Cryptology ePrint Archive: Report 2021/1284

APAS: Application-Specific Accelerators for RLWE-based Homomorphic Linear Transformations

Song Bian and Dur E Shahwar Kundi and Kazuma Hirozawa and Weiqiang Liu and Takashi Sato

Abstract: Recently, the application of multi-party secure computing schemes based on homomorphic encryption in the field of machine learning attracts attentions across the research fields. Previous studies have demonstrated that secure protocols adopting packed additive homomorphic encryption (PAHE) schemes based on the ring learning with errors (RLWE) problem exhibit significant practical merits, and are particularly promising in enabling efficient secure inference in machine-learning-as-a-service applications. In this work, we introduce a new technique for performing homomorphic linear transformation (HLT) over PAHE ciphertexts. Using the proposed HLT technique, homomorphic convolutions and inner products can be executed without the use of number theoretic transform and the rotate-and-add algorithms that were proposed in existing works. To maximize the efficiency of the HLT technique, we propose APAS, a hardware-software co-design framework consisting of approximate arithmetic units for the hardware acceleration of HLT. In the experiments, we use actual neural network architectures as benchmarks to show that APAS can improve the computational and communicational efficiency of homomorphic convolution by 8x and 3x, respectively, with an energy reduction of up to 26x as compared to the ASIC implementations of existing methods.

Category / Keywords: applications / homomorphic encryption, privacy-preserving machine learning, learning with errors, ring learning with errors, neural networks

Original Publication (with minor differences): IEEE Transactions on Information Forensics and Security
DOI:
10.1109/TIFS.2021.3114032

Date: received 23 Sep 2021

Contact author: sbian at easter kuee kyoto-u ac jp, liuweiqiang at nuaa edu cn

Available format(s): PDF | BibTeX Citation

Version: 20210924:175449 (All versions of this report)

Short URL: ia.cr/2021/1284


[ Cryptology ePrint archive ]