On the Security of Fully Homomorphic Encryption and Encrypted Computing: Is Division safe?
This addresses a security concern for users of encrypted computing systems, showing incremental improvements by identifying safe operations and patching vulnerabilities in division.
The paper investigates whether fully homomorphic encryption and encrypted computing are vulnerable to attacks that exploit algebraic identities to derive known constants from unknown inputs, and it proves that 32-bit multiplication and three-input addition are safe from such attacks, while 32-bit division is not but can be trivially modified to be safe.
Since fully homomorphic encryption and homomorphically encrypted computing preserve algebraic identities such as 2*2=2+2, a natural question is whether this extremely utilitarian feature also sets up cryptographic attacks that use the encrypted arithmetic operators to generate or identify the encryptions of known constants. In particular, software or hardware might use encrypted addition and multiplication to do encrypted division and deliver the encryption of x/x=1. That can then be used to generate 1+1=2, etc, until a complete codebook is obtained. This paper shows that there is no formula or computation using 32-bit multiplication x*y and three-input addition x+y+z that yields a known constant from unknown inputs. We characterise what operations are similarly `safe' alone or in company, and show that 32-bit division is not safe in this sense, but there are trivial modifications that make it so.