Skip to main content
SpringerLink
Log in

Leaking secrets in homomorphic encryption with side-channel attacks

  • Research Article
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

Homomorphic encryption (HE) allows computing encrypted data in the ciphertext domain without knowing the encryption key. It is possible, however, to break fully homomorphic encryption (FHE) algorithms by using side channels. This article demonstrates side-channel leakages of the Microsoft SEAL HE library. The proposed attack can steal encryption keys during the key generation phase by abusing the leakage of ternary value assignments that occurs during the number theoretic transform (NTT) algorithm. We propose two attacks, one for -O0 flag non-optimized code implementation which targets addition and subtraction operations, and one for -O3 flag compiler optimization which targets guard and mul_root operations. In particular, the attacks can steal the secret key coefficients from a single power/electromagnetic measurement trace of SEAL’s NTT implementation. To achieve high accuracy with a single-trace, we develop novel machine-learning side-channel profilers. On an ARM Cortex-M4F processor, our attacks are able to extract secret key coefficients with an accuracy of 98.3% when compiler optimization is disabled, and 98.6% when compiler optimization is enabled. We finally demonstrate that our attack can evade an application of the random delay insertion defense.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Notes

  1. https://developer.arm.com/documentation/102654/0100/Overview-of-optimizations.

  2. https://www.riscure.com/product/current-probe.

References

  1. Aydin, F., Aysu, A.: Exposing side-channel leakage of seal homomorphic encryption library. In: Proceedings of the 2022 workshop on attacks and solutions in hardware security (ASHES), pp 95–100 (2022). https://doi.org/10.1145/3560834.3563833

  2. Aydin, F., Aysu, A., Tiwari, M., et al.: Horizontal side-channel vulnerabilities of post-quantum key exchange and encapsulation protocols. ACM Trans Embedded Comput. Syst. 20(6), 1–22 (2021). https://doi.org/10.1145/3476799

    Article  Google Scholar 

  3. Aydin, F., Karabulut, E., Potluri, S., et al.: RevEAL: Single-trace side-channel leakage of the SEAL homomorphic encryption library. In: 2022 Design, Automation and Test in Europe Conference & Exhibition (DATE), 99–117 (2022), https://doi.org/10.23919/DATE54114.2022.9774724

  4. Boemer, F., Lao, Y., Cammarota, R., et al.: nGraph-HE: a graph compiler for deep learning on homomorphically encrypted data. In: Proceedings of the 16th ACM International Conference on Computing Frontiers, pp 3–13 (2019)

  5. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: international workshop on cryptographic hardware and embedded systems (CHES), pp 16–29 (2004)

  6. Campbell, D., Dunne, R., Campbell, N.A.: On the pairing of the softmax activation and cross–entropy penalty functions and the derivation of the softmax activation function. In: Australian Conference on Neural Networks, pp 181–185 (1997)

  7. Cheon, J., Kim, A., Kim, M., et al.: Homomorphic encryption for arithmetic of approximate numbers. In: international conference on the theory and application of cryptology and information security (ASIACRYPT), pp 409–437 (2017)

  8. Colombier, B., Grosso, V., Cayrel, P.L., et al.: Horizontal correlation attack on classic McEliece. IACR Cryptol. ePrint Arch., Report 2023/546 (2023)

  9. Cooley, J., Tukey, J.W.: An algorithm for the machine calculation of complex Fourier series. Math. Comput. 19(90), 297–301 (1965)

    Article  MathSciNet  Google Scholar 

  10. Coron, J.S., Kizhvatov, I.: An efficient method for random delay generation in embedded software. In: international workshop on cryptographic hardware and embedded systems (CHES), pp 156–170 (2009)

  11. Coron, J.S., Kizhvatov, I.: Analysis and improvement of the random delay countermeasure of CHES 2009. In: international workshop on cryptographic hardware and embedded systems (CHES), pp 95–109, (2010)

  12. Drucker, N., Pelleg, T.: Timing leakage analysis of non-constant-time NTT implementations with Harvey butterflies. In: international symposium on cyber security, cryptology, and machine learning (CSCML), pp 99–117, (2022)

  13. Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. IACR Cryptology ePrint Archive, Report 2012/144 (2012)

  14. Gentleman, W., Sande, G., Rohatgi, P.: Fast fourier transforms: for fun and profit. In: in fall joint computer conference (AFIPS), pp 563–578, (1966)

  15. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: proceedings of the forty-first annual ACM symposium on theory of computing, pp 169–178 (2009)

  16. Halevi, S., Shoup, S.: Algorithms in HElib. In: Advances in Cryptology - CRYPTO 2014 - 34th annual cryptology conference, pp 554–571 (2014)

  17. Huang, W.L., Chen, J.P., Yang, B.Y.: Power analysis on NTRU Prime. IACR Trans. Cryptogr. Hardw. Embedded Syst. (TCHES) 2019(1), 123–151 (2019). https://doi.org/10.13154/tches.v2020.i1.123-151

    Article  Google Scholar 

  18. Jolliffe, I.T.: Principal Component Analysis, pp. 1–488. Springer, New York, NY (2002)

    Google Scholar 

  19. Kashyap, P., Aydin, F., Potluri, S., et al.: 2Deep: Enhancing side-channel attacks on lattice-based key-exchange. IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst. (TCAD) 40(6), 1217–1229 (2020). https://doi.org/10.1109/TCAD.2020.3038701

  20. Kim, I., Lee, T., Han, J., et al.: Novel single-trace ML profiling attacks on NIST 3 round candidate Dilithium. IACR Cryptol. ePrint Arch., Report 2020/1383 (2020)

  21. Kim, J., Picek, S., Henuser, A., et al.: Make some noise. unleashing the power of convolutional neural networks for profiled side-channel analysis. IACR Trans. Cryptogr. Hardw. Embedded Syst. (TCHES) 2019(3), 148–178 (2019). https://doi.org/10.13154/tches.v2019.i3.148-179

    Article  Google Scholar 

  22. Li, Q., Huang, Z., Lu, W., et al.: HomoPAI: A secure collaborative machine learning platform based on homomorphic encryption. In: 2020 IEEE 36th international conference on data engineering, pp 1713–1713 (2020)

  23. Nair, V., Hinton, G.: Rectified linear units improve restricted Boltzmann machines. In: International Conference on Machine Learning (ICML), pp 807–814 (2010)

  24. Natarajan, D., Dai, W.: SEAL-embedded: a homomorphic encryption library for the internet of things. IACR Trans. Cryptogr. Hardw. Embedded Syst. 2021(3), 756–779 (2021)

    Article  Google Scholar 

  25. Pessl, P., Primas, R.: More practical single-trace attacks on the number theoretic transform. In: international conference on cryptology and information security in Latin America (LATINCRYPT), pp 130–149 (2019)

  26. Polyakov, Y., Rohloff, K., Ryan, G.W., et al.: PALASIDE lattice crypto library. https://gitlab.com/palisade/palisade-release/blob/master/doc/palisade_manual.pdf (2022)

  27. Primas, R., Pessl, P., Mangard, S.: Single-trace side-channel attacks on masked lattice-based encryption. In: international workshop on cryptographic hardware and embedded systems (CHES), pp 513–533 (2017)

  28. Ravi, P., Poussier, R., Bhasin, S., et al.: On configurable SCA countermeasures against single trace attacks for the NTT. pp 123–146 (2020a)

  29. Ravi, P., Roy, S., Chattopadhyay, A., et al.: Generic side-channel attacks on CCA-secure lattice-based PKE and KEMs. IACR Trans. Cryptogr. Hardw. Embedded Syst. (TCHES) 2020(3), 307–335 (2020)

    Article  Google Scholar 

  30. SEAL.: Microsoft SEAL (release 4.1). https://github.com/Microsoft/SEAL, Microsoft Research, Redmond, WA (2022)

  31. Zheng, X., Wang, W.W.A.: First-order collision attack on protected NTRU cryptosystem. Microprocessors & Microsyst. 37(6–7), 601–609 (2013)

    Article  Google Scholar 

Download references

Acknowledgements

This research is based upon work supported by the National Science Foundation under the Grants No. CNS 2137283—Center for Advanced Electronics through Machine Learning (CAEML) and its industry members.

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, North Carolina State University, Raleigh, NC, USA

    Furkan Aydin & Aydin Aysu

Authors
  1. Furkan Aydin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aydin Aysu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Furkan Aydin.

Ethics declarations

Ethical approval

We contacted the Cryptography and Privacy Research Group at Microsoft Research to report our preliminary findings and disclosed this paper before publication.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Aydin, F., Aysu, A. Leaking secrets in homomorphic encryption with side-channel attacks. J Cryptogr Eng (2024). https://doi.org/10.1007/s13389-023-00340-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s13389-023-00340-2

Keywords

Search

Navigation