skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: PEEV: Parse Encrypt Execute Verify - A Verifiable FHE Framework
Cloud computing has been a prominent technology that allows users to store their data and outsource intensive computations. However, users of cloud services are also concerned about protecting the confidentiality of their data against attacks that can leak sensitive information. Although traditional cryptography can be used to protect static data or data being transmitted over a network, it does not support processing of encrypted data. Homomorphic encryption can be used to allow processing directly on encrypted data, but a dishonest cloud provider can alter the computations performed, thus violating the integrity of the results. To overcome these issues, we propose PEEV (Parse, Encrypt, Execute, Verify), a framework that allows a developer with no background in cryptography to write programs operating on encrypted data, outsource computations to a remote server, and verify the correctness of the computations. The proposed framework relies on homomorphic encryption techniques as well as zero-knowledge proofs to achieve verifiable privacy-preserving computation. It supports practical deployments with low performance overheads and allows developers to express their encrypted programs in a high-level language, abstracting away the complexities of encryption and verification.  more » « less
Award ID(s):
2239334
PAR ID:
10604085
Author(s) / Creator(s):
; ;
Publisher / Repository:
IEEE
Date Published:
Journal Name:
IEEE Access
Volume:
12
ISSN:
2169-3536
Page Range / eLocation ID:
94673 to 94689
Subject(s) / Keyword(s):
Cloud computing homomorphic encryption private and verifiable computation zero knowledge proofs
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, IEEE Transactions on Information Forensics and Security)
    As cloud computing continues to gain widespread adoption, safeguarding the confidentiality of data entrusted to third-party cloud service providers becomes a critical concern. While traditional encryption methods offer protection for data at rest and in transit, they fall short when it comes to where it matters the most, i.e., during data processing. To address this limitation, we present HELM, a framework for privacy-preserving data processing using homomorphic encryption. HELM automatically transforms arbitrary programs expressed in a Hardware Description Language (HDL), such as Verilog, into equivalent homomorphic circuits, which can then be efficiently evaluated using encrypted inputs. HELM features three modes of encrypted evaluation: a) a gate mode that consists of Boolean gates, b) a small-precision lookup table mode which significantly reduces the size of the circuit by combining multiple gates into lookup tables, and c) a high-precision lookup table mode tuned for multi-bit arithmetic evaluations. Finally, HELM introduces a scheduler that leverages the parallelism inherent in arithmetic and Boolean circuits to efficiently evaluate encrypted programs. We evaluate HELM with the ISCAS'85 and ISCAS'89 benchmark suites, as well as real-world applications such as image filtering and neural network inference. In our experimental results, we report that HELM can outperform prior works by up to 65x. 
    more » « less
  2. ; ; ; (, Advances in neural information processing systems)
    null (Ed.)
    Because of the lack of expertise, to gain benefits from their data, average users have to upload their private data to cloud servers they may not trust. Due to legal or privacy constraints, most users are willing to contribute only their encrypted data, and lack interests or resources to join deep neural network (DNN) training in cloud. To train a DNN on encrypted data in a completely non-interactive way, a recent work proposes a fully homomorphic encryption (FHE)-based technique implementing all activations by \textit{Brakerski-Gentry-Vaikuntanathan} (BGV)-based lookup tables. However, such inefficient lookup-table-based activations significantly prolong private training latency of DNNs. In this paper, we propose, Glyph, an FHE-based technique to fast and accurately train DNNs on encrypted data by switching between TFHE (Fast Fully Homomorphic Encryption over the Torus) and BGV cryptosystems. Glyph uses logic-operation-friendly TFHE to implement nonlinear activations, while adopts vectorial-arithmetic-friendly BGV to perform multiply-accumulations (MACs). Glyph further applies transfer learning on DNN training to improve test accuracy and reduce the number of MACs between ciphertext and ciphertext in convolutional layers. Our experimental results show Glyph obtains state-of-the-art accuracy, and reduces training latency by 69%~99% over prior FHE-based privacy-preserving techniques on encrypted datasets. 
    more » « less
  3. (, Georgia Tech Library)
    Homomorphic Encryption is a relatively new cryptographic method which, unlike tra- ditional encryption, allows computations to be preformed on encrypted data. Robotic con- trollers can take advantage of these new techniques to increase system security by en- crypting the entire motion control scheme including: sensor signals, model parameters, feedback gains, and perform computation in the ciphertext space to generate motion com- mands without a security hole. However, numerous challenges exist which have limited the wide spread adoption of homomorphically encrypted control systems. The following thesis address several of these pressing issues–cryptographic overflow and heterogenous deployment. Cryptographic overflow is a phenomenon intrinsic to homomorphic ciphers. As en- crypted data is computed on the level of ‘noise’ inside the ciphertext increases, until it becomes too great making decryption impossible, this is known as ‘overflow’. The pri- mary contributor to noise growth is multiplication. Thus, this thesis explores topological sorting methods to find semantically equivalent but syntactically simpler control expres- sions. This allows an encrypted control scheme to preform the same calculation but with fewer multiplications, thus reducing the total amount of noise injected into the system. Furthermore, encrypted calculations impose a hefty computational burden as compared to its unencrypted counterparts. As such, heterogeneous mix of different computing tech- nologies (i.e. CPU, GPU, FPGA) are needed to achieve real-time signal processing. As such, this thesis explores which aspects of an encrypted control system is best suited for which computing technology and describes a deployment strategy to take advantage of these differences. 
    more » « less
  4. ; (, IEEE Transactions on Industrial Cyber-Physical Systems)
    Cloud-based control is prevalent in many modern control applications. Such applications require security for the sake of data secrecy and system safety. The presented research proposes an encrypted adaptive control framework that can be secured for cloud computing with encryption and without issues caused by encryption overflow and large execution delays. This objective is accomplished by implementing a somewhat homomorphic encryption (SHE) scheme on a modified model reference adaptive controller with accompanying encryption parameter tuning rules. Additionally, this paper proposes a virtual false data injection attack (FDIA) trap based on the SHE scheme. The trap guarantees a probability of attack detection by the adjustment of encryption parameters, thus protecting the system from malicious third parties. The formulated algorithm is then simulated, verifying that after tuning encryption parameters, the encrypted controller produces desired plant outputs while guaranteeing detection or compensation of FDIAs. With the utilization of this novel control framework, adaptively controlled systems will maintain data confidentiality and integrity against malicious adversaries. 
    more » « less
  5. ; (, 2019 Cloud Computing Security Workshop)
    In order to protect user data while maintaining application functionality, encrypted databases can use specialized cryptography such as property-revealing encryption, which allows a property of the underlying plaintext values to be computed from the ciphertext. One example is deterministic encryption which ensures that the same plaintext encrypted under the same key will produce the same ciphertext. This technology enables clients to make queries on sensitive data hosted in a cloud server and has considerable potential to protect data. However, the security implications of deterministic encryption are not well understood. We provide a leakage analysis of deterministic encryption through the application of the framework of quantitative information flow. A key insight from this framework is that there is no single "right" measure by which leakage can be quantified: information flow depends on the operational scenario and different operational scenarios require different leakage measures. We evaluate leakage under three operational scenarios, modeled using three different gain functions, under a variety of prior distributions in order to bring clarity to this problem. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email