Paper 2021/1493

VASA: Vector AES Instructions for Security Applications

Jean-Pierre Münch, Thomas Schneider, and Hossein Yalame

Abstract

Due to standardization, AES is today’s most widely used block cipher. Its security is well-studied and hardware acceleration is available on a variety of platforms. Following the success of the Intel AES New Instructions (AES-NI), support for Vectorized AES (VAES) has been added in 2018 and already shown to be useful to accelerate many implementations of AES-based algorithms where the order of AES evaluations is fixed a priori. In our work, we focus on using VAES to accelerate the computation in secure multi-party computation protocols and applications. For some MPC building blocks, such as OT extension, the AES operations are independent and known a priori and hence can be easily parallelized, similar to the original paper on VAES by Drucker et al. (ITNG’19). We evaluate the performance impact of using VAES in the AES-CTR implementations used in Microsoft CrypTFlow2, and the EMP-OT library which we accelerate by up to 24%. The more complex case that we study for the first time in our paper are dependent AES calls that are not fixed yet in advance and hence cannot be parallelized manually. This is the case for garbling schemes. To get optimal efficiency from the hardware, enough independent calls need to be combined for each batch of AES executions. We identify such batches using a deferred execution technique paired with early execution to reduce non-locality issues and more static techniques using circuit depth and explicit gate independence. We present a performance and a modularity focused technique to compute the AES operations efficiently while also immediately using the results and preparing the inputs. Using these techniques, we achieve a performance improvement via VAES of up to 244% for the ABY framework and of up to 28% for the EMP-AGMPC framework. By implementing several garbling schemes from the literature using VAES acceleration, we obtain a 171% better performance for ABY.

Note: We sincerely thank Nir Drucker as well as Shay Gueron for contacting us with very helpful comments and pointers to the history of VAES which helped us to substantially improve our paper

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Minor revision.37th Annual Computer Security Applications Conference (ACSAC'21)
Keywords
privacy preserving machine learningsecure multi-party computationVAES
Contact author(s)
jean-pierre muench @ posteo de
schneider @ encrypto cs tudarmstadt de
yalame @ encrypto cs tu-darmstadt de
History
2021-11-20: last of 2 revisions
2021-11-15: received
See all versions
Short URL
https://ia.cr/2021/1493
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1493,
      author = {Jean-Pierre Münch and Thomas Schneider and Hossein Yalame},
      title = {VASA: Vector AES Instructions for Security Applications},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1493},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1493}},
      url = {https://eprint.iacr.org/2021/1493}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.