FHE Circuit Privacy for Free
Ana Maria Costache (NTNU, Trondheim, Norvège)Circuit privacy is an important notion in Fully Homomorphic Encryption (FHE), well-illustrated by the Machine Learning-as-a-Service scenario. A scheme is circuit private if an adversary cannot learn the circuit evaluated on a ciphertext from the computation result. In this talk, we show that the FHE scheme BGV is computationally circuit private in a semi-honest context.
In more detail, we first introduce the notions of FHE and the BGV scheme. Then, we define computational circuit privacy and argue why this definition is strong enough for our purpose. We then show that BGV naturally fulfills this definition and, furthermore, that if the adversary is assumed to have the secret key, it may learn information about the circuit even if the scheme is proven to be circuit private. We therefore, propose a new definition of computational circuit privacy to capture this as well. We prove that through modulus switching ciphertexts in strategic places, we can achieve this new definition without the need for any additional expensive machinery.
Joint work with Lea Nürnberger and Tjerand Silde.