BASALISC: Programmable Hardware Accelerator for BGV Fully Homomorphic Encryption

Robin Geelen; Michiel Van Beirendonck; Hilder V. L. Pereira; Brian Huffman; Tynan McAuley; Ben Selfridge; Daniel Wagner; Georgios Dimou; Ingrid Verbauwhede; Frederik Vercauteren; David W. Archer

Paper 2022/657

BASALISC: Programmable Hardware Accelerator for BGV Fully Homomorphic Encryption

Robin Geelen

, KU Leuven

Michiel Van Beirendonck

, KU Leuven

Hilder V. L. Pereira

, KU Leuven

Brian Huffman, Galois (United States)

Tynan McAuley, Niobium Microsystems

Ben Selfridge, Galois (United States)

Daniel Wagner, Galois (United States)

Georgios Dimou, Niobium Microsystems

Ingrid Verbauwhede

, KU Leuven

Frederik Vercauteren

, KU Leuven

David W. Archer, Galois (United States)

Abstract

Fully Homomorphic Encryption (FHE) allows for secure computation on encrypted data. Unfortunately, huge memory size, computational cost and bandwidth requirements limit its practicality. We present BASALISC, an architecture family of hardware accelerators that aims to substantially accelerate FHE computations in the cloud. BASALISC is the first to implement the BGV scheme with fully-packed bootstrapping – the noise removal capability necessary for arbitrary-depth computation. It supports a customized version of bootstrapping that can be instantiated with hardware multipliers optimized for area and power. BASALISC is a three-abstraction-layer RISC architecture, designed for a 1 GHz ASIC implementation and underway toward 150mm2 die tape-out in a 12nm GF process. BASALISC's four-layer memory hierarchy includes a two-dimensional conflict-free inner memory layer that enables 32 Tb/s radix-256 NTT computations without pipeline stalls. Its conflict-resolution permutation hardware is generalized and re-used to compute BGV automorphisms without throughput penalty. BASALISC also has a custom multiply-accumulate unit to accelerate BGV key switching. The BASALISC toolchain comprises a custom compiler and a joint performance and correctness simulator. To evaluate BASALISC, we study its physical realizability, emulate and formally verify its core functional units, and we study its performance on a set of benchmarks. Simulation results show a speedup of more than 5,000× over HElib – a popular software FHE library.

Metadata

Available format(s): PDF
Category: Implementation
Publication info: Published by the IACR in TCHES 2023
DOI: 10.46586/tches.v2023.i4.32-57
Keywords: FHE BGV Hardware accelerator ASIC
Contact author(s): robin geelen @ esat kuleuven be
michiel vanbeirendonck @ esat kuleuven be
hildervitor limapereira @ esat kuleuven be
huffman @ galois com
tynan @ niobiummicrosystems com
benselfridge @ galois com
dmwit @ galois com
georgios @ niobiummicrosystems com
ingrid verbauwhede @ esat kuleuven be
frederik vercauteren @ esat kuleuven be
dwa @ galois com
History: 2023-09-06: last of 4 revisions; 2022-05-27: received; See all versions
Short URL: https://ia.cr/2022/657
License: CC BY

BibTeX

@misc{cryptoeprint:2022/657,
      author = {Robin Geelen and Michiel Van Beirendonck and Hilder V. L. Pereira and Brian Huffman and Tynan McAuley and Ben Selfridge and Daniel Wagner and Georgios Dimou and Ingrid Verbauwhede and Frederik Vercauteren and David W. Archer},
      title = {BASALISC: Programmable Hardware Accelerator for BGV Fully Homomorphic Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2022/657},
      year = {2022},
      doi = {10.46586/tches.v2023.i4.32-57},
      note = {\url{https://eprint.iacr.org/2022/657}},
      url = {https://eprint.iacr.org/2022/657}
}