International Association
for Cryptologic Research

We present a hardware architecture for all building blocks required in polynomial ring based fully homomorphic schemes and use it to instantiate the somewhat homomorphic encryption scheme YASHE. Our implementation is the first FPGA implementation that is designed for evaluating functions on homomorphically encrypted data (up to a certain multiplicative depth) and we illustrate this capability by evaluating the SIMON-64/128 symmetric key cipher in the encrypted domain. Our implementation provides a fast polynomial operations unit using CRT and NTT for multiplication combined with an optimized memory access scheme; a fast Barrett like polynomial reduction method that allows all possible polynomial moduli; an efficient divide and round unit required in the multiplication of ciphertexts and an efficient CRT unit. These building blocks can be easily reused to instantiate any other polynomial ring based fully homomorphic scheme, including the ones designed for SIMD operations, since no restricting assumptions have been made. These building blocks are integrated in a coprocessor with instructions to execute YASHE, which can be controlled by a computer for evaluating arbitrary functions (up to the multiplicative depth 44 and 128-bit security level). Our architecture was compiled (place-and-route analysis) for a single Xilinx Virtex-7 XC7V1140T FPGA, where it consumes 23\\,\\% of registers, 50\\,\\% of LUTs, 53\\,\\% of DSP slices, and 38\\,\\% of BlockRAM memory. The implementation evaluates SIMON-64/128 in approximately 157.7\\,s (at 143\\,MHz) and it processes 2048 ciphertexts at once giving a relative time of only 77\\,ms per block. This is 26.6 times faster than the leading software implementation on a 4-core Intel Core-i7 processor running at 3.4\\,GHz.