On the Security of Fully Homomorphic Encryption and Encrypted Computing: Is Division safe?

TL;DR

This paper investigates whether fully homomorphic encryption's algebraic properties enable cryptographic attacks, concluding that 32-bit division is unsafe but can be made secure with simple modifications.

Contribution

It demonstrates that 32-bit division is insecure under homomorphic encryption but proposes trivial modifications to ensure safety.

Findings

32-bit multiplication and addition do not reveal known constants

32-bit division is vulnerable to cryptographic attacks

Simple modifications can secure division operations

Abstract

Since fully homomorphic encryption and homomorphically encrypted computing preserve algebraic identities such as 2*2=2+2, a natural question is whether this extremely utilitarian feature also sets up cryptographic attacks that use the encrypted arithmetic operators to generate or identify the encryptions of known constants. In particular, software or hardware might use encrypted addition and multiplication to do encrypted division and deliver the encryption of x/x=1. That can then be used to generate 1+1=2, etc, until a complete codebook is obtained. This paper shows that there is no formula or computation using 32-bit multiplication x*y and three-input addition x+y+z that yields a known constant from unknown inputs. We characterise what operations are similarly `safe' alone or in company, and show that 32-bit division is not safe in this sense, but there are trivial modifications that make it so.