Homomorphic Comparison for Point Numbers with User-Controllable Precision and Its Applications
Abstract
:1. Introduction
1.1. Contributions
- Controllable precision. A key observation by Chung and Kim [9] is that when real numbers are expressed as a continued fraction (CF), partial quotients consisting of their CF representation can be taken as small integers (e.g., ). Thus, encoding point numbers as CFs enables depth-efficient, real-valued computation, even with a small plaintext space. Our new observation is that CF representation allows users and servers to adjust the precision of point-number computation by controlling the number of partial quotients rather than by configuring the FHE parameters. Moreover, it is well known that a CF is the best approximation of a real number among all rational numbers with the same or smaller denominators. In practice, separating precision from the parameter setup may be beneficial because it is more convenient for the user and the design is more modular. We make use of this observation in depth-efficient homomorphic comparisons, including equality and greater-than, to obtain such benefits.
- Depth-efficient homomorphic comparisons of point numbers. We present three homomorphic comparison protocols—equality, less-than, and greater-than—that efficiently compare the encryption of two CF-encoded point numbers reporting an encrypted result. The key idea is that if two real numbers are the same, their CF representation will be the same; in essence, the equality test for two numbers in CF form is the same as that of the numbers in decimal form. Our equality test thus requires a multiplicative depth of , where is the bit length of the partial quotients and n is the number of partial quotients. Similarly, we devise less-than and greater-than algorithms by comparing two partial quotients at the same position from left to right. These algorithms also have multiplicative depths of . Our results imply that the CF encoding of point numbers is much more suitable for homomorphic comparisons than for homomorphic computations, since comparison algorithms do not require heavy computation. Indeed, CF-based homomorphic computations need to run Gosper’s algorithm, which involves modular arithmetic over FHE encryptions. See ([9] §3.1) for details.)
1.2. High-Level Sketch of Our Approach
1.3. Applications
1.4. Closely Related Work
2. Definitions and Cryptographic Tools
2.1. System Model
2.2. Fully Homomorphic Encryption
- Key generation.
- This algorithm takes the security parameter and outputs a public encryption key , a public evaluation key , and a secret decryption key . We write the algorithm as and assume that the public key specifies the plaintext space and the ciphertext space .
- Encryption.
- The algorithm takes the public key and a message and outputs a ciphertext .
- Decryption.
- The algorithm takes the secret key and a ciphertext c and outputs a message .
- Homomorphic evaluation.
- This algorithm takes the evaluation key , a function , and a set of n ciphertexts , and outputs a ciphertext , denoted by
2.3. Security Model
2.4. Homomorphic Comparison of Integers
2.4.1. Equality
2.4.2. Greater-Than and Less-Than
3. Rationale of CF Encoding
3.1. Definitions
- is called a partial quotient of X for each i.
- A CF X is finite if the number of partial quotients of some X is finite.
3.2. Some Properties
4. Homomorphic Comparison between FHE-Encrypted Point Numbers
4.1. Comparisons of Two CF-Encoded Point Numbers in the Clear
4.1.1. When
4.1.2. When
Algorithm 1: Comparing two continued fractions in the clear | |
Input. and | |
Output. The result of the comparison of X and Y | |
1: Find k such that k is the smallest index for which | |
2: if then | |
3: Set | |
4: if then | |
5: return | |
6: else | |
7: return | |
8: else | |
9: if then | |
10: return | |
11: else if then | |
12: if n is odd then | |
13: return | |
14: else | ▹n is even |
15: return | |
16: else | |
17: if m is odd then | |
18: return | |
19: else | ▹m is even |
20: return |
4.2. Our Homomorphic Comparisons over FHE Encryptions
4.2.1. Equality Tests
- (The first round.) A user sends two FHE encryptions to a server.
- (The second round.) The server responds to the user by sending the result of homomorphically evaluating at the two FHE encryptions and .
4.2.2. Greater-Than and Less-Than Tests
- A user sends two FHE encryptions to a server.
- The server responds to the user by sending the result of homomorphically evaluating (reps. ) for the two FHE encryptions and .
4.3. Efficiency
4.4. Security
5. Applications
5.1. Sorting on Encrypted Databases
5.2. Database Queries on Encrypted Databases
- What are the names of all patients whose preprandial plasma glucose levels were above 11.3450098875 mmol/L?
- What is the average age of female patients whose postprandial plasma glucose is below 13.10134111097 mmol/L?
6. Summary of Results
Author Contributions
Funding
Acknowledgments
Conflicts of Interest
References
- Yao, A.C. How to generate and exchange secrets (extended abstract). In Proceedings of the 27th Annual Symposium on Foundations of Computer Science (SFCS 1986), Toronto, ON, Canada, 27–29 October 1986; pp. 162–167. [Google Scholar]
- Fouque, P.; Stern, J.; Wackers, J. CryptoComputing with rationals. In Financial Cryptography, Proceedings of the 6th International Conference, Bermuda, March, 11–14 March 2002; Springer: Berlin/Heidelberg, Germany, 2002; pp. 136–146. [Google Scholar]
- Catrina, O.; Saxena, A. Secure computation with fixed-point numbers. In Financial Cryptography and Data Security, Proceedings of the 14th International Conference, Tenerife, Canary Islands, 25–28 January 2010; Springer: Berlin/Heidelberg, Germany, 2010; pp. 35–50. [Google Scholar]
- Aliasgari, M.; Blanton, M.; Zhang, Y.; Steele, A. Secure computation on floating point numbers. In Proceedings of the NDSS Symposium 2013, San Diego, CA, USA, 24–27 February 2013. [Google Scholar]
- Dimitrov, V.; Kerik, L.; Krips, T.; Randmets, J.; Willemson, J. Alternative implementations of secure real numbers. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016; pp. 553–564. [Google Scholar]
- Ayday, E.; Raisaro, J.L.; McLaren, P.; Fellay, J.; Hubaux, J. Privacy-Preserving Computation of Disease Risk by Using Genomic, Clinical, and Environmental Data; Usenix HealthTech: Washington, DC, USA, 2013. [Google Scholar]
- Kamm, L.; Willemson, J. Secure floating point arithmetic and private satellite collision analysis. Int. J. Inf. Sec. 2015, 14, 531–548. [Google Scholar] [CrossRef] [Green Version]
- Archer, D.W.; Bogdanov, D.; Pinkas, B.; Pullonen, P. Maturity and performance of programmable secure computation. IEEE Secur. Priv. 2016, 14, 48–56. [Google Scholar] [CrossRef]
- Chung, H.; Kim, M. Encoding of rational numbers and their homomorphic computations for FHE-based applications. Int. J. Found. Comput. Sci. 2018, 29, 1023–1044. [Google Scholar] [CrossRef]
- Bogetoft, P.; Damgård, I.; Jakobsen, T.P.; Nielsen, K.; Pagter, J.; Toft, T. A practical implementation of secure auctions based on multiparty integer computation. In Proceedings of the International Conference on Financial Cryptography and Data Security, Anguilla, UK, 27 February–2 March 2006; pp. 142–147. [Google Scholar]
- Jha, S.; Kruger, L.; Shmatikov, V. Towards practical privacy for genomic computation. In Proceedings of the 2008 IEEE Symposium on Security and Privacy (sp 2008) 2008, Oakland, CA, USA, 18–22 May 2008; pp. 216–230. [Google Scholar]
- Burkhart, M.; Dimitropoulos, X. Fast privacy-preserving top-k queries using secret sharing. In Proceedings of the International Conference on Computer Communications and Networks, Zurich, Switzerland, 2–5 August 2010; pp. 1–7. [Google Scholar]
- Many, D. Privacy-Preserving Collaboration in Network Security. Master’s Thesis, ETH Zürich, Zürich, Switzerland, 2009. [Google Scholar]
- Huang, Y.; Evans, D.; Katz, J. Private set intersection: Are garbled circuits better than custom protocols? In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, San Diego, CA, USA, 5–8 February 2012. [Google Scholar]
- Chatterjee, A.; Kaushal, M.; Sengupta, I. Accelerating sorting of fully homomorphic encrypted data. In Progress in Cryptology—INDOCRYPT, Proceedings of the 14th International Conference on Cryptology in India, Mumbai, India, 7–10 December 2013; Springer: Berlin/Heidelberg, Germany, 2013; pp. 262–273. [Google Scholar]
- Çetin, G.S.; Doröz, Y.; Sunar, B.; Savas, E. Depth optimized efficient homomorphic sorting. In Progress in Cryptology—LATINCRYPT; Springer: Cham, Switzerland, 2015; pp. 61–80. [Google Scholar]
- Bost, R.; Ada Popa, R.; Tu, S.; Goldwasser, S. Machine learning classification over encrypted data. In Proceedings of the NDSS Symposium 2015, San Diego, CA, USA, 8–11 February 2015. [Google Scholar]
- Wu, D.; Feng, T.; Naehrig, M.; Lauter, K. Privately evaluating decision trees and random forests. PoPETs 2016, 2016, 335–355. [Google Scholar] [CrossRef] [Green Version]
- Rahulamathavan, Y.; Phan, R.C.; Veluru, S.; Cumanan, K.; Rajarajan, M. Privacy-preserving multi-class support vector machine for outsourcing the data classification in cloud. IEEE Trans. Dependable Sec. Comput. 2014, 11, 467–479. [Google Scholar] [CrossRef] [Green Version]
- Erkin, Z.; Veugen, T.; Toft, T.; Lagendijk, R. Generating private recommendations efficiently using homomorphic encryption and data packing. IEEE Trans. Inf. Forensics Secur. 2012, 7, 1053–1066. [Google Scholar] [CrossRef]
- Kim, H.I.; Choi, M.; Kim, H.J.; Chang, J.W. A secure range query processing algorithm for the encrypted database on the cloud. In Advanced Multimedia and Ubiquitous Engineering; Springer: Singapore, 2016; pp. 101–110. [Google Scholar]
- Catrina, O.; de Hoogh, S. Secure multiparty linear programming using fixed-point arithmetic. In Proceedings of the ESORICS, Athens, Greece, 20–22 September 2010; pp. 134–150. [Google Scholar]
- Kerschbaum, F.; Schröpfer, A.; Zilli, A.; Pibernik, R.; Catrina, O.; de Hoogh, S.; Schoenmakers, B.; Cimato, S.; Damiani, E. Secure collaborative supply-chain management. IEEE Comput. 2011, 44, 38–43. [Google Scholar] [CrossRef] [Green Version]
- Piva, A.; Katzenbeisser, S. Signal processing in the encrypted domain. EURASIP J. Inf. Secur. 2007, 2007, 082790. [Google Scholar] [CrossRef]
- Franz, M.; Katzenbeisser, S. processing encrypted floating point signal. In Proceedings of the thirteenth ACM multimedia workshop on Multimedia and Security, Buffalo, NY, USA, 29–30 September 2011; pp. 103–108. [Google Scholar]
- Paillier, P. Public-key cryptosystems based on composite degree residuosity classes. In Advances in Cryptology—EUROCRYPT; Springer: Berlin/Heidelberg, Germany, 1999; pp. 223–238. [Google Scholar]
- Jäschke, A.; Armknecht, F. Accelerating homomorphic computations on rational numbers. In Proceedings of the ACNS, London, UK, 19–22 June 2016; Springer: Cham, Switzerland, 2016; pp. 405–423. [Google Scholar]
- Costache, A.; Smart, N.; Vivek, V.; Waller, A. Fixed point arithmetic in SHE scheme. In Proceedings of the 23rd International Conference, St. John’s, NL, Canada, 10–12 August 2016; Volume 250. [Google Scholar]
- Bonte, C.; Bootland, C.; Bos, J.W.; Castryck, W.; Iliashenko, I.; Vercauteren, F. Faster homomorphic function evaluation using non-integral base encoding. In Cryptographic Hardware and Embedded Systems; Springer: Cham, Switzerland, 2017; pp. 579–600. [Google Scholar]
- Chen, H.; Laine, K.; Player, R.; Xia, Y. High-precision arithmetic in homomorphic encryption. In Proceedings of the Cryptographers’ Track at the RSA Conference, San Francisco, CA, USA, 16–20 April 2018; Springer: Cham, Switzerland, 2018; pp. 116–136. [Google Scholar]
- Cheon, J.H.; Kim, A.; Kim, M.; Song, Y.S. Homomorphic encryption for arithmetic of approximate numbers. In Advances in Cryptology—ASIACRYPT; Springer: Cham, Switzerland, 2017; pp. 409–437. [Google Scholar]
- Cheon, J.H.; Kim, D.; Kim, D.; Lee, H.; Lee, K. Numerical method for comparison on homomorphically encrypted numbers. In Advances in Cryptology—ASIACRYPT; Springer: Cham, Switzerland, 2019; pp. 415–445. [Google Scholar]
- Microsoft. SEAL: Simple Encrypted Arithmetic Library. 2014. Available online: https://www.microsoft.com/en-us/research/project/simpleencrypted-arithmetic-library/ (accessed on 2 February 2019).
- Togan, M.; Plesca, C. Comparison-based computations over fully homomorphic encrypted data. In Proceedings of the International Conference on Communications, Bangkok, Thailand, 10–12 October 2014; pp. 1–6. [Google Scholar]
- Gentry, C. Fully homomorphic encryption using ideal lattices. In Proceedings of the Annual ACM Symposium on Theory of Computing, Bethesda, MD, USA, 31 May–2 June 2009; pp. 169–178. [Google Scholar]
- Coron, J.; Mandal, A.; Naccache, D.; Tibouchi, M. Fully homomorphic encryption over the integers with shorter public keys. In Advances in Cryptology—CRYPTO, Proceedings of the 31st Annual Cryptology Conference, Santa Barbara, CA, USA, 14–18 August 2011; Springer: Berlin/Heidelberg, Germany, 2011; pp. 487–504. [Google Scholar]
- Ducas, L.; Micciancio, D. FHEW: Bootstrapping homomorphic encryption in less than a second. In Advances in Cryptology—EUROCRYPT, Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, 26–30 April 2015; Springer: Berlin/Heidelberg, Germany, 2015; pp. 617–640. [Google Scholar]
- Van Dijk, M.; Gentry, C.; Halevi, S.; Vaikuntanathan, V. Fully homomorphic encryption over the integers. In Advances in Cryptology—EUROCRYPT, Proceedings of the Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco and Nice, France, 30 May–3 June 2010; Springer: Berlin/Heidelberg, Germany, 2010; pp. 24–43. [Google Scholar]
- Brakerski, Z.; Vaikuntanathan, V. Fully homomorphic encryption from Ring-LWE and security for key dependent messages. In Advances in Cryptology—CRYPTO, Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, 15–19 May 2011; Springer: Berlin/Heidelberg, Germany, 2011; pp. 505–524. [Google Scholar]
- Brakerski, Z.; Gentry, C.; Vaikuntanathan, V. (Leveled) fully homomorphic encryption without bootstrapping. In Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, New York, NY, USA, 8–10 January 2012; pp. 309–325. [Google Scholar]
- Bos, J.W.; Lauter, K.E.; Loftus, J.; Naehrig, M. Improved security for a ring-based fully homomorphic encryption scheme. In IMA International Conference on Cryptography and Coding; Springer: Berlin/Heidelberg, Germany, 2013; pp. 45–64. [Google Scholar]
- Goldwasser, S.; Micali, S. Probabilistic encryption. J. Comput. Syst. Sci. 1984, 28, 270–299. [Google Scholar] [CrossRef] [Green Version]
- Goldreich, O. Foundations of Cryptography-Volume II Basic Applications; Cambridge University Press: Cambridge, UK, 2004. [Google Scholar]
- Cheon, J.H.; Kim, M.; Kim, M. Optimized search-and-compute circuits and their application to query evaluation on encrypted data. IEEE Trans. Inf. Forensics Secur. 2016, 11, 188–199. [Google Scholar] [CrossRef]
- Kim, M.; Lee, H.T.; Ling, S.; Wang, H. On the efficiency of FHE-based private queries. IEEE Trans. Dependable Sec. Comput. 2018, 15, 357–363. [Google Scholar] [CrossRef]
- Kim, M.; Lee, H.T.; Ling, S.; Ren, S.Q.; Tan, B.H.M.; Wang, H. Search condition-hiding query evaluation on encrypted databases. IEEE Access 2019, 7, 161283–161295. [Google Scholar] [CrossRef]
- Gentry, C.; Halevi, S.; Smart, N. Fully homomorphic encryption with polylog overhead. In Advances in Cryptology—EUROCRYPT; Springer: Berlin/Heidelberg, Germany, 2012; pp. 465–482. [Google Scholar]
- Smart, N.P.; Vercauteren, F. Fully homomorphic SIMD operations. Des. Codes Cryptogr. 2014, 71, 57–81. [Google Scholar] [CrossRef] [Green Version]
- Hardy, G.; Wright, E. An Introduction to the Theory of Numbers; Clarendon Press: Oxford, UK, 1979. [Google Scholar]
- Graepel, T.; Lauter, K.; Naehrig, M. ML confidential: Machine learning on encrypted data. In Proceedings of the International Conference on Information Security and Cryptology, Seoul, Korea, 27–29 November 2013; Springer: Berlin/Heidelberg, Germany, 2013; pp. 1–21. [Google Scholar]
- Shoup, V. NTL: A Library for Doing Number Theory Version 11.3.2. 2018. Available online: http://www.shoup.net/ntl/ (accessed on 2 February 2019).
- Halevi, S.; Shoup, V. HElib: Software Library for Homomorphic Encryption. 2018. Available online: http://github.com/shaih/HElib.git (accessed on 2 February 2019).
- OpenMP Architecture Review Board. OpenMP Application Program Interface Version 3.0, 2018. Available online: http://www.openmp.org/mp-documents/spec30.pdf (accessed on 2 February 2019).
- Agrawal, R.; Asonov, D.; Srikant, R. Enabling sovereign information sharing using web services. In Proceedings of the 2004 ACM SIGMOD international conference on Management of data, Paris, France, 13–18 June 2004; pp. 873–877. [Google Scholar]
- Boneh, D.; Lewi, K.; Raykova, M.; Sahai, A.; Zhandry, M.; Zimmerman, J. Semantically secure order-revealing encryption: Multi-input functional encryption without obfuscation. In Advances in Cryptology—EUROCRYPT, Proceedings of the 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, 26–30 April 2015. [Google Scholar]
- Chenette, N.; Lewi, K.; Weis, S.A.; Wu, D.J. Practical order-revealing encryption with limited leakage. In Fast Software Encryption; Springer: Berlin/Heidelberg, Germany, 2016; pp. 474–493. [Google Scholar]
- Lewi, K.; Wu, D.J. Order-revealing encryption: New constructions, applications, and lower bounds. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016; pp. 1167–1178. [Google Scholar]
- Durak, F.B.; DuBuisson, T.M.; Cash, D. What else is revealed by order-revealing encryption? In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016; pp. 1155–1166. [Google Scholar]
- Song, D.X.; Wagner, D.; Perrig, A. Practical techniques for searches on encrypted data. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 14–17 May 2000; pp. 44–55. [Google Scholar]
- Boneh, D.; Gentry, C.; Halevi, S.; Wang, F.; Wu, D.J. Private database queries using somewhat homomorphic encryption. In Applied Cryptography and Network Security; Springer: Berlin/Heidelberg, Germany, 2013; pp. 102–118. [Google Scholar]
- Cheon, J.H.; Kim, M.; Kim, M. Search-and-compute on encrypted data. In Proceeding of the 2000 International Conference on Financial Cryptography and Data Security, San Juan, Puerto Rico, 26–30 January 2015; pp. 1–18. [Google Scholar]
- Gosper, R. Continued fraction arithmetic. In HAKMEM Item 101B, MIT Artificial Intelligence Memo 239; The MIT Press: Cambridge, MA, USA, 1977. [Google Scholar]
Approach | Encoding Method | Operations | Logic Function Representation | Error in Comparison | Multiplicative Depth | Precision Control |
---|---|---|---|---|---|---|
[27] | Fixed-point | >, <, = | Boolean circuit | 0 | × | |
[32] | Fixed-point | max, min, = | Polynomial approximation | , | × | |
[34] | Fixed-point | max, min, = | Boolean circuit | 0 | × | |
Our work | CF | Boolean circuit | 0 | ◯ |
Algorithms | Measures | Values |
---|---|---|
Plaintext space | ||
# of Ciphertexts | n | |
Multiplicative depth | ||
Plaintext space | ||
# of Ciphertexts | n | |
Multiplicative depth |
n | ℓ | k | Equality Test | Comparison Test | ||
---|---|---|---|---|---|---|
Ours | Decimal | Ours | Decimal | |||
3 | 3 | 5 | 0.686 | 0.884 | ||
10 | 0.361 | 0.777 | 2.108 | 2.050 | ||
20 | 1.311 | 5.119 | ||||
5 | 5 | 0.652 | 0.888 | |||
10 | 0.679 | 0.707 | 2.223 | 2.095 | ||
20 | 1.354 | 5.222 | ||||
7 | 5 | 0.577 | 0.884 | |||
10 | 0.717 | 0.719 | 2.227 | 2.116 | ||
20 | 1.251 | 5.289 | ||||
5 | 3 | 5 | 0.671 | 0.920 | ||
10 | 0.440 | 0.720 | 2.142 | 2.163 | ||
20 | 1.310 | 5.173 | ||||
5 | 5 | 0.657 | 0.942 | |||
10 | 0.759 | 0.748 | 4.155 | 2.075 | ||
20 | 1.330 | 5.268 | ||||
7 | 5 | 0.634 | 0.946 | |||
10 | 0.768 | 0.748 | 4.248 | 2.076 | ||
20 | 1.298 | 5.268 | ||||
7 | 3 | 5 | 0.631 | 0.867 | ||
10 | 0.488 | 0.704 | 2.389 | 2.109 | ||
20 | 1.330 | 5.266 | ||||
5 | 5 | 0.639 | 0.934 | |||
10 | 0.854 | 0.759 | 4.366 | 2.038 | ||
20 | 1.323 | 5.254 | ||||
7 | 5 | 0.688 | 0.836 | |||
10 | 0.927 | 0.811 | 4.554 | 2.163 | ||
20 | 1.334 | 5.430 |
© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Chung, H.; Kim, M.; Badawi, A.A.; Aung, K.M.M.; Veeravalli, B. Homomorphic Comparison for Point Numbers with User-Controllable Precision and Its Applications. Symmetry 2020, 12, 788. https://doi.org/10.3390/sym12050788
Chung H, Kim M, Badawi AA, Aung KMM, Veeravalli B. Homomorphic Comparison for Point Numbers with User-Controllable Precision and Its Applications. Symmetry. 2020; 12(5):788. https://doi.org/10.3390/sym12050788
Chicago/Turabian StyleChung, Heewon, Myungsun Kim, Ahmad Al Badawi, Khin Mi Mi Aung, and Bharadwaj Veeravalli. 2020. "Homomorphic Comparison for Point Numbers with User-Controllable Precision and Its Applications" Symmetry 12, no. 5: 788. https://doi.org/10.3390/sym12050788
APA StyleChung, H., Kim, M., Badawi, A. A., Aung, K. M. M., & Veeravalli, B. (2020). Homomorphic Comparison for Point Numbers with User-Controllable Precision and Its Applications. Symmetry, 12(5), 788. https://doi.org/10.3390/sym12050788