D5.7 Design and Specifications of an Updated Version of Armadillo (Version 1)

This document describes the first elements of design and specification for an updated version of the Cingulata1 compiler and results of the work conducted as part of Task 5.3: ‘Homomorphic Encryption Schemes’. The aim is to conceive an extension of the current crypto-compiler and Run-Time Execution Environment (RTE) providing support for a more efficient and flexible execution of applications on homomorphic encrypted data. 

One of the requirements we identified is that the new version of the compiler has to include and to support the generic interface for different Fully Homomorphic Encryption (FHE) cryptosystems. This imposes changing the front-end such that the programs to be written for encrypted data use the updated interface. As such, the crypto-compiler will allow not only the transformation of the input code into a Boolean circuit (as it is the case for the current version), but also the support for fast bootstrap of FHE schemes. Moreover, it is conceived for writing a code for encrypted data input in a relatively easy way, without being subject to low-level programming errors and without particular knowledge of the subtleties of the underlying homomorphic cryptosystem. The programmers will have at their disposal a generic and configurable “integer”-like type – instrumentation of a set of either plain or encrypted bits. The new front-end will, as such, allow to write applications using both clear and encrypted data. The new front-end will continue to support mainly somewhat and fully homomorphic schemes working with binary plaintext spaces. Therefore, we keep the option to transform the code into a Boolean circuit, optimize it and execute it afterwards on encrypted data. 

Related to this last feature, we designed and specified a multi-start heuristic, dedicated to the optimization of these Boolean circuits in order to be executed on homomorphic encrypted data. The main optimization objective is to reduce the multiplicative depth, i.e. the number of successively AND gates. This allows to obtain smaller ciphertext sizes, but also to ameliorate the overall execution time of the Boolean circuit. This multi-start heuristic will be back-compatible with the existing ABC library and will be included in the optimization module.

Finally, for this first version, no major changes are envisaged for the runtime part. Of course, one requirement is that it will have to extend the current functionalities with support to the generic interface and more recent FHE libraries.

The design and specifications presented here will be used in the implementation task T6.3 and will be further refined until the end of task T5.3. The elements presented here are strongly related with their implementation (in Task T6.3 and the validation pilots. They will serve to have an ameliorated crypto-compiler and execution environment which will be part of the homomorphic encryption component provided by the KONFIDO architecture.

As such, the work presented here contributes to the overall objective of KONFIDO of providing a set of tools for the secure exchange and processing of health data both at national level, as well as at European level. Konfido will thus advance the state of the art of eHealth technology with respect to the four key dimensions of digital security, namely: data preservation, data access and modification, data exchange, and interoperability and compliance.