In the last few years, data privacy has become a hot-button issue globally, with high profile scandals and data leaks surrounding prominent companies like Facebook and Equifax resulting in greater privacy awareness among both consumers and businesses. On top of that, companies often share this data with third parties that can analyze it or use it to improve customer experiences, requiring them to give up control over the data that they own.
Website cookies have historically been used to track web browsing via a piece of data inserted into your browser, but other techniques such as MAC address and account tracking can be used to see what you’ve been doing on the web. The primary reason that companies are collecting so much data is that they can use it to look for patterns. These patterns power the algorithms that provide personalized experiences, from those annoying ads that follow you around the internet to insurance premiums that are calculated using exercise data.
It’s the insights from analysis that are the real value of data–many businesses don’t care about any single individual’s data, but the insights they can glean from the aggregate. That’s why so many businesses claim to protect user privacy by anonymizing large datasets–they can still look for patterns, while appeasing privacy concerns (though we know that most anonymized data is so distinct that it can easily be identified). But a growing desire to maintain a hold over data, combined with fear over regulation and public frustration, is leading companies to look for more ways to ensure that private data really does stay private.
Protecting and preserving personally identifiable information (PII), intellectual property, financial information, intelligence insights, and other forms of sensitive information has never been more critical. A steady cadence of data breaches and attacks are reported seemingly daily. As the use of cloud computing and virtual networks becomes increasingly pervasive for storing, processing, and moving information, concerns around data vulnerability, access, and privacy are similarly on the rise.
Conventional data encryption methods or cryptographic solutions, such as Advanced Encryption Standards (AES), translate data into a secret “code” that can only be decoded by people with access to a decryption key. These methods protect data as it is transmitted across a network or at rest while in storage. Processing or computing on this data however requires that it is first decrypted, exposing it to numerous vulnerabilities and threats. The emerging quantum computer revolution has also created threat for encryption solution like Advanced Encryption Standards (AES), which could be broken by them easily.
“Today, we are seeing ongoing struggles to trust the technologies and standards in place that are designed to protect critical data,” said DARPA program manager, Tom Rondeau. “Advances in quantum computing are raising questions about the durability of some of the most advanced data protection technologies, while concerns are being raised about the collection, misuse, and handling of personal information by organizations and institutions. These challenges underscore an urgent need to explore new secure computing models that can mitigate risk whether data is at-rest, in-transit, or in use.”
Fully homomorphic encryption (FHE) offers a solution to this challenge. FHE enables computation on encrypted data, or ciphertext, rather than plaintext, or unencrypted data – essentially keeping data protected at all times. The term homomorphic is derived from the Greek words for “same shape or structure.” In mathematics, homomorphic describes the transformation of one data set into another while preserving relationships between elements in both sets. Because the data in a homomorphic encryption scheme retains the same structure, identical mathematical operations — whether they are performed on encrypted or decrypted data — will yield equivalent results.
Fully Homomorphic Encryption (FHE) is an approach to data security that delivers mathematical proof of encryption by using cryptographic means, providing a new level of certainty around how data is stored and manipulated. Today, traditional encryption protects data while stored or in transmission, but the information must be decrypted to perform a computation, analyze it, or employ it to train a machine learning model. Decryption endangers the data, exposing it to compromise by savvy adversaries or even accidental leaks. FHE enables computation on encrypted information, allowing users to strike a balance between using sensitive data to its full extent and removing the risk of exposure.
AI and privacy needn’t be mutually exclusive. After a decade in the labs, homomorphic encryption (HE) is emerging as a top way to help protect data privacy in machine learning (ML) and cloud computing. It’s a timely breakthrough: Data from ML is doubling yearly. At the same time, concern about related data privacy and security is growing among industry, professionals and the public.
The benefits of FHE are significant, from enabling the use of untrusted networks to enhancing data privacy. Despite its potential, FHE requires enormous computation time to perform even simple operations, making it exceedingly impractical to implement with traditional processing hardware. “A computation that would take a millisecond to complete on a standard laptop would takes weeks to compute on a conventional server running FHE today,” noted Rondeau.
To reduce the processing time from weeks to seconds – even milliseconds – DARPA launched the Data Protection in Virtual Environments (DPRIVE) program. DPRIVE seeks to develop a hardware accelerator for FHE computations that will dramatically reduce the compute runtime overhead compared to software-based FHE approaches. The goal of the program is to design and implement a hardware accelerator for FHE computations that is capable of drastically speeding up FHE calculations, making the technology more accessible for sensitive defense applications as well as commercial use.
DARPA Data Protection in Virtual Environments (DPRIVE) program
FHE relies on a particular type of cryptography called lattice cryptography, which presents complex mathematical challenges to would-be attackers that require technologies beyond the current state of the art to solve. While effective at keeping data protected, the challenge with modern lattice-based FHE is the unavoidable accumulation of noise with each calculation performed. With each homomorphic computation, a certain amount of noise – or error – is generated that corrupts the encrypted data representation. Once this noise accumulation reaches a certain point, it becomes impossible to recover the original underlying plaintext. Essentially, the data in need of protection is now lost. Computational structures called “bootstrapping” help address this untenable noise accumulation, reducing it to a level that is comparable to the original plaintext, but produces massive compute overhead to perform.
“While a number of solutions have been developed, running FHE in software on standard processing hardware remains a nearly impossible challenge,” said DARPA program manager, Dr. Tom Rondeau. “Under previous programs like the Programming Computation on Encrypted Data (PROCEED) program, DARPA helped uncover FHE algorithms and proved what could be possible with FHE running on standard CPUs. It also shed light on the compute penalty and critical limitations of the technology. Today, DARPA is continuing to invest in the exploration of FHE, focusing on a re-architecting of the hardware, software, and algorithms needed to make it a practical, widely usable solution.”
DARPA developed the Data Protection in Virtual Environments (DPRIVE) program to design and implement a hardware accelerator for FHE computations that aims to significantly reduce the current computational burden to drastically speed up FHE calculations. DPRIVE specifically seeks to reduce the computational run time overhead by many orders of magnitude compared to current software-based FHE computations on conventional CPUs, and accelerate FHE calculations to within one order of magnitude of current performance on unencrypted data.
Key to DPRIVE is the exploration of Large Arithmetic Word Size (LAWS) data representations. LAWS can help address the challenges of noise accumulation with FHE computations and the compute overhead currently encountered using conventional CPU architectures and software, creating enormous improvements in processing speed and computation runtime. Current standard CPUs are based on 64-bit words, which are the units of data that determine a particular processor’s design. Word size directly relates to the signal-to-noise ratio of how encrypted data is stored and processed, as well as the error generated each time an FHE calculation is processed. Recent studies demonstrate that using words that are thousands of bits long – or LAWS – increases the signal-to-noise ratio in FHE computations, which equates to less noise accumulating with each compute step. This means that more calculations can be performed before the irreparable noise threshold is reached where data can no longer be recovered. It also means the overhead compute burden from costly operations like bootstrapping is dramatically reduced.
Unfortunately, current processing hardware – the traditional 64-bit CPUs – are not built to handle these extremely long word lengths. While virtualization of larger bit word sizes is possible, processing them on traditional CPUs requires reducing them down to word sizes of 64-bits or less while continuing to encounter the associated overhead challenges. DPRIVE seeks to develop a hardware accelerator that can process LAWS without this word size reduction and overhead, instead natively processing on LAWS of 1024 bits or more.
To develop the target accelerator, DPRIVE will explore new integrated approaches to the full FHE hardware and software stacks. Specifically, the program seeks to develop novel approaches to memory management, flexible data structures and programming models, and formal verification methods that ensure the design of the FHE implementation is effective and accurate. As the co-design of FHE algorithms, hardware, and software will be critical to the program, it will require teams with varied technical expertise to take on the research objectives.
“DPRIVE is looking to solve a really hard technical challenge that will involve a deep understanding of mathematics, algorithms, software, hardware, and circuit design. I expect that there are very few organizations that have the needed expertise in all of these areas, which are each critical to the program’s success. As a result, I anticipate very interesting teams will form to cover the breadth of the research,” said Rondeau.
DARPA announced the research teams selected to the DPRIVE program in March 2021. Four teams of researchers will be led by Duality Technologies, Galois, SRI International, and Intel Federal. Each team will develop an FHE accelerator hardware and software stack that reduces the computational overhead required to make FHE calculations to a speed comparable to similar unencrypted data operations. The teams will create accelerator architectures that are flexible, scalable, and programmable, but will also explore various approaches with different native word sizes. Current standard CPUs are based on 64-bit words, which are the units of data that determine a particular processor’s design. Word size directly relates to the signal-to-noise ratio of how encrypted data is stored and processed, as well as the error generated each time an FHE calculation is processed. The selected DPRIVE research teams will explore various approaches covering a diversity of word sizes – from 64 bits to thousands of bits – to solve the challenge.
In addition, teams are exploring novel approaches to memory management, flexible data structures and programming models, and formal verification methods to ensure the FHE implementation is correct-by-design and provides confidence to the user. As the co-design of FHE algorithms, hardware, and software is critical to the successful creation of the target DPRIVE accelerator, each team is bringing varied technical expertise to the program as well as in-depth knowledge on FHE.
“We currently estimate we are about a million times slower to compute in the FHE world then we are in the plaintext world. The goal of DPRIVE is to bring FHE down to the computational speeds we see in plaintext. If we are able to achieve this goal while positioning the technology to scale, DPRIVE will have a significant impact on our ability to protect and preserve data and user privacy,” concluded Rondeau.
Duality scores $14M DARPA contract for hardware-accelerated homomorphic encryption, reported in Feb 2021
This contract is part of a broader effort called DPRIVE, or Data Protection in Virtual Environments, and the stated goal is to develop a special purpose chip — an ASIC pre-assigned the code name TREBUCHET — to accelerate FHE by, hopefully, an order of magnitude or more.
The Duality team will bring in experts from USC, NYU, CMU, SpiralGen, Drexel University and TwoSix Labs. The company has been in the game for a long time and has actually worked with DARPA before, so this is not new territory for them.
“Duality team members have been supporting DARPA-funded innovation and application of FHE for over a decade. Some members of our team developed the first ever prototype HE hardware accelerators under the DARPA PROCEED program starting in 2010 and are lead developers for the PALISADE open source FHE library, first developed for the DARPA SAFEWARE program in 2015,” said Duality Labs director and principal investigator for the contract, David Bruce Cousins, in a press release.
Intel And Microsoft Collaborate On DARPA Program
Intel announced in March 2021 that it has signed an agreement with Defense Advanced Research Projects Agency (DARPA) to perform in its Data Protection in Virtual Environments (DPRIVE) program. The program aims to develop an accelerator for fully homomorphic encryption (FHE). Microsoft is the key cloud ecosystem and homomorphic encryption partner leading the commercial adoption of the technology once developed by testing it in its cloud offerings, including Microsoft Azure and the Microsoft JEDI cloud, with the U.S. government. The multiyear program represents a cross-team effort across multiple Intel groups, including Intel Labs, the Design Engineering Group and the Data Platforms Group, to tackle “the final frontier” in data privacy, which is computing on fully encrypted data without access to decryption keys.
“Fully homomorphic encryption remains the holy grail in the quest to keep data secure while in use. Despite strong advances in trusted execution environments and other confidential computing technologies to protect data while at rest and in transit, data is unencrypted during computation, opening the possibility of potential attacks at this stage. This frequently inhibits our ability to fully share and extract the maximum value out of data. We are pleased to be chosen as a technology partner by DARPA and look forward to working with them as well as Microsoft to advance this next chapter in confidential computing and unlock the promise of fully homomorphic encryption for all.”
– Rosario Cammarota, principal engineer, Intel Labs, and principal investigator, DARPA DPRIVE program
Fully homomorphic encryption enables users to compute on always-encrypted data, or cryptograms. The data never needs to be decrypted, reducing the potential for cyberthreats. FHE, when implemented at scale, would enable organizations to use techniques, such as machine learning, to extract full value from large datasets while protecting data confidentiality across the data’s life cycle. Customers across industries such as healthcare, insurance and finance would benefit from new usages made possible by being able to use and extract value from sensitive data to its fullest extent without risk of exposure.
Under the DARPA DPRIVE program, Intel plans to design an application-specific integrated circuit (ASIC) accelerator to reduce the performance overhead currently associated with fully homomorphic encryption. When fully realized, the accelerator could deliver a massive improvement in executing FHE workloads over existing CPU-driven systems, potentially reducing cryptograms’ processing time by five orders of magnitude. With its expertise in cloud infrastructure, software stacks and fully homomorphic encryption, Microsoft will be a critical partner in accelerating the commercialization of this technology when ready, enabling free data sharing and collaboration while promoting privacy throughout the data life cycle.
“We are pleased to bring our expertise in cloud computing and homomorphic encryption to the DARPA DPRIVE program, collaborating with Intel to advance this transformative technology when ready into commercial usages that will help our customers close the last-mile gap in data confidentiality —– keeping data fully secure and private, whether in storage, transit or use,” said Dr. William Chappell, chief technology officer, Azure Global, and vice president, Mission Systems, Microsoft.
The multiyear DARPA DPRIVE program will span several phases starting with the design, development and verification of foundational IP blocks that will be integrated into a system-on-chip and a full software stack. Throughout the project, Intel will assess progress against pre-established performance targets on artificial intelligence training and inference workloads using homomorphically encrypted data at scale.1 Beyond the development of the core technologies needed for the design of the accelerator, Intel and Microsoft will work with international standards bodies to develop international standards for FHE. Intel will also continue to invest in ongoing academic research in the field.
Galois Awarded $15.3M DARPA Contract for BASALISC Project in March 2021
We’re thrilled to announce Galois has been awarded a $15.3M DARPA contract for our BASALISC project. This is part of DARPA’s Data Protection in Virtual Environments (DPRIVE) program, which aims to accelerate the “last mile” of data encryption with purpose-built ASICs that accelerate fully homomorphic encryption (FHE) computations. A key aim of the project is that our hardware should be cloud-ready—suitable for deployment in typical cloud server installations—to maximize commercial and government transition potential. This project seeks to bring homomorphic encryption performance within a factor of 10 of computing “in the clear,” something not possible using current software-only or hardware-accelerated approaches. Learn more about the project on our blog.
References and Resources also include: