CryptoDB
Pascal Paillier
Publications and invited talks
Year
Venue
Title
2025
CRYPTO
Transistor: a TFHE-friendly Stream Cipher
Abstract
Fully Homomorphic Encryption (FHE) allows computations on encrypted data without requiring decryption, ensuring data privacy during processing. However, FHE introduces a significant expansion of ciphertext sizes compared to plaintexts, which results in higher communication. A practical solution to mitigate this issue is transciphering, where only the master key is homomorphically encrypted, while the actual data is encrypted using a symmetric cipher, usually a stream cipher. The server then homomorphically evaluates the stream cipher to convert the encrypted data into a homomorphically encrypted form.
We introduce Transistor, a stream cipher specifically designed for efficient homomorphic evaluation within the TFHE scheme, a widely-used FHE framework known for its fast bootstrapping and ability to handle low-precision data. Transistor operates on F_{17} which is chosen to optimize TFHE performances. Its components are carefully engineered to both control noise growth and provide strong security guarantees. First, a simple TFHE-friendly implementation technique for LFSRs allows us to use such components to cheaply increase the state size. At the same time, a small Finite State Machine is the only part of the state updated non-linearly, each non-linear operation corresponding in TFHE to a rather expensive Programmable Bootstrapping. This update is done using an AES-round-like transformation. But, in contrast to other stream ciphers like SNOW or LEX, our construction comes with information-theoretic security arguments proving that an attacker cannot obtain any information about the secret key from three or fewer consecutive keystream outputs. These information-theoretic arguments are then combined with a thorough analysis of potential correlations to bound the minimal keystream length required for recovering the secret key.
Our implementation of Transistor significantly outperforms the state of the art of TFHE transciphering, achieving a throughput of over 60 bits/s on a standard CPU, all while avoiding the need for an expensive initialization process.
2018
CRYPTO
Fast Homomorphic Evaluation of Deep Discretized Neural Networks
📺
Abstract
The rise of machine learning as a service multiplies scenarios where one faces a privacy dilemma: either sensitive user data must be revealed to the entity that evaluates the cognitive model (e.g., in the Cloud), or the model itself must be revealed to the user so that the evaluation can take place locally. Fully Homomorphic Encryption (FHE) offers an elegant way to reconcile these conflicting interests in the Cloud-based scenario and also preserve non-interactivity. However, due to the inefficiency of existing FHE schemes, most applications prefer to use Somewhat Homomorphic Encryption (SHE), where the complexity of the computation to be performed has to be known in advance, and the efficiency of the scheme depends on this global complexity.In this paper, we present a new framework for homomorphic evaluation of neural networks, that we call FHE–DiNN, whose complexity is strictly linear in the depth of the network and whose parameters can be set beforehand. To obtain this scale-invariance property, we rely heavily on the bootstrapping procedure. We refine the recent FHE construction by Chillotti et al. (ASIACRYPT 2016) in order to increase the message space and apply the sign function (that we use to activate the neurons in the network) during the bootstrapping. We derive some empirical results, using TFHE library as a starting point, and classify encrypted images from the MNIST dataset with more than 96% accuracy in less than 1.7 s.Finally, as a side contribution, we analyze and introduce some variations to the bootstrapping technique of Chillotti et al. that offer an improvement in efficiency at the cost of increasing the storage requirements.
2008
JOFC
2005
CRYPTO
Service
- Crypto 2010 Program committee
- Eurocrypt 2009 Program committee
- CHES 2009 Program committee
- Asiacrypt 2009 Program committee
- CHES 2008 Program committee
- Asiacrypt 2008 Program committee
- CHES 2007 Program chair
- PKC 2002 Program chair
- Asiacrypt 2001 Program committee
Coauthors
- Michel Abdalla (2)
- Jules Baudrin (1)
- Sonia Belaïd (1)
- Mihir Bellare (2)
- Nicolas Bon (1)
- Christina Boura (1)
- Florian Bourse (1)
- Anne Canteaut (3)
- Sergiu Carpov (2)
- Dario Catalano (2)
- Benoît Chevallier-Mames (3)
- Christophe Clavier (1)
- Jean-Sébastien Coron (4)
- Benoit Feix (1)
- Caroline Fontaine (2)
- Helena Handschuh (2)
- Antoine Joux (1)
- Marc Joye (8)
- Eike Kiltz (2)
- Ilya Kizhvatov (1)
- Tadayoshi Kohno (2)
- Fabien Laguillaumie (1)
- Tanja Lange (2)
- Tancrède Lepoint (2)
- Gaëtan Leurent (1)
- John Malone-Lee (2)
- Michele Minelli (1)
- Matthias Minihold (1)
- David Naccache (4)
- María Naya-Plasencia (2)
- Gregory Neven (2)
- Pascal Paillier (29)
- Léo Perrin (1)
- David Pointcheval (4)
- Matthieu Rivain (1)
- Yann Rotella (1)
- Berry Schoenmakers (1)
- Haixia Shi (2)
- Renaud Sirdey (2)
- Jacques Stern (1)
- Samuel Tap (1)
- Loïc Thierry (1)
- Christophe Tymen (1)
- Serge Vaudenay (1)
- Damien Vergnaud (2)
- Jorge Luis Villar (1)