HEAX: An Architecture for Computing on Encrypted Data (1909.09731v2)

Abstract: With the rapid increase in cloud computing, concerns surrounding data privacy, security, and confidentiality also have been increased significantly. Not only cloud providers are susceptible to internal and external hacks, but also in some scenarios, data owners cannot outsource the computation due to privacy laws such as GDPR, HIPAA, or CCPA. Fully Homomorphic Encryption (FHE) is a groundbreaking invention in cryptography that, unlike traditional cryptosystems, enables computation on encrypted data without ever decrypting it. However, the most critical obstacle in deploying FHE at large-scale is the enormous computation overhead. In this paper, we present HEAX, a novel hardware architecture for FHE that achieves unprecedented performance improvement. HEAX leverages multiple levels of parallelism, ranging from ciphertext-level to fine-grained modular arithmetic level. Our first contribution is a new highly-parallelizable architecture for number-theoretic transform (NTT) which can be of independent interest as NTT is frequently used in many lattice-based cryptography systems. Building on top of NTT engine, we design a novel architecture for computation on homomorphically encrypted data. We also introduce several techniques to enable an end-to-end, fully pipelined design as well as reducing on-chip memory consumption. Our implementation on reconfigurable hardware demonstrates 164-268x performance improvement for a wide range of FHE parameters.

• The paper proposes HEAX, a novel architecture that significantly speeds up FHE computations by 164–268x via an optimized Number-Theoretic Transform design.
• It introduces a modular and flexible FPGA implementation that supports a broad range of FHE parameters, enhancing scalability and resource efficiency.
• The work demonstrates efficient on-chip memory usage and parallel arithmetic operations, overcoming traditional bottlenecks in encrypted data processing.

Overview of HEAX: An Architecture for Computing on Encrypted Data

The paper presents HEAX, a novel hardware architecture designed to significantly enhance the performance of Fully Homomorphic Encryption (FHE) computations. In recent years, cloud computing has revolutionized data processing capabilities, offering scalability and efficiency. However, this evolution is accompanied by increased concerns over data privacy and security, exacerbated by stringent regulatory frameworks like GDPR, HIPAA, and CCPA. Although FHE presents a promising paradigm by allowing computations on encrypted data, its deployment is severely hindered by computational overheads.

Key Contributions

HEAX addresses these performance bottlenecks through a series of innovative architectural developments:

1. Number-Theoretic Transform (NTT) Architecture: The authors introduce a highly parallelizable architecture for NTT, which serves as a critical component in many lattice-based cryptography systems. This development optimizes NTT processing, offering significant computational savings.
2. Modularity and Flexibility: Unlike previous solutions tailored for specific encryption parameters, HEAX supports a broad range of FHE parameters. Its modular architecture facilitates adaptation to different FPGA settings, ensuring scalability and resource efficiency.
3. FPGA Implementation and Performance Enhancements: The authors implement HEAX on two distinct FPGA platforms, namely Intel Arria 10 and Stratix 10, revealing substantial improvements—164 to 268 times faster than optimized CPU-based counterparts using Microsoft SEAL library.

Architectural Design

HEAX capitalizes on multiple layers of parallelism, ranging from ciphertext-level to fine-grained arithmetic operations. The architecture is meticulously crafted to align with the multi-stage computation processes inherent to FHE. The introduction of several optimized core computation blocks for fast modular arithmetic underpins its performance enhancements.

Challenges and Solutions

Designing an architecture for FHE is fraught with complexity due to the large degree of polynomials and the convoluted data dependencies. Prior work often faced performance limitations due to reliance on CPU-side computations or excessive off-chip memory storage. HEAX overcomes these issues through:

• Efficient Data Storage: By efficiently utilizing on-chip memory, HEAX minimizes off-chip memory accesses, a common pitfall that degrades performance.
• Optimized Polynomial Processing: The architecture processes polynomials in RNS representation, enabling efficient arithmetic operations and optimizing NTT procedures.

Evaluation and Results

HEAX's evaluation on multiple FHE parameter sets showcases its flexibility and performance superiority. The paper reports comprehensive resource consumption metrics and architectural scalability across various FPGA configurations, affirming its adaptability.

Implications and Future Directions

HEAX advances the practical deployment of FHE in cloud environments, a step crucial for safeguarding sensitive computations. The demonstrated architectural improvements lay foundational work for future hardware accelerators capable of supporting a wider variety of homomorphic encryption schemes. The intricate design considerations—coupled with the attainment of computational efficiency—project HEAX as a pivotal enabler in the ongoing pursuit of privacy-preserving technologies.

Conclusion

By addressing key limitations in the scalability and efficiency of FHE computations, HEAX has the potential to transform how encrypted data is processed in cloud environments. Its adaptable architecture and marked performance gains offer a significant leap towards the practical adoption of secure, homomorphic computations, marking a crucial development in cryptographic research and data privacy.