Information for Paper ID 9090
|A 10.33 µJ/Encryption Homomorphic Encryption Engine in 28nm CMOS with 4096-Degree 109-Bit Polynomials for Resource-Constrained IoT Clients
|Homomorphic Encryption, Number Theoretic Transform, Accelerator
|Homomorphic Encryption (HE) is used to protect sensitive client data during offloaded compute on a potentially untrusted server. Unfortunately, the computational intensity of HE operations quickly depletes the limited resources on IoT clients. Thus, we present an energy-efficient silicon implementation of encryption/decryption in the Brakerski-Fan Vercauteren HE scheme. To support meaningful applications, including several machine learning workloads, we optimize for fixed parameters N=4096 and log2q=109 through pipelining, multi-level parallelism, and efficient memory accesses. At an energy-optimal operating point of 60MHz and 0.64V our chip, fabricated in a 28nm bulk planar CMOS process with an accelerator core area of 1.69 mm2, consumes 10.33 μJ/encryption. Ultimately, this work enables IoT clients to participate in privacy-preserving offloaded compute using client-aided Homomorphic Encryption.
|ESSCIRC-Digital Circuits and Systems
|Accept as Lecture
|Communication & Cryptography Circuits (Lecture)