research-article

Public Access

EVA: an encrypted vector arithmetic language and compiler for efficient homomorphic computation

Authors:

Roshan Dathathri,

Blagovesta Kostova,

Olli Saarikivi,

Madan MusuvathiAuthors Info & Claims

PLDI 2020: Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation

Pages 546 - 561

https://doi.org/10.1145/3385412.3386023

Published: 11 June 2020 Publication History

Abstract

Fully-Homomorphic Encryption (FHE) offers powerful capabilities by enabling secure offloading of both storage and computation, and recent innovations in schemes and implementations have made it all the more attractive. At the same time, FHE is notoriously hard to use with a very constrained programming model, a very unusual performance profile, and many cryptographic constraints. Existing compilers for FHE either target simpler but less efficient FHE schemes or only support specific domains where they can rely on expert-provided high-level runtimes to hide complications.

This paper presents a new FHE language called Encrypted Vector Arithmetic (EVA), which includes an optimizing compiler that generates correct and secure FHE programs, while hiding all the complexities of the target FHE scheme. Bolstered by our optimizing compiler, programmers can develop efficient general-purpose FHE applications directly in EVA. For example, we have developed image processing applications using EVA, with a very few lines of code.

EVA is designed to also work as an intermediate representation that can be a target for compiling higher-level domain-specific languages. To demonstrate this, we have re-targeted CHET, an existing domain-specific compiler for neural network inference, onto EVA. Due to the novel optimizations in EVA, its programs are on average 5.3× faster than those generated by CHET. We believe that EVA would enable a wider adoption of FHE by making it easier to develop FHE applications and domain-specific FHE compilers.

References

[1]

Martin Albrecht, Melissa Chase, Hao Chen, Jintai Ding, Shafi Goldwasser, Sergey Gorbunov, Shai Halevi, Jeffrey Hoffstein, Kim Laine, Kristin Lauter, Satya Lokam, Daniele Micciancio, Dustin Moody, Travis Morrison, Amit Sahai, and Vinod Vaikuntanathan. 2018.

[2]

Homomorphic Encryption Security Standard. Technical Report. HomomorphicEncryption.org, Toronto, Canada.

[3]

David W. Archer, José Manuel Calderón Trilla, Jason Dagit, Alex Malozemoff, Yuriy Polyakov, Kurt Rohloff, and Gerard Ryan. 2019. RAMPARTS: A Programmer-Friendly System for Building Homomorphic Encryption Applications. In Proceedings of the 7th ACM Workshop on Encrypted Computing &#38; Applied Homomorphic Cryptography (London, United Kingdom) (WAHC’19). ACM, New York, NY, USA, 57–68.

Digital Library

[4]

Louis JM Aslett, Pedro M Esperança, and Chris C Holmes. 2015.

[5]

A review of homomorphic encryption and software tools for encrypted statistical machine learning. arXiv preprint arXiv:1508.06574 (2015).

[6]

Fabian Boemer, Anamaria Costache, Rosario Cammarota, and Casimir Wierzynski. 2019. nGraph-HE2: A High-Throughput Framework for Neural Network Inference on Encrypted Data. In Proceedings of the 7th ACM Workshop on Encrypted Computing & Applied Homomorphic Cryptography.

Digital Library

[7]

Fabian Boemer, Yixing Lao, Rosario Cammarota, and Casimir Wierzynski. 2019. nGraph-HE: A Graph Compiler for Deep Learning on Homomorphically Encrypted Data. In Proceedings of the 16th ACM International Conference on Computing Frontiers.

Digital Library

[8]

Zvika Brakerski, Craig Gentry, and Vinod Vaikuntanathan. 2012. (Leveled) fully homomorphic encryption without bootstrapping. In ITCS 2012: 3rd Innovations in Theoretical Computer Science, Shafi Goldwasser (Ed.). Association for Computing Machinery, Cambridge, MA, USA, 309–325.

Digital Library

[9]

Alon Brutzkus, Ran Gilad-Bachrach, and Oren Elisha. 2019.

[10]

Low Latency Privacy Preserving Inference. In Proceedings of the 36th International Conference on Machine Learning, ICML, Kamalika Chaudhuri and Ruslan Salakhutdinov (Eds.).

[11]

Hervé Chabanne, Amaury de Wargny, Jonathan Milgram, Constance Morel, and Emmanuel Prouff. 2017. Privacy-Preserving Classification on Deep Neural Network. Cryptology ePrint Archive, Report 2017/035. http://eprint.iacr.org/2017/035.

[12]

Nishanth Chandran, Divya Gupta, Aseem Rastogi, Rahul Sharma, and Shardul Tripathi. 2019.

[13]

EzPC: Programmable and Efficient Secure Two-Party Computation for Machine Learning. In IEEE European Symposium on Security and Privacy, EuroS&P.

[14]

Hao Chen. 2017. Optimizing relinearization in circuits for homomorphic encryption. CoRR abs/1711.06319 (2017).

[15]

https://arxiv.org/abs/ 1711.06319.

[16]

Jung Hee Cheon, Kyoohyung Han, Andrey Kim, Miran Kim, and Yongsoo Song. 2018.

[17]

A Full RNS variant of Approximate Homomorphic Encryption. In Selected Areas in Cryptography – SAC 2018. Springer.

[18]

Jung Hee Cheon, Kyoohyung Han, Andrey Kim, Miran Kim, and Yongsoo Song. 2019. A Full RNS Variant of Approximate Homomorphic Encryption. In SAC 2018: 25th Annual International Workshop on Selected Areas in Cryptography (Lecture Notes in Computer Science), Carlos Cid and Michael J. Jacobson Jr: (Eds.), Vol. 11349. Springer, Heidelberg, Germany, Calgary, AB, Canada, 347–368. 3-030-10970-7_16

[19]

Jung Hee Cheon, Andrey Kim, Miran Kim, and Yong Soo Song. 2017.

[20]

Homomorphic Encryption for Arithmetic of Approximate Numbers. In Advances in Cryptology – ASIACRYPT 2017, Part I (Lecture Notes in Computer Science), Tsuyoshi Takagi and Thomas Peyrin (Eds.), Vol. 10624. Springer, Heidelberg, Germany, Hong Kong, China, 409– 437.

[21]

Cingulata 2018. Cingulata. https://github.com/CEA-LIST/Cingulata.

[22]

David Corvoysier. 2017. SqueezeNet for CIFAR-10. https://github.com/ kaizouman/tensorsandbox/tree/master/cifar10/models/squeeze.

[23]

Eric Crockett, Chris Peikert, and Chad Sharp. 2018.

[24]

ALCHEMY: A Language and Compiler for Homomorphic Encryption Made EasY. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (Toronto, Canada) (CCS ’18). Association for Computing Machinery, New York, NY, USA, 1020–1037.

[25]

Scott Cyphers, Arjun K. Bansal, Anahita Bhiwandiwalla, Jayaram Bobba, Matthew Brookhart, Avijit Chakraborty, William Constable, Christian Convey, Leona Cook, Omar Kanawi, Robert Kimball, Jason Knight, Nikolay Korovaiko, Varun Kumar Vijay, Yixing Lao, Christopher R. Lishka, Jaikrishnan Menon, Jennifer Myers, Sandeep Aswath Narayana, Adam Procter, and Tristan J. Webb. 2018.

[26]

Intel nGraph: An Intermediate Representation, Compiler, and Executor for Deep Learning. CoRR abs/1801.08058 (2018).

[27]

arXiv: 1801.08058 http: //arxiv.org/abs/1801.08058

[28]

Roshan Dathathri, Olli Saarikivi, Hao Chen, Kim Laine, Kristin Lauter, Saeed Maleki, Madanlal Musuvathi, and Todd Mytkowicz. 2019. CHET: An Optimizing Compiler for Fully-homomorphic Neural-network Inferencing. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation.

Digital Library

[29]

Junfeng Fan and Frederik Vercauteren. 2012.

[30]

Somewhat Practical Fully Homomorphic Encryption. Cryptology ePrint Archive, Report 2012/144. https://eprint.iacr.org/2012/144.

[31]

Galois System 2019. Galois System. http://iss.oden.utexas.edu/?p= projects/galois

[32]

Ran Gilad-Bachrach, Nathan Dowlin, Kim Laine, Kristin Lauter, Michael Naehrig, and John Wernsing. 2016.

[33]

CryptoNets: Applying Neural Networks to Encrypted Data with High Throughput and Accuracy. In Proceedings of The 33rd International Conference on Machine Learning, ICML.

[34]

Oded Goldreich, Silvio Micali, and Avi Wigderson. 1987.

[35]

How to Play any Mental Game or A Completeness Theorem for Protocols with Honest Majority. In 19th Annual ACM Symposium on Theory of Computing, Alfred Aho (Ed.). ACM Press, New York City, NY, USA, 218–229.

Digital Library

[36]

Google Inc. [n.d.]. Protocol Buffer. https://developers.google.com/ protocol-buffers. Google Inc.

[37]

Marcella Hastings, Brett Hemenway, Daniel Noble, and Steve Zdancewic. 2019. SoK: General Purpose Compilers for Secure Multi-Party Computation. In 2019 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, San Francisco, CA, USA, 1220–1237.

[38]

HElib 2020. HElib. https://github.com/homenc/HElib.

[39]

Ehsan Hesamifard, Hassan Takabi, and Mehdi Ghasemi. 2017. CryptoDL: Deep Neural Networks over Encrypted Data. (2017). http: //arxiv.org/abs/1711.05189

[40]

Forrest N. Iandola, Matthew W. Moskewicz, Khalid Ashraf, Song Han, William J. Dally, and Kurt Keutzer. 2016. SqueezeNet: AlexNet-level accuracy with 50x fewer parameters and <1MB model size. CoRR abs/1602.07360 (2016).

[41]

https://arxiv.org/abs/1602.07360.

[42]

Cryptography Lab in Seoul National University. [n.d.]. Homomorphic Encryption for Arithmetic of Approximate Numbers (HEAAN).

[43]

Xiaoqian Jiang, Miran Kim, Kristin E. Lauter, and Yongsoo Song. 2018.

[44]

Secure Outsourced Matrix Computation and Application to Neural Networks. In ACM CCS 2018: 25th Conference on Computer and Communications Security, David Lie, Mohammad Mannan, Michael Backes, and XiaoFeng Wang (Eds.). ACM Press, Toronto, ON, Canada, 1209– 1222.

[45]

Chiraag Juvekar, Vinod Vaikuntanathan, and Anantha Chandrakasan. 2018. GAZELLE: A Low Latency Framework for Secure Neural Network Inference. In USENIX Security 2018: 27th USENIX Security Symposium, William Enck and Adrienne Porter Felt (Eds.). USENIX Association, Baltimore, MD, USA, 1651–1669.

[46]

PLDI ’20, June 15–20, 2020, London, UK Roshan Dathathri, Blagovesta Kostova, Olli Saarikivi, Wei Dai, Kim Laine, and Madan Musuvathi

[47]

Alex Krizhevsky. 2009. The CIFAR-10 Dataset. https://www.cs.toronto. edu/~kriz/cifar.html.

[48]

Yann LeCun, Corinna Cortes, and Christopher J.C. Burges. [n.d.]. The MNIST Database of Handwritten Digits. http://yann.lecun.com/exdb/ mnist/.

[49]

Jian Liu, Mika Juuti, Yao Lu, and N. Asokan. 2017. Oblivious Neural Network Predictions via MiniONN Transformations. In ACM CCS 2017: 24th Conference on Computer and Communications Security, Bhavani M. Thuraisingham, David Evans, Tal Malkin, and Dongyan Xu (Eds.). ACM Press, Dallas, TX, USA, 619–631.

Digital Library

[50]

3134056

[51]

Vadim Lyubashevsky, Chris Peikert, and Oded Regev. 2010. On Ideal Lattices and Learning with Errors over Rings. In Advances in Cryptology – EUROCRYPT 2010 (Lecture Notes in Computer Science), Henri Gilbert (Ed.), Vol. 6110. Springer, Heidelberg, Germany, French Riviera, 1–23.

Digital Library

[52]

Payman Mohassel and Peter Rindal. 2018. ABY 3 : A Mixed Protocol Framework for Machine Learning. In ACM CCS 2018: 25th Conference on Computer and Communications Security, David Lie, Mohammad Mannan, Michael Backes, and XiaoFeng Wang (Eds.). ACM Press, Toronto, ON, Canada, 35–52.

Digital Library

[53]

Payman Mohassel and Yupeng Zhang. 2017. SecureML: A System for Scalable Privacy-Preserving Machine Learning. In 2017 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, San Jose, CA, USA, 19–38.

[54]

Donald Nguyen, Andrew Lenharth, and Keshav Pingali. 2013.

[55]

A Lightweight Infrastructure for Graph Analytics. In Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles (Farminton, Pennsylvania) (SOSP ’13). ACM, New York, NY, USA, 456– 471.

Digital Library

[56]

PALISADE 2020. PALISADE Homomorphic Encryption Software Library. https://palisade-crypto.org/.

[57]

M. Sadegh Riazi, Christian Weinert, Oleksandr Tkachenko, Ebrahim M. Songhori, Thomas Schneider, and Farinaz Koushanfar. 2018.

[58]

Bita Darvish Rouhani, M. Sadegh Riazi, and Farinaz Koushanfar. 2018.

[59]

Deepsecure: Scalable Provably-secure Deep Learning. In Proceedings of the 55th Annual Design Automation Conference (San Francisco, California) (DAC ’18). ACM, New York, NY, USA, Article 2, 6 pages.

Digital Library

[60]

SEAL 2019. Microsoft SEAL (release 3.3). https://github.com/Microsoft/ SEAL. Microsoft Research, Redmond, WA.

[61]

TensorFlow 2016.

[62]

LeNet-5-like convolutional MNIST model example. https://github.com/tensorflow/models/blob/v1.9.0/tutorials/ image/mnist/convolutional.py.

[63]

Sameer Wagh, Divya Gupta, and Nishanth Chandran. 2019. SecureNN: 3-Party Secure Computation for Neural Network Training. Proceedings on Privacy Enhancing Technologies 2019, 3 (July 2019), 26–49.

Cited By

Zhang PDuan ALu H(2024)An Efficient Homomorphic Argmax Approximation for Privacy-Preserving Neural NetworksCryptography10.3390/cryptography80200188:2(18)Online publication date: 1-May-2024
https://doi.org/10.3390/cryptography8020018
Chielle EMazonka OManiatakos M(2024)Optimizing Ciphertext Management for Faster Fully Homomorphic Encryption Computation2024 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE58400.2024.10546534(1-6)Online publication date: 25-Mar-2024
https://doi.org/10.23919/DATE58400.2024.10546534
Nozaki AKojima TNakamura HTakase H(2024)MLIR-Based Homomorphic Encryption Compiler for GPUProceedings of the 14th International Symposium on Highly Efficient Accelerators and Reconfigurable Technologies10.1145/3665283.3665343(130-132)Online publication date: 19-Jun-2024
https://dl.acm.org/doi/10.1145/3665283.3665343
Show More Cited By

Index Terms

EVA: an encrypted vector arithmetic language and compiler for efficient homomorphic computation

Recommendations

CHET: an optimizing compiler for fully-homomorphic neural-network inferencing
PLDI 2019: Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation

Fully Homomorphic Encryption (FHE) refers to a set of encryption schemes that allow computations on encrypted data without requiring a secret key. Recent cryptographic advances have pushed FHE into the realm of practical applications. However, ...
Chosen ciphertext secure keyed-homomorphic public-key cryptosystems

In homomorphic encryption schemes, anyone can perform homomorphic operations, and therefore, it is difficult to manage when, where and by whom they are performed. In addition, the property that anyone can "freely" perform the operation inevitably means ...
Delegatable homomorphic encryption with applications to secure outsourcing of computation
CT-RSA'12: Proceedings of the 12th conference on Topics in Cryptology

We propose a new cryptographic primitive called Delegatable Homomorphic Encryption (DHE). This allows a Trusted Authority to control/delegate the evaluation of circuits over encrypted data to untrusted workers/evaluators by issuing tokens. This ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

PLDI 2020: Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation

June 2020

1174 pages

ISBN:9781450376136

DOI:10.1145/3385412

General Chair:
Alastair F. Donaldson
Imperial College London, UK
,
Program Chair:
Emina Torlak
University of Washington, USA

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation
DARPA

Conference

PLDI '20

Sponsor:

SIGPLAN

PLDI '20: 41st ACM SIGPLAN International Conference on Programming Language Design and Implementation

June 15 - 20, 2020

London, UK

Acceptance Rates

Overall Acceptance Rate 406 of 2,067 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

54
Total Citations
View Citations
1,718
Total Downloads

Downloads (Last 12 months)495
Downloads (Last 6 weeks)36

Reflects downloads up to 12 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhang PDuan ALu H(2024)An Efficient Homomorphic Argmax Approximation for Privacy-Preserving Neural NetworksCryptography10.3390/cryptography80200188:2(18)Online publication date: 1-May-2024
https://doi.org/10.3390/cryptography8020018
Chielle EMazonka OManiatakos M(2024)Optimizing Ciphertext Management for Faster Fully Homomorphic Encryption Computation2024 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE58400.2024.10546534(1-6)Online publication date: 25-Mar-2024
https://doi.org/10.23919/DATE58400.2024.10546534
Nozaki AKojima TNakamura HTakase H(2024)MLIR-Based Homomorphic Encryption Compiler for GPUProceedings of the 14th International Symposium on Highly Efficient Accelerators and Reconfigurable Technologies10.1145/3665283.3665343(130-132)Online publication date: 19-Jun-2024
https://dl.acm.org/doi/10.1145/3665283.3665343
Ye QDelaware B(2024)Taypsi: Static Enforcement of Privacy Policies for Policy-Agnostic Oblivious ComputationProceedings of the ACM on Programming Languages10.1145/36498618:OOPSLA1(1407-1436)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3649861
Feng BWang ZWang YYang SDing YTsafrir DMUSUVATHI MGupta RAbu-Ghazaleh N(2024)ZENO: A Type-based Optimization Framework for Zero Knowledge Neural Network InferenceProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 110.1145/3617232.3624852(450-464)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3617232.3624852
Gouert CMouris DTsoutsos N(2024)Juliet: A Configurable Processor for Computing on Encrypted DataIEEE Transactions on Computers10.1109/TC.2024.341675273:9(2335-2349)Online publication date: Sep-2024
https://doi.org/10.1109/TC.2024.3416752
Neda NEbel AReynwar BReagen B(2024)CiFlow: Dataflow Analysis and Optimization of Key Switching for Homomorphic Encryption2024 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS)10.1109/ISPASS61541.2024.00016(61-72)Online publication date: 5-May-2024
https://doi.org/10.1109/ISPASS61541.2024.00016
Kim DPark JKim JKim SAhn J(2024)HyPHEN: A Hybrid Packing Method and Its Optimizations for Homomorphic Encryption-Based Neural NetworksIEEE Access10.1109/ACCESS.2023.334817012(3024-3038)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2023.3348170
Shih CHung SChen CPerng CKao MShih CKuo T(2024)A Heterogeneous Computing Framework for Accelerating Fully Homomorphic EncryptionMobile Internet Security10.1007/978-981-97-4465-7_9(121-135)Online publication date: 12-Jul-2024
https://doi.org/10.1007/978-981-97-4465-7_9
Yuan MZou ZGao W(2024)Bi-CryptoNets: Leveraging Different-Level Privacy for Encrypted InferenceAdvances in Knowledge Discovery and Data Mining10.1007/978-981-97-2253-2_17(210-222)Online publication date: 25-Apr-2024
https://doi.org/10.1007/978-981-97-2253-2_17
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents