Multi-Input Ciphertext Multiplication for Homomorphic Encryption

TL;DR

This paper introduces a novel approach to multi-input ciphertext multiplication in homomorphic encryption, reducing complexity, noise overhead, and hardware resource usage for applications requiring multiple encrypted data inputs.

Contribution

It extends three-input ciphertext multiplication to multiple inputs with minimal noise increase, introduces multi-level rescaling, and designs efficient hardware architectures for these multipliers.

Findings

Reduced logic area and latency by 15% and 50% for three-input multipliers.

Achieved 32% area savings and 45% latency reduction for 4 to 12 input multipliers.

Provided guidelines for input partitioning and combined rescaling to optimize performance.

Abstract

Homomorphic encryption (HE) enables arithmetic operations to be performed directly on encrypted data. It is essential for privacy-preserving applications such as machine learning, medical diagnosis, and financial data analysis. In popular HE schemes, ciphertext multiplication is only defined for two inputs. However, the multiplication of multiple inputs is needed in many HE applications. In our previous work, a three-input ciphertext multiplication method for the CKKS HE scheme was developed. This paper first reformulates the three-input ciphertext multiplication to enable the combination of computations in order to further reduce the complexity. The second contribution is extending the multiplication to multiple inputs without compromising the noise overhead. Additional evaluation keys are introduced to achieve relinearization of polynomial multiplication results. To minimize the complexity of the large number of rescaling units in the multiplier, a theoretical analysis is developed to relocate the rescaling, and a multi-level rescaling approach is proposed to implement combined rescaling with complexity similar to that of a single rescaling unit. Guidelines and examples are provided on the input partition to enable the combination of more rescaling. Additionally, efficient hardware architectures are designed to implement our proposed multipliers. The improved three-input ciphertext multiplier reduces the logic area and latency by 15% and 50%, respectively, compared to the best prior design. For multipliers with more inputs, ranging from 4 to 12, the architectural analysis reveals 32% savings in area and 45% shorter latency, on average, compared to prior work.