CryptoDB
Teaching an Old Dog New Tricks: Verifiable FHE Using Commodity Hardware
| Authors: | |
|---|---|
| Download: | |
| Presentation: | Slides |
| Abstract: | This talk presents Argos: a viable path to make fully homomorphic encryption (FHE) deployable in real world scenarios where attackers cannot be assumed to be semi-honest. We demonstrate that trusted hardware can be securely used to provide integrity for FHE and other FHE-based protocols that implement functionalities such as private information retrieval (PIR) or private set intersection (PSI). We show that the major security pitfall of trusted hardware, \emph{microarchitectural} side channels, can be completely mitigated by excluding any secrets from the CPU and the memory hierarchy. This is made possible by focusing on building a platform that only enforces program and data \emph{integrity} and \emph{not} confidentiality (all that is required for verifiable FHE). All secrets can be kept in a separate co-processor (e.g., a TPM) inaccessible to an attacker. While relying on an off-CPU chip for attestation typically incurs significant performance overheads, our modified protocol turns it into a fixed-cost. Argos requires no dedicated hardware extensions and is supported on commodity processors from 2008 onward. Our hardware prototype executes 80 times faster than state-of-the-art on SGX, while introducing only 7\% overhead for FHE evaluation and 22\% for more complex protocols. By demonstrating how to combine cryptography with trusted hardware, Argos paves the way for widespread deployment of FHE-based protocols beyond the semi-honest setting. |
| Video: | https://youtu.be/hVCVT9b-uFY |
BibTeX
@misc{rwc-2025-35857,
title={Teaching an Old Dog New Tricks: Verifiable FHE Using Commodity Hardware},
note={Video at \url{https://youtu.be/hVCVT9b-uFY}},
howpublished={Talk given at RWC 2025},
author={Jules Drean and Fisher Jepsen and G. Edward Suh and Srini Devadas and Aamer Jaleel and Gururaj Saileshwar},
year=2025
}