ABSTRACT
This paper proposes a novel collaborative decryption protocol for the Brakerski-Fan-Vercauteren (BFV) homomorphic encryption scheme in a multiparty distributed setting, and puts it to use in designing a leakage-resilient biometric identification solution. Allowing the computation of standard homomorphic operations over encrypted data, our protocol reveals only one least significant bit (LSB) of a scalar/vectorized result resorting to a pool of N parties. By employing additively shared masking, our solution preserves the privacy of all the remaining bits in the result as long as one party remains honest. We formalize the protocol, prove it secure in several adversarial models, implement it on top of the open-source library Lattigo and showcase its applicability as part of a biometric access control scenario.
- Toshinori Araki, Jun Furukawa, Yehuda Lindell, Ariel Nof, and Kazuma Ohara. 2016. High-throughput semi-honest secure three-party computation with an honest majority. In Proceedings of the 2016 ACM SIGSAC CCS Conference. 805--817.Google ScholarDigital Library
- Multiple authors. 2018. Homomorphic Encryption Security Standard. Technical Report. HomomorphicEncryption.org, Toronto, Canada.Google Scholar
- Jean-Claude Bajard, Julien Eynard, M Anwar Hasan, and Vincent Zucca. 2016. A full RNS variant of FV like somewhat homomorphic encryption schemes. In International Conference on Selected Areas in Cryptography. Springer, 423--442.Google Scholar
- Mauro Barni, Tiziano Bianchi, Dario Catalano, Mario Di Raimondo, Ruggero Donida Labati, Pierluigi Failla, Dario Fiore, Riccardo Lazzeretti, Vincenzo Piuri, Alessandro Piva, et al . 2010. A privacy-compliant fingerprint recognition system based on homomorphic encryption and fingercode templates. In 2010 Fourth IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS). IEEE, 1--7.Google ScholarCross Ref
- Carsten Baum, Ivan Damgård, and Claudio Orlandi. 2014. Publicly auditable secure multi-party computation. In International Conference on Security and Cryptography for Networks. Springer, 175--196.Google ScholarCross Ref
- Alexandre Bois, Ignacio Cascudo, Dario Fiore, and Dongwoo Kim. 2021. Flexible and efficient verifiable computation on encrypted data. In IACR International Conference on Public-Key Cryptography. Springer, 528--558.Google ScholarCross Ref
- Dan Boneh, Joseph Bonneau, Benedikt Bünz, and Ben Fisch. 2018. Verifiable delay functions. In Annual international cryptology conference. Springer, 757--788.Google Scholar
- Joseph Bonneau, Jeremy Clark, and Steven Goldfeder. 2015. On bitcoin as a public randomness source. Cryptology ePrint Archive (2015).Google Scholar
- Elette Boyle, Niv Gilboa, and Yuval Ishai. 2015. Function secret sharing. In EUROCRYPT. Springer, 337--367.Google Scholar
- Zvika Brakerski. 2012. Fully Homomorphic Encryption without Modulus Switching from Classical GapSVP. In Advances in Cryptology -- CRYPTO 2012. Springer Berlin Heidelberg, 868--886. https://doi.org/10.1007/978--3--642--32009--5_50Google ScholarCross Ref
- Centers for Medicare & Medicaid. 1996. The Health Insurance Portability and Accountability Act of 1996 (HIPAA). Online at http://www.cms.hhs.gov/hipaa/.Google Scholar
- Jung Hee Cheon, Andrey Kim, Miran Kim, and Yongsoo Song. 2017. Homomorphic Encryption for Arithmetic of Approximate Numbers. In Advances in Cryptology -- ASIACRYPT 2017. Springer International Publishing, 409--437. https://doi.org/10.1007/978--3--319--70694--8_15Google ScholarCross Ref
- Ilaria Chillotti, Nicolas Gama, Mariya Georgieva, and Malika Izabachène. 2020. TFHE: Fast Fully Homomorphic Encryption Over the Torus. Journal of Cryptology. The Journal of the International Association for Cryptologic Research 33, 1 (1 Jan. 2020), 34--91. https://doi.org/10.1007/s00145-019-09319-xGoogle ScholarDigital Library
- Edward J Chou, Arun Gururajan, Kim Laine, Nitin Kumar Goel, Anna Bertiger, and Jack W Stokes. 2020. Privacy-preserving phishing web page classification via fully homomorphic encryption. In ICASSP 2020--2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). IEEE, 2792--2796.Google ScholarCross Ref
- Jeremy Clark and Urs Hengartner. 2010. On the use of financial data as a random beacon. In 2010 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (EVT/WOTE 10).Google Scholar
- European Commission. [n.d.]. 2018 reform of EU data protection rules. https://gdpr-info.eu/Google Scholar
- Ivan Damgård, Valerio Pastro, Nigel Smart, and Sarah Zakarias. 2012. Multiparty computation from somewhat homomorphic encryption. In Annual Cryptology Conference. Springer, 643--662.Google ScholarDigital Library
- Pawel Drozdowski, Nicolas Buchmann, Christian Rathgeb, Marian Margraf, and Christoph Busch. 2019. On the application of homomorphic encryption to face identification. In 2019 International Conference of the Biometrics Special Interest Group (BIOSIG). IEEE, 1--5.Google Scholar
- Keita Emura. 2021. On the Security of Keyed-Homomorphic PKE: Preventing Key Recovery Attacks and Ciphertext Validity Attacks. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences 104, 1 (2021), 310--314.Google ScholarCross Ref
- EPFL-LDS. 2022. Lattigo v2.4.0. Online: https://github.com/ldsec/lattigo.Google Scholar
- Diana-Elena Falamas, Kinga Marton, and Alin Suciu. 2021. Assessment of Two Privacy Preserving Authentication Methods Using Secure Multiparty Computation Based on Secret Sharing. Symmetry 13, 5 (2021), 894.Google ScholarCross Ref
- J Fan and F Vercauteren. 2012. Somewhat Practical Fully Homomorphic Encryption. IACR Cryptology ePrint Archive (2012). https://eprint.iacr.org/2012/144Google Scholar
- Craig Gentry et al . 2009. A fully homomorphic encryption scheme. Vol. 20. Stanford.Google Scholar
- Oded Goldreich. 2009. Foundations of cryptography: volume 2, basic applications. Cambridge university press.Google ScholarDigital Library
- Marta Gomez-Barrero, Emanuele Maiorana, Javier Galbally, Patrizio Campisi, and Julian Fierrez. 2017. Multi-biometric template protection based on homomorphic encryption. Pattern Recognition 67 (2017), 149--163.Google ScholarDigital Library
- Shai Halevi and Victor Shoup. 2020. Design and implementation of HElib: a homomorphic encryption library. Cryptology ePrint Archive, Report 2020/1481. https://eprint.iacr.org/2020/1481Google Scholar
- Alberto Ibarrondo, Hervé Chabanne, and Melek Önen. 2021. Practical Privacy-Preserving Face Identification based on Function-Hiding Functional Encryption. In International Conference on Cryptology and Network Security. Springer, 63--71.Google ScholarDigital Library
- Ilia Iliashenko and Vincent Zucca. 2021. Faster homomorphic comparison operations for BGV and BFV. Proceedings on Privacy Enhancing Technologies 2021, 3 (2021), 246--264.Google ScholarCross Ref
- Yuval Ishai, Eyal Kushilevitz, Sigurd Meldgaard, Claudio Orlandi, and Anat Paskin-Cherniavsky. 2013. On the power of correlated randomness in secure computation. In Theory of Cryptography Conference. Springer, 600--620.Google ScholarDigital Library
- Yehuda Lindell. 2017. How to simulate it--a tutorial on the simulation proof technique. Tutorials on the Foundations of Cryptography (2017), 277--346.Google Scholar
- Jake Loftus, Alexander May, Nigel P Smart, and Frederik Vercauteren. 2011. On CCA-secure somewhat homomorphic encryption. In International Workshop on Selected Areas in Cryptography. Springer, 55--72.Google Scholar
- Adriana López-Alt, Eran Tromer, and Vinod Vaikuntanathan. 2012. On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In Proceedings of the forty-fourth annual ACM symposium on Theory of computing. 1219--1234.Google ScholarDigital Library
- Qian Lou and Lei Jiang. 2021. HEMET: A Homomorphic-Encryption-Friendly Privacy-Preserving Mobile Neural Network Architecture. In International Conference on Machine Learning. PMLR, 7102--7110.Google Scholar
- Ying Luo, S Cheung Sen-ching, and Shuiming Ye. 2009. Anonymous biometric access control based on homomorphic encryption. In 2009 IEEE International Conference on Multimedia and Expo. IEEE, 1046--1049.Google ScholarCross Ref
- Vadim Lyubashevsky, Chris Peikert, and Oded Regev. 2010. On ideal lattices and learning with errors over rings. In Annual international conference on the theory and applications of cryptographic techniques. Springer, 1--23.Google ScholarDigital Library
- Christian Mouchet, Juan Troncoso-Pastoriza, Jean-Philippe Bossuat, and Jean-Pierre Hubaux. 2020. Multiparty homomorphic encryption from ring-learning-with-errors. Cryptology ePrint Archive (2020).Google Scholar
- Tobias Oder, Tobias Schneider, Thomas Pöppelmann, and Tim Güneysu. 2016. Practical CCA2-secure and masked ring-LWE implementation. Cryptology ePrint Archive (2016).Google Scholar
- Pascal Paillier. 1999. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In Advances in Cryptology - EUROCRYPT '99. Springer Berlin Heidelberg, 223--238. https://doi.org/10.1007/3--540--48910-X_16Google Scholar
- Nicolas Papernot, Patrick McDaniel, Ian Goodfellow, Somesh Jha, Z Berkay Celik, and Ananthram Swami. 2017. Practical black-box attacks against machine learning. In Proceedings of the 2017 ACM on Asia conference on computer and communications security. 506--519.Google ScholarDigital Library
- Zhiniang Peng. 2019. Danger of using fully homomorphic encryption: A look at microsoft SEAL. arXiv preprint arXiv:1906.07127 (2019).Google Scholar
- Yuriy Polyakov, Kurt Rohloff, and Gerard W Ryan. 2017. PALISADE lattice cryptography library user manual. Technical Report. NJIT. https://git.njit.edu/palisade/PALISADE/wikis/resources/palisade_manual.pdfGoogle Scholar
- Oded Regev. 2005. On Lattices, Learning with Errors, Random Linear Codes, and Cryptography. In In STOC. ACM Press, 84--93.Google Scholar
- Oscar Reparaz, Ruan de Clercq, Sujoy Sinha Roy, Frederik Vercauteren, and Ingrid Verbauwhede. 2016. Additively homomorphic ring-LWE masking. In Post-Quantum Cryptography. Springer, 233--244.Google Scholar
- Oscar Reparaz, Sujoy Sinha Roy, Ruan De Clercq, Frederik Vercauteren, and Ingrid Verbauwhede. 2016. Masking ring-LWE. Journal of Cryptographic Engineering 6, 2 (2016), 139--153.Google ScholarCross Ref
- Ronald L Rivest, Len Adleman, and Michael L Dertouzos. 1978. On Data Banks and Privacy Homomorphisms. Foundations of secure computation 4, 11 (1978), 169--180. https://people.csail.mit.edu/rivest/RivestAdlemanDertouzos-OnDataBanksAndPrivacyHomomorphisms.pdfGoogle Scholar
- R L Rivest, A Shamir, and L Adleman. 1978. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 2 (1 Feb. 1978), 120--126. https://doi.org/10.1145/359340.359342Google ScholarDigital Library
- Zhang Rui and Zheng Yan. 2018. A survey on biometric authentication: Toward secure and privacy-preserving identification. IEEE access 7 (2018), 5994--6009.Google Scholar
- SEAL 2020. Microsoft SEAL (release 3.6). https://github.com/Microsoft/SEAL. Microsoft Research, Redmond, WA.Google Scholar
- Adi Shamir. 1979. How to share a secret. Comm. of the ACM 22, 11 (1979), 612--613.Google ScholarDigital Library
- Reza Shokri, Marco Stronati, Congzheng Song, and Vitaly Shmatikov. 2017. Membership inference attacks against machine learning models. In 2017 IEEE symposium on security and privacy (SP). IEEE, 3--18.Google ScholarCross Ref
- Nigel P Smart and Frederik Vercauteren. 2014. Fully homomorphic SIMD operations. Designs, codes and cryptography 71, 1 (2014), 57--81.Google Scholar
- Hiroto Tamiya, Toshiyuki Isshiki, Kengo Mori, Satoshi Obana, and Tetsushi Ohki. 2021. Improved Post-quantum-secure Face Template Protection System Based on Packed Homomorphic Encryption. In 2021 International Conference of the Biometrics Special Interest Group (BIOSIG). IEEE, 1--5.Google Scholar
- Florian Tramèr, Fan Zhang, Ari Juels, Michael K Reiter, and Thomas Ristenpart. 2016. Stealing machine learning models via prediction apis. In 25th {USENIX} Security Symposium ({USENIX} Security 16). 601--618.Google Scholar
- Paulo Vitorino, Sandra Avila, Mauricio Perez, and Anderson Rocha. 2018. Leveraging deep neural networks to fight child pornography in the age of social media. Journal of Visual Communication and Image Representation 50 (2018), 303--313.Google ScholarDigital Library
- Andrew Chi-Chih Yao. 1986. How to generate and exchange secrets. In 27th Annual Symposium on Foundations of Computer Science (sfcs 1986). IEEE, 162--167.Google Scholar
- Masaya Yasuda, Takeshi Shimoyama, Jun Kogure, Kazuhiro Yokoyama, and Takeshi Koshiba. 2013. Packed homomorphic encryption based on ideal lattices and its application to biometrics. In International Conference on Availability, Reliability, and Security. Springer, 55--74.Google ScholarCross Ref
Index Terms
- Colmade: Collaborative Masking in Auditable Decryption for BFV-based Homomorphic Encryption
Recommendations
Poster: Efficient AES-GCM Decryption Under Homomorphic Encryption
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityComputation delegation to untrusted third-party while maintaining data confidentiality is possible with homomorphic encryption (HE). However, in many cases, the data was encrypted using another cryptographic scheme such as AES-GCM. Hybrid encryption (...
Bootstrappable Identity-Based Fully Homomorphic Encryption
Proceedings of the 13th International Conference on Cryptology and Network Security - Volume 8813It has been an open problem for a number of years to construct an identity-based fully homomorphic encryption IBFHE scheme first mentioned by Naccache at CHES/CRYPTO 2010. At CRYPTO 2013, Gentry, Sahai and Waters largely settled the problem by ...
Publicly Auditable Functional Encryption
Applied Cryptography and Network SecurityAbstractWe introduce the notion of publicly auditable functional encryption (PAFE). Compared to standard functional encryption, PAFE operates in an extended setting that includes an entity called auditor, besides key-generating authority, encryptor, and ...
Comments