EncryptionAccelerating Use of Fully Homomorphic Encryption

Published 16 March 2021

Protecting and preserving personally identifiable information (PII), intellectual property, intelligence insights, and other forms of sensitive information has never been more critical. A steady cadence of data breaches and attacks are reported seemingly daily. As the use of cloud computing and virtual networks becomes increasingly pervasive for storing, processing, and moving information, concerns around data vulnerability, access, and privacy are similarly on the rise. Four research teams take on development of novel hardware accelerator to enable new levels of data and privacy protection.

Protecting and preserving personally identifiable information (PII), intellectual property, intelligence insights, and other forms of sensitive information has never been more critical. A steady cadence of data breaches and attacks are reported seemingly daily. As the use of cloud computing and virtual networks becomes increasingly pervasive for storing, processing, and moving information, concerns around data vulnerability, access, and privacy are similarly on the rise.

“Today, we are seeing ongoing struggles to trust the technologies and standards in place that are designed to protect critical data,” said DARPA program manager, Tom Rondeau. “Advances in quantum computing are raising questions about the durability of some of the most advanced data protection technologies, while concerns are being raised about the collection, misuse, and handling of personal information by organizations and institutions. These challenges underscore an urgent need to explore new secure computing models that can mitigate risk whether data is at-rest, in-transit, or in use.”

Fully Homomorphic Encryption (FHE) is an approach to data security that delivers mathematical proof of encryption by using cryptographic means, providing a new level of certainty around how data is stored and manipulated. Today, traditional encryption protects data while stored or in transmission, but the information must be decrypted to perform a computation, analyze it, or employ it to train a machine learning model. Decryption endangers the data, exposing it to compromise by savvy adversaries or even accidental leaks. FHE enables computation on encrypted information, allowing users to strike a balance between using sensitive data to its full extent and removing the risk of exposure. While FHE is increasingly touted as a viable path forward, it requires a prohibitive amount of compute power and time.

“A computation that would take a millisecond to complete on a standard laptop would takes weeks to compute on a conventional server running FHE today,” noted Rondeau.

To reduce the processing time from weeks to seconds – even milliseconds – DARPA launched the Data Protection in Virtual Environments (DPRIVE) program. DPRIVE seeks to develop a hardware accelerator for FHE computations that will dramatically reduce the compute runtime overhead compared to software-based FHE approaches. The goal of the program is to design and implement a hardware accelerator for FHE computations that is capable of drastically speeding up FHE calculations, making the technology more accessible for sensitive defense applications as well as commercial use.

DARPA today announced the research teams selected to the DPRIVE program. Four teams of researchers will be led by Duality Technologies, Galois, SRI International, and Intel Federal. Each team will develop an FHE accelerator hardware and software stack that reduces the computational overhead required to make FHE calculations to a speed comparable to similar unencrypted data operations. The teams will create accelerator architectures that are flexible, scalable, and programmable, but will also explore various approaches with different native word sizes. Current standard CPUs are based on 64-bit words, which are the units of data that determine a particular processor’s design. Word size directly relates to the signal-to-noise ratio of how encrypted data is stored and processed, as well as the error generated each time an FHE calculation is processed. The selected DPRIVE research teams will explore various approaches covering a diversity of word sizes – from 64 bits to thousands of bits – to solve the challenge.

In addition, teams are exploring novel approaches to memory management, flexible data structures and programming models, and formal verification methods to ensure the FHE implementation is correct-by-design and provides confidence to the user. As the co-design of FHE algorithms, hardware, and software is critical to the successful creation of the target DPRIVE accelerator, each team is bringing varied technical expertise to the program as well as in-depth knowledge on FHE.

“We currently estimate we are about a million times slower to compute in the FHE world then we are in the plaintext world. The goal of DPRIVE is to bring FHE down to the computational speeds we see in plaintext. If we are able to achieve this goal while positioning the technology to scale, DPRIVE will have a significant impact on our ability to protect and preserve data and user privacy,” concluded Rondeau.