Privacy-Preserving Cloud Computing using Homomorphic Encryption

Note: Please visit the FHELib: Fully Homomorphic Encryption Hardware Library for Privacy-preserving Computing project page for information on a related project.

In today’s data-driven world, a large amount of data is collected by billions of devices (cell phones, autonomous cars, handheld game consoles, etc.), and this data is then processed in the cloud. A common approach to maintain data privacy in the cloud is to keep the data in encrypted form, and we decrypt the data only when we need to process it. However, this approach requires efficient key management techniques, which are susceptible to attacks. There exists a ground-breaking technology called homomorphic encryption (HE), which allows us to operate on encrypted data and in turn maintain data privacy without the need to store and protect the secret keys. However, HE-based computing is multiple orders of magnitude slower than operating on unencrypted data. To make HE-based computing viable and practical, we need custom hardware designs and support for floating point numbers. In this project, we propose to design and prototype (using FPGAs in the Open Cloud Testbed) an efficient hardware solution for implementing the Cheon-Kim-Kim-Song (CKKS) HE scheme. Our design will be parametrized to support different polynomial lengths and coefficient bit widths, and will be optimized to minimize the time for HE-based privacy-preserving computing. We will perform an end-to-end evaluation of our hardware solution for image classification-based healthcare application.

Summary of Progress (reported Jan 2023)

Our work resulted in a paper that will be presented at the IEEE International Symposium on High-Performance Computer Architecture (HPCA) 2023. The arxiv version of the paper is at Please see the paper abstract for a summary of the completed work.

The project is ongoing. We received funding from Red Hat Collaboratory for 2023 (see Fully Homomorphic Encryption Hardware Library for Privacy-preserving Computing) move to the next step. In the next step we propose to develop FHELib, an RTL hardware library that supports all four FHE schemes: BGV, B/FV, CKKS and TFHE. This library can be leveraged to design both FPGA-based and ASIC-based custom accelerator solutions (that would eventually be deployed in the cloud) that supports all four schemes.


External Honors

  • Rashmi Agrawal received the Best Presentation Award, Second Place, at Workshop for Women in Hardware and Systems Security (WISE).
This project is supported by the Red Hat Collaboratory at Boston University.