Search Results (24)

We propose a new framework for compile-time ciphertext synthesis in fully homomorphic encryption (FHE) systems. Instead of invoking encryption algorithms at runtime, our method synthesizes ciphertexts from precomputed encrypted basis vectors using only homomorphic additions, scalar multiplications, and randomized encryptions of zero. This decouples ciphertext generation from encryption and enables efficient batch encoding through algebraic reuse. We formalize this technique as a randomized module morphism and prove that it satisfies IND-CPA security. Our proof uses a hybrid game framework that interpolates between encrypted vector instances and reduces the adversarial advantage to the indistinguishability advantage of the underlying FHE scheme. This reduction structure captures the security implications of ciphertext basis reuse and structured noise injection. The proposed synthesis primitive supports fast, encryption-free ingestion in outsourced database systems and other high-throughput FHE pipelines. It is compatible with standard FHE APIs and preserves layout semantics for downstream homomorphic operations. Full article

Homomorphic encryption is an important means for cloud computing to ensure information security when outsourcing data. Among them, threshold fully homomorphic encryption (ThFHE) is a key enabler for homomorphic encryption and, from a wider perspective, secure distributed computing. However, current ThFHE schemes are unsatisfactory in terms of security and efficiency. In this paper, a novel ThFHE is proposed for the first time based on an NTRU-based GSW-like scheme of symmetric encryption—Th-S-NGS scheme. Additionally, the threshold structure is realized by combining an extended version of the linear integer secret sharing scheme such that the scheme requires a predetermined number of parties to be online, rather than all the parties being online. The Th-S-NGS scheme is not only more attractive in terms of ciphertext size and computation time for homomorphic multiplication, but also does not need re-linearization after homomorphic multiplication, and thus does not require the computing key, which can effectively reduce the communication burden in the scheme and thus simplify the complexity of the scheme. Full article

The proliferation of Internet of Things (IoT) devices and their vulnerability to malware infections pose critical security challenges in IoT networks and multi-access edge computing (MEC). Traditional federated learning-based IoT malware detection (FL-IMD) methods face limitations in privacy, reliability, and client authentication, necessitating innovative solutions. This study proposes a reliable and privacy-preserving federated learning framework (RPFL) that integrates elliptic curve digital signature algorithm (ECDSA), homomorphic encryption and blockchain technology to enhance privacy, reliability, and client verification in FL-IMD. To address challenges with fully homomorphic encryption (FHE), particularly its reliance on an external aggregator, we introduce two smart contract-based schemes: one to incentivize client participation and another to mitigate aggregator failures. Experimental results on the N-BaIoT dataset show that RPFL achieves IoT malware detection accuracy comparable to state-of-the-art methods, while significantly enhancing reliability and privacy in the aggregation process. Furthermore, our blockchain integration outperforms the prominent blockchain-based FL framework, BCFL, by reducing communication costs and latency. These findings highlight the potential of RPFL to advance privacy-preserving, reliable, and secure FL-based IMD in IoT networks and MEC environments. Full article

This paper explores advancements in the Gentry-Sahai-Waters (GSW) fully homomorphic encryption scheme (FHE), addressing challenges related to message data range limitations and ciphertext size constraints. We leverage the well-known parallelizing technology—the Chinese Remainder Theorem (CRT)—to tackle the message decomposition, significantly expanding the allowable input message range to the entire plaintext space. This approach enables unrestricted message selection in the GSW scheme and supports parallel homomorphic operations without intermediate decryption. Additionally, we adapt existing ciphertext compression techniques, such as the PVW-like scheme, to reduce the memory overhead associated with ciphertexts. Our experimental results demonstrate the effectiveness of combining the proposed CRT-based decomposition with the PVW-like compression in increasing the upper bound of message values and improving the scheme’s capacity for consecutive homomorphic operations. However, compression introduces a trade-off, necessitating a reduced message range due to error accumulation in successive HE operations. This research contributes to enhancing the practicality and efficiency of the GSW encryption scheme for complex computational scenarios while managing the balance between expanded message range, computational complexity, and storage requirements. Full article

The suggested solution in this work makes use of the parallel processing capability of FPGA to enhance the efficiency of the K-Nearest Neighbor (KNN) algorithm on encrypted data. The suggested technique was assessed utilizing the breast cancer datasets and the findings indicate that the FPGA-based acceleration method provides significant performance improvements over software implementation. The Cheon–Kim–Kim–Song (CKKS) homomorphic encryption scheme is used for the computation of ciphertext. After extensive simulation in Python and implementation in FPGA, it was found that the proposed architecture brings down the computational time of KNN on ciphertext to a realistic value in the order of the KNN classification algorithm over plaintext. For the FPGA implementation, we used the Intel Agilex7 FPGA (AGFB014R24B2E2V) development board and validated the speed of computation, latency, throughput, and logic utilization. It was observed that the KNN on encrypted data has a computational time of 41.72 ms which is 80 times slower than the KNN on plaintext whose computational time is of 0.518 ms. The main computation time for CKKS FHE schemes is 41.72 ms. With our architecture, we were able to reduce the calculation time of the CKKS-based KNN to 0.85 ms by using 32 parallel encryption hardware and reaching 300 MHz speed. Full article

The bootstrapping procedure has become the main bottleneck affecting the efficiency of all known fully homomorphic encryption (FHE) schemes. The state-of-the-art scheme for efficient bootstrapping, which is called fully homomorphic encryption over the torus (TFHE), accelerates polynomial multiplication by leveraging number theoretic transform (NTT) and implementing NTT in parallel on a GPU. Unfortunately, almost none of the recent advancements in NTT take full advantage of a GPU, leading to the need for more time. With this in mind, in this work, a novel faster number theoretic transform based on a GPU is proposed, in which matrix multiplication is used to implement a decomposed small-point NTT. When implementing matrix multiplication, we introduce a merging preprocessing method to merge multiple inputs of the small-point NTT, aiming to effectively minimize the count of modulo operations. Subsequently, when the merged result is multiplied by rotation factors, we use logical left shift rather than arithmetic multiplication to improve the computational efficiency. Our scheme can easily be used to realize a 1024-point NTT and the results of the experiments show that the speedup ratio of our method over the butterfly algorithm is about 2.49. Full article

The security of several fully homomorphic encryption (FHE) schemes depends on the intractability assumption of the approximate common divisor (ACD) problem over integers. Subsequent efforts to solve the ACD problem as well as its variants were also developed during the past decade. In this paper, an improved orthogonal lattice (OL)-based algorithm, AIOL, is proposed to solve the general approximate common divisor (GACD) problem. The conditions for ensuring the feasibility of AIOL are also presented. Compared to the Ding–Tao OL algorithm, the well-known LLL reduction method is used only once in AIOL, and when the error vector $\mathbf{r}$ is recovered in AIOL, the possible difference between the restored and the true value of p is given. Experimental comparisons between the Ding-Tao algorithm and ours are also provided to validate our improvements. Full article

Federated learning, as one of the three main technical routes for privacy computing, has been widely studied and applied in both academia and industry. However, malicious nodes may tamper with the algorithm execution process or submit false learning results, which directly affects the performance of federated learning. In addition, learning nodes can easily obtain the global model. In practical applications, we would like to obtain the federated learning results only by the demand side. Unfortunately, no discussion on protecting the privacy of the global model is found in the existing research. As emerging cryptographic tools, the zero-knowledge virtual machine (ZKVM) and homomorphic encryption provide new ideas for the design of federated learning frameworks. We have introduced ZKVM for the first time, creating learning nodes as local computing provers. This provides execution integrity proofs for multi-class machine learning algorithms. Meanwhile, we discuss how to generate verifiable proofs for large-scale machine learning tasks under resource constraints. In addition, we implement the fully homomorphic encryption (FHE) scheme in ZKVM. We encrypt the model weights so that the federated learning nodes always collaborate in the ciphertext space. The real results can be obtained only after the demand side decrypts them using the private key. The innovativeness of this paper is demonstrated in the following aspects: 1. We introduce the ZKVM for the first time, which achieves zero-knowledge proofs (ZKP) for machine learning tasks with multiple classes and arbitrary scales. 2. We encrypt the global model, which protects the model privacy during local computation and transmission. 3. We propose and implement a new federated learning framework. We measure the verification costs under different federated learning rounds on the IRIS dataset. Despite the impact of homomorphic encryption on computational accuracy, the framework proposed in this paper achieves a satisfactory 90% model accuracy. Our framework is highly secure and is expected to further improve the overall efficiency as cryptographic tools continue to evolve. Full article

Security log collection and storage are essential for organizations worldwide. Log analysis can help recognize probable security breaches and is often required by law. However, many organizations commission log management to Cloud Service Providers (CSPs), where the logs are collected, processed, and stored. Existing methods for log anomaly detection rely on unencrypted (plaintext) data, which can be a security risk. Logs often contain sensitive information about an organization or its customers. A more secure approach is always to keep logs encrypted (ciphertext). This paper presents “SigML++”, an extension of “SigML” for supervised log anomaly detection on encrypted data. SigML++ uses Fully Homomorphic Encryption (FHE) according to the Cheon–Kim–Kim–Song (CKKS) scheme to encrypt the logs and then uses an Artificial Neural Network (ANN) to approximate the sigmoid ($\sigma \left(x\right)$) activation function probabilistically for the intervals $[-10,10]$ and $[-50,50]$. This allows SigML++ to perform log anomaly detection without decrypting the logs. Experiments show that SigML++ can achieve better low-order polynomial approximations for Logistic Regression (LR) and Support Vector Machine (SVM) than existing methods. This makes SigML++ a promising new approach for secure log anomaly detection. Full article

The outreach of healthcare services is a challenge to remote areas with affected populations. Fortunately, remote health monitoring (RHM) has improved the hospital service quality and has proved its sustainable growth. However, the absence of security may breach the health insurance portability and accountability act (HIPAA), which has an exclusive set of rules for the privacy of medical data. Therefore, the goal of this work is to design and implement the adaptive Autonomous Protocol (AutoPro) on the patient’s remote healthcare (RHC) monitoring data for the hospital using fully homomorphic encryption (FHE). The aim is to perform adaptive autonomous FHE computations on recent RHM data for providing health status reporting and maintaining the confidentiality of every patient. The autonomous protocol works independently within the group of prime hospital servers without the dependency on the third-party system. The adaptiveness of the protocol modes is based on the patient’s affected level of slight, medium, and severe cases. Related applications are given as glucose monitoring for diabetes, digital blood pressure for stroke, pulse oximeter for COVID-19, electrocardiogram (ECG) for cardiac arrest, etc. The design for this work consists of an autonomous protocol, hospital servers combining multiple prime/local hospitals, and an algorithm based on fast fully homomorphic encryption over the torus (TFHE) library with a ring-variant by the Gentry, Sahai, and Waters (GSW) scheme. The concrete-ML model used within this work is trained using an open heart disease dataset from the UCI machine learning repository. Preprocessing is performed to recover the lost and incomplete data in the dataset. The concrete-ML model is evaluated both on the workstation and cloud server. Also, the FHE protocol is implemented on the AWS cloud network with performance details. The advantages entail providing confidentiality to the patient’s data/report while saving the travel and waiting time for the hospital services. The patient’s data will be completely confidential and can receive emergency services immediately. The FHE results show that the highest accuracy is achieved by support vector classification (SVC) of 88% and linear regression (LR) of 86% with the area under curve (AUC) of 91% and 90%, respectively. Ultimately, the FHE-based protocol presents a novel system that is successfully demonstrated on the cloud network. Full article

The increasing ubiquity of big data and cloud-based computing has led to increased concerns regarding the privacy and security of user data. In response, fully homomorphic encryption (FHE) was developed to address this issue by enabling arbitrary computation on encrypted data without decryption. However, the high computational costs of homomorphic evaluations restrict the practical application of FHE schemes. To tackle these computational and memory challenges, a variety of optimization approaches and acceleration efforts are actively being pursued. This paper introduces the KeySwitch module, a highly efficient and extensively pipelined hardware architecture designed to accelerate the costly key switching operation in homomorphic computations. Built on top of an area-efficient number-theoretic transform design, the KeySwitch module exploited the inherent parallelism of key switching operation and incorporated three main optimizations: fine-grained pipelining, on-chip resource usage, and high-throughput implementation. An evaluation on the Xilinx U250 FPGA platform demonstrated a 1.6× improvement in data throughput compared to previous work with more efficient hardware resource utilization. This work contributes to the development of advanced hardware accelerators for privacy-preserving computations and promoting the adoption of FHE in practical applications with enhanced efficiency. Full article

Public key encryption with keyword search (PEKS) allows users to perform keyword searches of ciphertext on untrusted cloud storage servers, protecting data privacy while sharing data. However, it faces several security problems in practical applications. First, an attacker can launch a keyword guessing attack to obtain keywords of interest to users, causing the leakage of their sensitive information. Second, untrusted cloud servers may return incorrect or incomplete results. In addition, with the continuous development of quantum computers, existing PEKS schemes face the problem of quantum attacks. Since cloud servers are mostly untrusted, verifiable search has become a hot research topic among scholars. However, most of the current schemes are based on bilinear pairing constructions, which are vulnerable to quantum attacks. To solve these problems, we propose a new ciphertext retrieval scheme based on fully homomorphic encryption (FHE), called VR-PEKS. This scheme implements verifiable search and is able to solve the problems of keyword guessing attacks and quantum attacks. We propose to improve the security of the scheme by using the oblivious pseudorandom function to randomize keywords and then encrypt them using FHE. An encrypted verified index structure is constructed and exposed by the data owner, enabling the data recipient to achieve verification of the correctness and integrity of the retrieved results without relying on a trusted third party. We demonstrate the security of the proposed scheme in a stochastic prediction model, and prove that our scheme satisfies keyword ciphertext indistinguishability and keyword trapdoor indistinguishability under adaptive keyword selection attacks. The comparison shows that our scheme is secure and feasible. Full article

With the rapid development of the Internet of Things (IoT) technology, the security problems it faces are increasingly prominent and have attracted much attention in industry and the academy. Traditional IoT architecture comes with security risks. Illegal intrusion of attackers into the network layer disrupts the availability of data. The untrusted transmission environment increases the difficulty of users sharing private data, and various outsourced computing and application requirements bring the risk of privacy leakage. Multi-key fully homomorphic encryption (MKFHE) realizes operations between ciphertexts under different key encryption and has great application potential. Since 2012, the first MKFHE scheme LTV12 has been extended from fully homomorphic encryption (FHE) and has ignited the enthusiasm of many cryptographic researchers due to its lattice-based security and quantum-resistant properties. According to its corresponding FHE scheme, the MKFHE schemes can be divided into four kinds: Gentry–Sahai–Water (GSW), number theory research unit (NTRU), Brakerski–Gentry–Vaikuntanathan (BGV), and FHE over the tour (TFHE). Efficiency and cost are urgent issues for MKFHE. New schemes are mainly improved versions of existing schemes. The improvements are mostly related to the four parts of MKFHE: security assumption, key generation, plaintext encryption, and ciphertext processing. We classified MKFHE schemes according to the improved partial schemes, and we present some improved techniques and the applications of MKFHE. Full article

We present automatically parameterised Fully Homomorphic Encryption (FHE) for encrypted neural network inference and exemplify our inference over FHE-compatible neural networks with our own open-source framework and reproducible examples. We use the fourth generation Cheon, Kim, Kim, and Song (CKKS) FHE scheme over fixed points provided by the Microsoft Simple Encrypted Arithmetic Library (MS-SEAL). We significantly enhance the usability and applicability of FHE in deep learning contexts, with a focus on the constituent graphs, traversal, and optimisation. We find that FHE is not a panacea for all privacy-preserving machine learning (PPML) problems and that certain limitations still remain, such as model training. However, we also find that in certain contexts FHE is well-suited for computing completely private predictions with neural networks. The ability to privately compute sensitive problems more easily while lowering the barriers to entry can allow otherwise too-sensitive fields to begin advantaging themselves of performant third-party neural networks. Lastly, we show how encrypted deep learning can be applied to a sensitive real-world problem in agri-food, i.e., strawberry yield forecasting, demonstrating competitive performance. We argue that the adoption of encrypted deep learning methods at scale could allow for a greater adoption of deep learning methodologies where privacy concerns exist, hence having a large positive potential impact within the agri-food sector and its journey to net zero. Full article

Fully homomorphic encryption allows users to use the computing resources of cloud servers for the computation of encrypted data without worrying about data leakage. The fully homomorphic encryption approach has problems with excessive noise and the expansion of the ciphertext dimension after the homomorphic evaluation. The key switching technology effectively solves the problem of the ciphertext dimension expansion. The generated evaluation key is a masked secret key that must be shared between the data owner and the computational entity, so the security must be guaranteed. In the RLWE-based FHE scheme, the efficiency improvement of the key switching depends on the circular security assumption, meaning the security needs to be improved. To solve the above problems, we select the secret key from the noise distribution with variable parameters so that the evaluation key and the initial noise of the encryption scheme are smaller. Specifically, the secret key is replaced after each homomorphic evaluation to ensure the security. We use the “modulus scaling” method to control the noise generated by itself, rather than the BitDecomp technology, which is complex when applied to polynomials. Finally, we combine the packing technology that relies on the polynomial CRT (Chinese remainder theorem) to design a batch-leveled fully homomorphic encryption scheme. We analyze the scheme’s noise, security proof, and specific security parameters. Compared with the FV12 scheme, our scheme is more secure. Compared with the MB18 scheme, our evaluation key size is smaller. Full article