paper reflects only the authors’ views and the Commission is not liable for any use that may be made of the information contained therein.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    The multiplicative depth of a circuit is the maximum number of successive multiplications in the circuit.

  2. 2.

    As a general guidelines, the first rule of optimization for FHE is to find (legitimate) ways of doing less FHE calculations.

  3. 3.

    Linear/Non-linear feeadback shift register.

  4. 4.

    Of course, comparison cannot be done per se in the encrypted domain, so if the \(\mu _i\)’s denotes the bits of the received MAC and the \([\mu '_i]\)’s denote the FHE encryptions of the bits of the (homomorphically) computed one, the cloud has to compute \(\prod _i(1\oplus \mu _i\oplus [\mu '_i])=[b]\).

  5. 5.

    I.e., putting a into x when c is true, b otherwise, can be written has \(x:=ca\oplus (1\oplus c)b\).

  6. 6.

    http://people.eecs.berkeley.edu/alanmi/abc/.

  7. 7.

    A small number of additions and multiplications (only three) per round.

  8. 8.

    LFSR/NFSR update, non linear function application and register shifting (register shifting being almost free).

  9. 9.

    To be fair, these throughputs could be increased to around 2000 bits/min with 600 slots of batching, however with FHE security parameters which are now outdated (due to recent advances in LWE-based systems cryptanalysis); so as an order of magnitude we should expect all the throughputs given in [9] to be divided by around 5. Still, as already stated, batching-based improvements in throughput are not applicable when using TFHE.

References

  1. Ågren, M., Hell, M., Johansson, T., Meier, W.: Grain-128a: a new version of Grain-128 with optional authentication. IJWMC 5, 48–59 (2011)

    Article  Google Scholar 

  2. Albrecht, M., Rechberger, C., Schneider, T., Tiessen, T., Zohner, M.: Ciphers for MPC and FHE. Cryptology ePrint Archive Report 2016/687 (2016). https://eprint.iacr.org/2016/687

  3. Albrecht, M.R., et al.: Feistel structures for MPC, and more. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11736, pp. 151–171. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29962-0_8

    Chapter  Google Scholar 

  4. Albrecht, M.R., Rechberger, C., Schneider, T., Tiessen, T., Zohner, M.: Ciphers for MPC and FHE. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 430–454. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_17

    Chapter  Google Scholar 

  5. Aubry, P., Carpov, S., Sirdey, R.: Faster homomorphic encryption is not enough: improved heuristic for multiplicative depth minimization of Boolean circuits. In: Jarecki, S. (ed.) CT-RSA 2020. LNCS, vol. 12006, pp. 345–363. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-40186-3_15

    Chapter  Google Scholar 

  6. Boudguiga, A., Letailleur, J., Sirdey, R., Klaudel, W.: Enhancing CAN security by means of lightweight stream-ciphers and protocols. In: Romanovsky, A., Troubitsyna, E., Gashi, I., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2019. LNCS, vol. 11699, pp. 235–250. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26250-1_19

    Chapter  Google Scholar 

  7. Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, ITCS 2012, pp. 309–325. Association for Computing Machinery, New York (2012). https://doi.org/10.1145/2090236.2090262

  8. Canteaut, A., et al.: Stream ciphers: a practical solution for efficient homomorphic-ciphertext compression. In: FSE, pp. 313–333 (2016)

    Google Scholar 

  9. Canteaut, A., et al.: Stream ciphers: a practical solution for efficient homomorphic-ciphertext compression. J. Cryptol. 31(3), 885–916 (2018). https://doi.org/10.1007/s00145-017-9273-9

    Article  MathSciNet  MATH  Google Scholar 

  10. Canteaut, A., et al.: Stream ciphers: a practical solution for efficient homomorphic-ciphertext compression. J. Cryptol. 31(3), 885–916 (2018). https://doi.org/10.1007/s00145-017-9273-9. https://hal.inria.fr/hal-01650012

  11. Carpov, S., Aubry, P., Sirdey, R.: A multi-start heuristic for multiplicative depth minimization of Boolean circuits. In: Brankovic, L., Ryan, J., Smyth, W.F. (eds.) IWOCA 2017. LNCS, vol. 10765, pp. 275–286. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78825-8_23

    Chapter  Google Scholar 

  12. Carpov, S., Dubrulle, P., Sirdey, R.: Armadillo: a compilation chain for privacy preserving applications. In: Bao, F., Miller, S., Chow, S.S.M., Yao, D. (eds.) Proceedings of the 3rd International Workshop on Security in Cloud Computing, SCC@ASIACCS 2015, Singapore, Republic of Singapore, 14 April 2015, pp. 13–19. ACM (2015). https://doi.org/10.1145/2732516.2732520

  13. Chillotti, I., Gama, N., Georgieva, M., Izabachène, M.: TFHE: fast fully homomorphic encryption over the torus. Cryptology ePrint Archive Report 2018/421 (2018). https://eprint.iacr.org/2018/421

  14. Cid, C., Indrøy, J.P., Raddum, H.: FASTA - a stream cipher for fast FHE evaluation. Cryptology ePrint Archive Report 2021/1205 (2021). https://ia.cr/2021/1205

  15. De Cannière, C., Preneel, B.: Trivium. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244–266. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68351-3_18

  16. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, STOC 2009, pp. 169–178. ACM, New York (2009). https://doi.org/10.1145/1536414.1536440

  17. Gentry, C., Sahai, A., Waters, B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 75–92. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_5

    Chapter  Google Scholar 

  18. Hell, M., Johansson, T., Maximov, A., Meier, W., Yoshida, H.: Grain-128AEADv2: strengthening the initialization against key reconstruction. Cryptology ePrint Archive Report 2021/751 (2021). https://ia.cr/2021/751

  19. Hoffmann, C., Méaux, P., Ricosset, T.: Transciphering, using FiLIP and TFHE for an efficient delegation of computation. In: Bhargavan, K., Oswald, E., Prabhakaran, M. (eds.) INDOCRYPT 2020. LNCS, vol. 12578, pp. 39–61. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-65277-7_3

    Chapter  Google Scholar 

  20. Hoffmann, C., Méaux, P., Ricosset, T.: Transciphering, using FiLIP and TFHE for an efficient delegation of computation. Cryptology ePrint Archive Report 2020/1373 (2020). https://eprint.iacr.org/2020/1373

  21. Lepoint, T., Naehrig, M.: A comparison of the homomorphic encryption schemes FV and YASHE. In: Pointcheval, D., Vergnaud, D. (eds.) AFRICACRYPT 2014. LNCS, vol. 8469, pp. 318–335. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-06734-6_20

    Chapter  Google Scholar 

  22. Méaux, P., Carlet, C., Journault, A., Standaert, F.-X.: Improved filter permutators for efficient FHE: better instances and implementations. In: Hao, F., Ruj, S., Sen Gupta, S. (eds.) INDOCRYPT 2019. LNCS, vol. 11898, pp. 68–91. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-35423-7_4

    Chapter  Google Scholar 

  23. Méaux, P., Journault, A., Standaert, F.-X., Carlet, C.: Towards stream ciphers for efficient FHE with low-noise ciphertexts. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 311–343. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_13

    Chapter  Google Scholar 

  24. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6) (2009). https://doi.org/10.1145/1568318.1568324

Download references

Author information

Authors and Affiliations

  1. Université Paris-Saclay, CEA-List, Palaiseau, France

    Adda-Akram Bendoukha, Aymen Boudguiga & Renaud Sirdey

Authors
  1. Adda-Akram Bendoukha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aymen Boudguiga
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Renaud Sirdey
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aymen Boudguiga .

Editor information

Editors and Affiliations

  1. University of Montreal, Montreal, QC, Canada

    Esma Aïmeur

  2. Télécom SudParis, Palaiseau, France

    Maryline Laurent

  3. IRT SystemX, Palaiseau, France

    Reda Yaich

  4. University of Montreal, Montreal, QC, Canada

    Benoît Dupont

  5. Télécom SudParis, Palaiseau, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bendoukha, AA., Boudguiga, A., Sirdey, R. (2022). Revisiting Stream-Cipher-Based Homomorphic Transciphering in the TFHE Era. In: Aïmeur, E., Laurent, M., Yaich, R., Dupont, B., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2021. Lecture Notes in Computer Science, vol 13291. Springer, Cham. https://doi.org/10.1007/978-3-031-08147-7_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-08147-7_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-08146-0

  • Online ISBN: 978-3-031-08147-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics