Presentation is loading. Please wait.

Presentation is loading. Please wait.

* Partially sponsored by IARPA SPAR * Partially sponsored by DARPA PROCEED.

Published byPhillip Morrison Modified over 9 years ago

Similar presentations

Presentation on theme: "* Partially sponsored by IARPA SPAR * Partially sponsored by DARPA PROCEED."— Presentation transcript:

1 * Partially sponsored by IARPA SPAR * Partially sponsored by DARPA PROCEED

2

3 PAlgebra Structure of Zm* PAlgebraTwo/2r plaintext-slot algebra NumbTh miscellaneous utilities CModulus polynomials mod p Math SingleCRT/DoubleCRT polynomial arithmetic FHE KeyGen/Enc/Dec Ctxt Ciphertext operations Crypto EncryptedArray/EncrytedArrayMod2r Routing plaintext slots IndexSet/IndexMap Indexing utilities FHEcontext parameters bluestein FFT/IFFT timing KeySwitching Matrices for key- switching Box Diagram of the Library

4  A ciphertext encrypts an array of values ◦ Either bits, elements of GF(2 n ), or integers mod 2 r  Array size determined by other parameters ◦ Intended depth of circuits & security parameter ◦ E.g., 378, 600, 682, 720, 1285, …  Homomorphic operations include: ◦ Element-wise addition/subtraction, multiplication ◦ Addition/subtraction, multiplication by constants ◦ Cyclic/non-cyclic shifts ◦ Also SELECT(A 1,A 2, pattern) = pattern  A 1 + (1-pattern)  A 2

5  Security parameter=80, circuit width=4 arrays (  ) (  ) maybe similar work to homomorphic AES ◦ If true, ~12x speedup on our previous implementation [CRYPTO 2012] Circuit “depth”Array sizeTime (hrs:min:sec) 72240:00:38 144800:02:49 355120:19:05 707203:01:51 8420485:24:47

6  Various optimizations and design choices 1.Representing plaintext algebra (§2.4, §2.5) 2.Double-CRT representation of polynomials(§2.8) 3.Ciphertexts as “generic” vectors (§3.1.1-§3.1.3) 4.Dynamic noise estimate (§3.1.4) 5.Key-switching optimizations (§3.1.6) 6.Which key-switching matrices to generate (§3.3) 7.Implementation of rotation/shifts (§4.1)  Here I will only talk about 3 & 4 § The section numbers correspond to the design & implementation document

7

8

9

10

11

12

13

14

15

16  A freshly-encrypted ciphertext comes with some noise estimate  The estimate evolves during computation  We use it to decide when to do modulus- switching  Also the application can use it to know if it should expect a decryption error

17  We have the basic BGV implementation more or less done  Evaluate nontrivial circuits in a few minutes, and even complex circuits in just a few hours  Amenable to massive parallelism

Download ppt "* Partially sponsored by IARPA SPAR * Partially sponsored by DARPA PROCEED."

Similar presentations

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.
DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
Secure Evaluation of Multivariate Polynomials

Secure Evaluation of Multivariate Polynomials
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
Mathematics of Cryptography Part II: Algebraic Structures

Mathematics of Cryptography Part II: Algebraic Structures
Data Security 1 El_Gamal Cryptography. Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem.

Data Security 1 El_Gamal Cryptography. Data Security2 Introduction El_Gamal is a public-key cryptosystem technique El_Gamal is a public-key cryptosystem.
Paper by: Craig Gentry Presented By: Daniel Henneberger.

Paper by: Craig Gentry Presented By: Daniel Henneberger.
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Advanced Information Security 4 Field Arithmetic

Advanced Information Security 4 Field Arithmetic
Advanced Encryption Standard

Advanced Encryption Standard
A Creative Way of Breaking RSA Azeem Jiva. Overview ● What is RSA? – Public Key Algorithm – Is it secure? ● Ways to break RSA – Discover the Public Key.

A Creative Way of Breaking RSA Azeem Jiva. Overview ● What is RSA? – Public Key Algorithm – Is it secure? ● Ways to break RSA – Discover the Public Key.
1 The AES block cipher Niels Ferguson. 2 What is it? Block cipher: encrypts fixed-size blocks. Design by two Belgians. Chosen from 15 entries in a competition.

1 The AES block cipher Niels Ferguson. 2 What is it? Block cipher: encrypts fixed-size blocks. Design by two Belgians. Chosen from 15 entries in a competition.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.

Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.
Error detection/correction FOUR WEEK PROJECT 1 ITEMS TO BE DISCUSSED 1.0 OVERVIEW OF CODING STRENGTH (3MINS) Weight/distance of binary vectors Error detection.

Error detection/correction FOUR WEEK PROJECT 1 ITEMS TO BE DISCUSSED 1.0 OVERVIEW OF CODING STRENGTH (3MINS) Weight/distance of binary vectors Error detection.
Chapter 5: Hashing Hash Tables

Chapter 5: Hashing Hash Tables
Section 10.3 Logic Gates.

Section 10.3 Logic Gates.

Similar presentations

Ads by Google