D5.5 Definition of a Generic Interface for FHE Schemes (Version 1)

The overall objective of KONFIDO project is to leverage proven tools and procedures, as well as novel approaches and cutting-edge technology, in view of creating a scalable and holistic paradigm for secure inner and cross-border exchange, storage and overall handling of healthcare data in a legal and ethical way, both at national and European levels. For achieving this general target, KONFIDO’s vision is to design a versatile and trusted toolbox exploiting the full potential of different security technical solutions. One of them consists in the development and use of homomorphic encryption techniques, in order to support secure health data storage, processing and exchange.

A first phase to accomplish this objective is related to the work conducted as part of task 5.3 “Homomorphic Encryption Schemes”. This deliverable, associated with sub-task 5.3.1, has the aim of providing a first description of a generic interface for homomorphic encryption schemes. This new generic homomorphic API will be used in CingulataTM1, the CEA compilation chain, in order to facilitate testing, selection and integration of different homomorphic cryptosystems for data processing in KONFIDO platform.

The methodology followed in order to design a first version of the generic interface is explained in the next paragraphs.

The literature on Fully Homomorphic Encryption (FHE) schemes is advancing very fast with the proposal, each year, of new and more performant homomorphic cryptosystems. Therefore, it was necessary to perform a very thoughtful state of art, in order to have an updated global view of the existing schemes. The study of existing literature allowed us to identify which general characteristics that FHE schemes have in common (mainly the capacity to perform both additions and multiplications over encrypted data). It also revealed that low-level implementations of homomorphic operations are quite different and dependable of the underlying mathematical constructions.

Thus, the difficulty of this part of the process for designing the interface was to make a selection of the most promising cryptosystems, analyze them and identify the common operations which could be included in a generic API. In parallel with the state-of-the-art, we realized an analysis of the interface currently used by Cingulata, the CEA crypto-compiler and run-time environment. We studied its structure, the homomorphic properties and operations that it exposes, how it is used by the programmers, its role and integration in the overall compilation chain. Our intention is to build on top of it, by exploiting its strengths, re-using some parts of its design and try to overcome its drawbacks.

Once these two first steps were accomplished, we laid down the first elements of a generic interface for FHE cryptosystems. This version of the design makes use of the general considerations we extracted while conducting our state-of-the-art review. For example, we remarked that the vast majority of the most performant and secure FHE schemes utilize a binary (or equivalent) plaintext space.

Therefore, we decided to expose a generic abstract class for operations at bit level that will be further specialized by classes implementing specific FHE cryptosystems. However, programming at such low-level is cumbersome and error-prone. Thus, we keep and ameliorate the idea, for the Cingulata interface, to have an instrumented type to represent encrypted “integers”, which expose associated operations.

This new interface has several advantages such as: it is highly configurable, it can easily include new FHE libraries, it can be used to perform operations on both clear and encrypted data and it is relatively easy to use by programmers (even for those without a background on homomorphic cryptography). Of course, this document provides only the first elements of answer and further refinements and precisions in the design are required.