Paper 2023/1040

E2E near-standard and practical authenticated transciphering

Abstract

Homomorphic encryption (HE) enables computation delegation to untrusted third parties while maintaining data confidentiality. Hybrid encryption (a.k.a transciphering) allows a reduction in the number of ciphertexts and storage size, which makes FHE solutions practical for a variety of modern applications. Still, modern transciphering has three main drawbacks: 1) lack of standardization or bad performance of symmetric decryption under FHE; 2) post-HE-evaluation is limited to small-size applications; 3) lack of input data integrity. Interestingly, modern-size secure inference applications were demonstrated using approximated FHE schemes such as CKKS. However, implementing transciphering using standard Authenticated Encryption (AE) over CKKS is challenging due to its approximated nature. In this paper, we aim to close these gaps. First, we report and demonstrate the first end-to-end process that uses transciphering for real-world applications i.e., running deep neural network (DNN) inference under encryption. For that, we discuss the concept of Authenticated Transciphering (AT), which like AE, provides some integrity guarantees for the transciphered data. Finally, to demonstrate the AT concept, we report on the first implementation of Ascon decryption under CKKS, and complete the picture with a detailed technical description of our AES-GCM implementation under CKKS.

Note: This paper provides details of the "E2E near-standard hybrid encryption" poster presented at the 6th HomomorphicEncryption.org Standards Meeting in Seoul, South Korea, 23-24 March 2023. The revision includes an improved introduction and a some more comparison with prior-art.