Researchers Show They Can Steal Data During Homomorphic Encryption
For Immediate Release
Homomorphic encryption is considered a next generation data security technology, but researchers have identified a vulnerability that allows them to steal data even as it is being encrypted.
“We weren’t able to crack homomorphic encryption using mathematical tools,” says Aydin Aysu, senior author of a paper on the work and an assistant professor of computer engineering at North Carolina State University. “Instead, we used side-channel attacks. Basically, by monitoring power consumption in a device that is encoding data for homomorphic encryption, we are able to read the data as it is being encrypted. This demonstrates that even next generation encryption technologies need protection against side-channel attacks.”
Homomorphic encryption is a way of encrypting data so that third parties cannot read it. However, homomorphic encryption still allows third parties and third-party technologies to conduct operations using the data. For example, a user could use homomorphic encryption to upload sensitive data to a cloud computing system in order to perform analyses of the data. Programs in the cloud could perform the analyses and send the resulting information back to the user, but those programs would never actually be able to read the sensitive data.
“Homomorphic encryption is appealing because it preserves data privacy, but allows users to make use of the data,” Aysu says. “While it has been theoretically possible for a while, homomorphic encryption requires a tremendous amount of computing power. As a result, we are still in the early stages of producing hardware and software to make homomorphic encryption practical.”
Microsoft has been a leader in homomorphic encryption, and created the SEAL Homomorphic Encryption Library to facilitate research and development on homomorphic encryption by the broader research community.
“What we’ve found is that there is a way to ‘crack’ homomorphic encryption that is done using that library via a side-channel attack,” Aysu says. “We were able to do this with a single power measurement.”
The researchers were able to verify the vulnerability in the SEAL Homomorphic Encryption Library up through at least version 3.6.
“The library is constantly being updated, so we’re not sure if this vulnerability will be addressed in the most recent versions – or if there may be new vulnerabilities that we haven’t identified in more recent versions,” Aysu says.
Side-channel attacks are well understood, and there are already countermeasures that organizations can put into place to thwart them.
“As homomorphic encryption moves forward, we need to ensure that we are also incorporating tools and techniques to protect against side-channel attacks,” Aysu says.
The paper, “RevEAL: Single-Trace Side-Channel Leakage of the SEAL Homomorphic Encryption Library,” will be presented March 23 at the virtual DATE22 conference. First author of the paper is Furkan Aydin, a Ph.D. student at NC State. The paper was co-authored by Emre Karabulut, a Ph.D. student at NC State; Seetal Potluri, a postdoctoral researcher at NC State; and Erdem Alkim of Dokuz Eylul University.
The work was done with support from the National Science Foundation, under grant number CNS 16-244770.
Note to Editors: The study abstract follows.
“RevEAL: Single-Trace Side-Channel Leakage of the SEAL Homomorphic Encryption Library”
Authors: Furkan Aydin, Emre Karabulut, Seetal Potluriy and Aydin Aysu, North Carolina State University; and Erdem Alkim, Dokuz Eylul University
Presented: March 23, Design, Automation and Test in Europe Conference (DATE22)
Abstract: This paper demonstrates the first side-channel attack on homomorphic encryption (HE), which allows computing on encrypted data. We reveal a power-based side-channel leakage of Microsoft SEAL prior to v3.6 that implements the Brakerski/Fan-Vercauteren (BFV) protocol. Our proposed attack targets the Gaussian sampling in the SEAL’s encryption phase and can extract the entire message with a single power measurement. Our attack works by (1) identifying each coefficient index being sampled, (2) extracting the sign value of the coefficients from control-flow variations, (3) recovering the coefficients with a high probability from data-flow variations, and (4) using a Blockwise Korkine-Zolotarev (BKZ) algorithm to efficiently explore and estimate the remaining search space. Using real power measurements, the results on a RISC-V FPGA implementation of the SEAL (v3.2) show that the proposed attack can reduce the plaintext encryption security level from 2128 to 24.4. Therefore, as HE gears toward real-world applications, such attacks and related defenses should be considered.