대한수학회지 (Journal of the Korean Mathematical Society)

  • 제59권1호
  • /
  • Pages.35-51
  • /
  • 2022
  • /
  • 0304-9914(pISSN)
  • /
  • 2234-3008(eISSN)
대한수학회 (Korean Mathematical Society)
권호 표지
DOI QR코드

DOI QR Code

PRACTICAL FHE PARAMETERS AGAINST LATTICE ATTACKS

  • Cheon, Jung Hee (Department of Mathematics Seoul National University) ;
  • Son, Yongha (Security Reseach Center Samsung SDS) ;
  • Yhee, Donggeon (Industrial and Mathematical Data Analytics Research Center Seoul National University)
  • 투고 : 2020.12.01
  • 심사 : 2021.11.02
  • 발행 : 2022.01.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

We give secure parameter suggestions to use sparse secret vectors in LWE based encryption schemes. This should replace existing security parameters, because homomorphic encryption (HE) schemes use quite different variables from the existing parameters. In particular, HE schemes using sparse secrets should be supported by experimental analysis, here we summarize existing attacks to be considered and security levels for each attacks. Based on the analysis and experiments, we compute optimal scaling factors for CKKS.

키워드

참고문헌

  1. M. Ajtai, Generating hard instances of lattice problems (extended abstract), in Proceedings of the Twenty-eighth Annual ACM Symposium on the Theory of Computing (Philadelphia, PA, 1996), 99-108, ACM, New York, 1996. https://doi.org/10.1145/237814.237838
  2. M. R. Albrecht, On dual lattice attacks against small-secret LWE and parameter choices in HElib and SEAL, in Advances in cryptology-EUROCRYPT 2017. Part II, 103-129, Lecture Notes in Comput. Sci., 10211, Springer, Cham, 2017. https://link.springer.com/chapter/10.1007/978-3-319-56614-6_4
  3. M. Albrecht, M. Chase, H. Chen, J. Ding, S. Goldwasser, S. Gorbunov, S. Halevi, J. Hoffstein, K. Lauter, S. Lokam, et al., Homomorphic encryption standard, 2018.
  4. M. R. Albrecht, F. Gopfert, F. Virdia, and T. Wunderer, Revisiting the expected cost of solving uSVP and applications to LWE, in Advances in cryptology-ASIACRYPT 2017. Part I, 297-322, Lecture Notes in Comput. Sci., 10624, Springer, Cham, 2017. https://doi.org/10.1007/978-3-319-70694-8_11
  5. D. Archer, L. Chen, J.-H. Cheon, R. Gilad-Bachrach, R. A. Hallman, Z. Huang, X. Jiang, R. Kumaresan, B. A. Malin, H. Sofia, et al., Applications of homomorphic encryption, Technical report, https://homomorphicencryption.org, Redmond WA, USA, 2017.
  6. A. Becker, L. Ducas, N. Gama, and T. Laarhoven, New directions in nearest neighbor searching with applications to lattice sieving, in Proceedings of the Twenty-Seventh Annual ACM-SIAM Symposium on Discrete Algorithms, 10-24, ACM, New York, 2016. https://doi.org/10.1137/1.9781611974331.ch2
  7. Z. Brakerski, C. Gentry, and V. Vaikuntanathan, (Leveled) fully homomorphic encryption without bootstrapping, ACM Trans. Comput. Theory 6 (2014), no. 3, Art. 13, 36 pp. https://doi.org/10.1145/2633600
  8. M. Brenner, W. Dai, S. Halevi, K. Han, A. Jalali, M. Kim, K. Laine, A. Malozemoff, P. Paillier, Y. Polyakov, et al., A standard API for RLWE-based homomorphic encryption, Technical report, https://homomorphicencryption.org, Redmond WA, USA, 2017.
  9. J. Buchmann, F. Gopfert, R. Player, and T. Wunderer, On the hardness of LWE with binary error: revisiting the hybrid lattice-reduction and meet-in-the-middle attack, in Progress in cryptology-AFRICACRYPT 2016, 24-43, Lecture Notes in Comput. Sci., 9646, Springer, 2016. https://doi.org/10.1007/978-3-319-31517-1_2
  10. M. Chase, H. Chen, J. Ding, S. Goldwasser, S. Gorbunov, J. Hoffstein, K. Lauter, S. Lokam, D. Moody, T. Morrison, et al., Security of homomorphic encryption, Technical report, https://homomorphicencryption.org, Redmond WA, USA, 2017.
  11. H. Chen, I. Chillotti, and Y. Song, Improved bootstrapping for approximate homomorphic encryption, in Advances in cryptology-EUROCRYPT 2019. Part II, 34-54, Lecture Notes in Comput. Sci., 11477, Springer, Cham, 2019. https://doi.org/10.1007/978-3-030-17656-3_2
  12. H. Chen and K. Han, Homomorphic lower digits removal an improved FHE bootstrapping, in Advances in cryptology-EUROCRYPT 2018. Part I, 315-337, Lecture Notes in Comput. Sci., 10820, Springer, Cham, 2018. https://doi.org/10.1007/978-3-319-78381-9_12
  13. Y. Chen and P. Q. Nguyen, BKZ 2.0: better lattice security estimates, in Advances in cryptology-ASIACRYPT 2011, 1-20, Lecture Notes in Comput. Sci., 7073, Springer, Heidelberg, 2011. https://doi.org/10.1007/978-3-642-25385-0_1
  14. J. H. Cheon, K. Han, A. Kim, M. Kim, and Y. Song, Bootstrapping for approximate homomorphic encryption, in Advances in cryptology-EUROCRYPT 2018. Part I, 360-384, Lecture Notes in Comput. Sci., 10820, Springer, Cham, 2018. https://doi.org/10.1007/978-3-319-78381-9_14
  15. J. H. Cheon, M. Hhan, S. Hong, and Y. Son, A hybrid of dual and meet-in-the-middle attack on sparse and ternary secret LWE, IEEE Access 7 (2019), 89497-89506. https://doi.org/10.1109/access.2019.2925425
  16. J. H. Cheon, A. Kim, M. Kim, and Y. Song, Homomorphic encryption for arithmetic of approximate numbers, in Advances in cryptology-ASIACRYPT 2017. Part I, 409-437, Lecture Notes in Comput. Sci., 10624, Springer, Cham, 2017. https://doi.org/10.1007/978-3-319-70694-8_15
  17. J. H. Cheon and Y. Son, Revisiting the hybrid attack on sparse and ternary secret LWE, IACR Cryptol. ePrint Arch. 2019 (2019), 1019.
  18. I. Chillotti, N. Gama, M. Georgieva, and M. Izabach'ene, TFHE: fast fully homomorphic encryption library, August 2016.
  19. B. R. Curtis and R. Player, On the feasibility and impact of standardising sparse-secret LWE parmeter sets for homomorphic encryption, In roceedings of the 7th ACM Workshop on Encrypted Computing & Applied Homomorphic Cryptography, pages 1-10, 2019.
  20. J. Fan and F. Vercauteren, Somewhat practical fully homomorphic encryption, IACR Cryptol. ePrint Arch. 2012 (2012), 144.
  21. C. Gentry, Fully homomorphic encryption using ideal lattices, in STOC'09-Proceedings of the 2009 ACM International Symposium on Theory of Computing, 169-178, ACM, New York, 2009.
  22. M. Ibtihal, N. Hassan, et al., Homomorphic encryption as a service for outsourced images in mobile cloud computing environment, In Cryptography: Breakthroughs in Research and Practice, pages 316-330. IGI Global, 2020.
  23. P. Li, J. Li, Z. Huang, C.-Z. Gao, W.-B. Chen, and K. Chen, Privacy-preserving outsourced classification in cloud computing, Cluster Computing 21 (2018), no. 1, 277-286. https://doi.org/10.1007/s10586-017-0849-9
  24. R. Lindner and C. Peikert, Better key sizes (and attacks) for LWE-based encryption, in Topics in cryptology-CT-RSA 2011, 319-339, Lecture Notes in Comput. Sci., 6558, Springer, Heidelberg, 2011. https://doi.org/10.1007/978-3-642-19074-2_21
  25. D. Micciancio and O. Regev, Lattice-based cryptography, in Post-quantum cryptography, 147-191, Springer, Berlin. https://doi.org/10.1007/978-3-540-88702-7_5
  26. O. Regev, On lattices, learning with errors, random linear codes, and cryptography, J. ACM 56 (2009), no. 6, Art. 34, 40 pp. https://doi.org/10.1145/1568318.1568324
  27. Microsoft SEAL (release 3.6), https://github.com/Microsoft/SEAL, Microsoft Research, Redmond, WA, 2020.
  28. T. Wunderer, Revisiting the hybrid attack: Improved analysis and refined security estimates, IACR Cryptol. ePrint Arch. 2016 (2016), 733.
  29. Y. Zhang, W. Dai, X. Jiang, H. Xiong, and S. Wang, FORESEE: Fully Outsourced secuRe gEnome Study basEd on homomorphic Encryption, In BMC medical informatics and decision making, volume 15, page S5. Springer, 2015.