Periodic Reporting for period 5 - CLOUDMAP (Cloud Computing via Homomorphic Encryption and Multilinear Maps)
Periodo di rendicontazione: 2024-10-01 al 2025-09-30
The project was launched in a context where advanced cryptographic technologies—ranging from homomorphic encryption to leakage-resilient implementations and multilinear map–based constructions—were rapidly evolving but still faced major theoretical and practical limitations. Ensuring secure computation on encrypted data, achieving robust protection against side-channel attacks, and understanding the hardness of emerging algebraic problems are now central challenges for privacy-preserving technologies, post-quantum security, and cryptographic applications in sensitive environments. As the project progressed, its objectives naturally evolved to reflect both the collapse of several multilinear-map–based proposals and the accelerated development of lattice-based and homomorphic encryption techniques. The project therefore broadened its scope to deepen the mathematical understanding of modern cryptographic primitives, enhance their security against physical and algorithmic attacks, and develop practically efficient schemes suitable for real-world deployment.
The overall objectives of the action were to:
1. Develop a rigorous understanding of advanced cryptographic primitives, including multilinear maps, homomorphic encryption schemes, Boolean functions for hybrid HE, and new lattice-based problems;
2. Significantly advance efficiency and practicality, with a particular focus on CKKS bootstrapping, masking techniques for post-quantum schemes, and symmetric primitives adapted to FHE and leakage-resilient contexts;
3. Design secure, implementable, and privacy-preserving cryptographic solutions, bridging the gap between theoretical constructions and practical constraints in embedded platforms.
The overall objectives of the action were to:
1. Develop a rigorous understanding of advanced cryptographic primitives, including multilinear maps, homomorphic encryption schemes, Boolean functions for hybrid HE, and new lattice-based problems;
2. Significantly advance efficiency and practicality, with a particular focus on CKKS bootstrapping, masking techniques for post-quantum schemes, and symmetric primitives adapted to FHE and leakage-resilient contexts;
3. Design secure, implementable, and privacy-preserving cryptographic solutions, bridging the gap between theoretical constructions and practical constraints in embedded platforms.
Over the course of the project, substantial progress has been made across its core research axes, leading to significant breakthroughs in multilinear maps, homomorphic encryption, lattice cryptanalysis, and side-channel–resistant implementations. In the area of multilinear maps and indistinguishability obfuscation, we developed powerful new attacks that revealed structural weaknesses in CLT13-based schemes, demonstrating that previously proposed countermeasures could be broken using higher-dimensional lattice reductions. This line of work also showed how to greatly improve the efficiency of obfuscation by applying Kilian’s randomization after encoding, thereby increasing the complexity of known attacks and enabling much smaller parameters. Building on this theoretical foundation, we delivered the first secure implementation of multiparty non-interactive Diffie–Hellman based on CLT13, overcoming longstanding barriers posed by earlier attacks. Additionally, we solved the hidden subset sum problem in polynomial time — an important improvement over earlier exponential-time approaches — and introduced a new bootstrapping technique for CKKS based on blind rotations and modular additions, opening a new direction for approximate homomorphic encryption..
The project also made major contributions to the design of side-channel countermeasures and leakage-resilient primitives. We introduced the first improvement to the wire-shuffling countermeasure, reducing its complexity from O(t \log t) to O(t) while preserving strong probing security guarantees. In lattice-based cryptography, we developed state-of-the-art high-order masking techniques for Kyber, NTRU, and Dilithium, including new conversion gadgets, efficient Boolean-to-arithmetic masking conversions, and optimized masked rejection sampling. Our work on Dilithium in particular produced some of the most efficient high-order masking constructions to date. In addition, we designed new symmetric primitives tailored to homomorphic and leakage-resilient settings, including the Elisabeth stream cipher for hybrid HE, the LWPR model capturing realistic leakage in re-keying mechanisms, the FPM family of prime-field–masked tweakable block ciphers, and the highly efficient small-pSquare instance. Further contributions include new approaches to FHE-based transciphering and novel prime-field masking techniques with strong side-channel security. Collectively, these developments provide a comprehensive set of theoretical and practical advances that significantly raise the bar for secure and efficient cryptographic systems.
The project also made major contributions to the design of side-channel countermeasures and leakage-resilient primitives. We introduced the first improvement to the wire-shuffling countermeasure, reducing its complexity from O(t \log t) to O(t) while preserving strong probing security guarantees. In lattice-based cryptography, we developed state-of-the-art high-order masking techniques for Kyber, NTRU, and Dilithium, including new conversion gadgets, efficient Boolean-to-arithmetic masking conversions, and optimized masked rejection sampling. Our work on Dilithium in particular produced some of the most efficient high-order masking constructions to date. In addition, we designed new symmetric primitives tailored to homomorphic and leakage-resilient settings, including the Elisabeth stream cipher for hybrid HE, the LWPR model capturing realistic leakage in re-keying mechanisms, the FPM family of prime-field–masked tweakable block ciphers, and the highly efficient small-pSquare instance. Further contributions include new approaches to FHE-based transciphering and novel prime-field masking techniques with strong side-channel security. Collectively, these developments provide a comprehensive set of theoretical and practical advances that significantly raise the bar for secure and efficient cryptographic systems.
The project has achieved substantial progress beyond the state of the art in both theoretical foundations and practical realization of advanced cryptographic primitives. In the domain of multilinear maps and indistinguishability obfuscation, our work exposed previously unknown vulnerabilities in the CLT13 multilinear map construction. We further demonstrated that applying Kilian’s randomization after encoding significantly raises the complexity of known attacks, enabling far more efficient parameter choices for obfuscation schemes. Additional contributions include the first secure and concrete implementation of multiparty non-interactive Diffie–Hellman based on CLT13, and a polynomial-time algorithm for the hidden subset sum problem, improving dramatically over the long-standing exponential-time state of the art. Most recently, we introduced a new bootstrapping framework for CKKS based on blind rotations and modular additions over the circle group, yielding a logarithmic-complexity bootstrapping procedure.
In the field of side-channel analysis and countermeasures, the project delivered several innovations that redefine what is achievable in leakage-resilient cryptography. We introduced the first asymptotically optimal wire-shuffling countermeasure in the probing model, improving from O(t log t) to O(t) complexity while preserving strong guarantees. Our work on lattice-based cryptography established state-of-the-art high-order masking techniques for Kyber, NTRU, and Dilithium, including new gadgets, improved Boolean-to-arithmetic conversions, and efficient masked rejection sampling. Beyond lattice primitives, we developed the Elisabeth stream cipher for hybrid homomorphic encryption, introduced the Learning With Physical Rounding (LWPR) problem as a realistic leakage-resilient variant of LWR, and proposed new tweakable block ciphers (FPM family) and prime-field masking techniques with superior efficiency–security tradeoffs. Together with advances in FHE-oriented transciphering and prime-field masked symmetric designs, these results collectively push the boundaries of practical, leakage-resilient, and homomorphically compatible cryptography well beyond the prior state of the art.
In the field of side-channel analysis and countermeasures, the project delivered several innovations that redefine what is achievable in leakage-resilient cryptography. We introduced the first asymptotically optimal wire-shuffling countermeasure in the probing model, improving from O(t log t) to O(t) complexity while preserving strong guarantees. Our work on lattice-based cryptography established state-of-the-art high-order masking techniques for Kyber, NTRU, and Dilithium, including new gadgets, improved Boolean-to-arithmetic conversions, and efficient masked rejection sampling. Beyond lattice primitives, we developed the Elisabeth stream cipher for hybrid homomorphic encryption, introduced the Learning With Physical Rounding (LWPR) problem as a realistic leakage-resilient variant of LWR, and proposed new tweakable block ciphers (FPM family) and prime-field masking techniques with superior efficiency–security tradeoffs. Together with advances in FHE-oriented transciphering and prime-field masked symmetric designs, these results collectively push the boundaries of practical, leakage-resilient, and homomorphically compatible cryptography well beyond the prior state of the art.