Plaintext-Ciphertext Matrix Multiplication and FHE Bootstrapping: Fast and Fused | SpringerLink
Skip to main content
Springer Nature Link
Log in

Plaintext-Ciphertext Matrix Multiplication and FHE Bootstrapping: Fast and Fused

  • Conference paper
  • First Online:
Advances in Cryptology – CRYPTO 2024 (CRYPTO 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14922))

Included in the following conference series:

  • 1092 Accesses

Abstract

Homomorphically multiplying a plaintext matrix with a ciphertext matrix (PC-MM) is a central task for the private evaluation of transformers, commonly used for large language models. We provide several RLWE-based algorithms for PC-MM that consist of multiplications of plaintext matrices (PP-MM) and comparatively cheap pre-processing and post-processing steps: for small and large dimensions compared to the RLWE ring degree, and with and without precomputation. For the algorithms with precomputation, we show how to perform a PC-MM with a single floating-point PP-MM of the same dimensions. This is particularly meaningful for practical purposes as a floating-point PP-MM can be implemented using high-performance BLAS libraries.

The algorithms rely on the multi-secret variant of RLWE, which allows to represent multiple ciphertexts more compactly. We give algorithms to convert from usual shared-secret RLWE ciphertexts to multi-secret ciphertexts and back. Further, we show that this format is compatible with homomorphic addition, plaintext-ciphertext multiplication, and key-switching. This in turn allows us to accelerate the slots-to-coeffs and coeffs-to-slots steps of CKKS bootstrapping when several ciphertexts are bootstrapped at once. Combining batch-bootstrapping with efficient PC-MM results in MaMBo(Matrix Multiplication Bootstrapping), a bootstrapping algorithm that can perform a PC-MM for a limited overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 14871
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 10581
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    In this paper, we mostly focus on CKKS scheme. However, most of our techniques can be adapted to BGV [7] and BFV [6, 17].

  2. 2.

    Switching keys can also be defined with more ring elements when using a so-called gadget rank larger than 1. Our techniques also carry over to that setup, but we restrict ourselves to switching keys as above for the sake of simplicity.

References

  1. Albrecht, M.R., Player, R., Scott, S.: On the concrete hardness of learning with errors. J. Math. Cryptol. (2015). Software available at https://github.com/malb/lattice-estimator, git commit# 5350825

  2. Bae, Y., Cheon, J.H., Kim, J., Park, J.H., Stehlé, D.: HERMES: efficient ring packing using MLWE ciphertexts and application to transciphering. In: Handschuh, H., Lysyanskaya, A. (eds.) Advances in Cryptology, CRYPTO 2023. LNCS, vol. 14084, pp. 37–69. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-38551-3_2

  3. Bae, Y., Cheon, J.H., Hanrot, G., Park, J.H., Stehlé, D.: Plaintext-ciphertext matrix multiplication and FHE bootstrapping: fast and fused (2024). http://eprint.iacr.org/

  4. Bos, J.W., et al.: CRYSTALS - Kyber: a CCA-secure module-lattice-based KEM. In: EuroS &P (2018)

    Google Scholar 

  5. Boura, C., Gama, N., Georgieva, M., Jetchev, D.: CHIMERA: combining Ring-LWE-based fully homomorphic encryption schemes. J. Math. Cryptol. 14, 316–338 (2020)

    Article  MathSciNet  Google Scholar 

  6. Brakerski, Z.: Fully homomorphic encryption without modulus switching from classical GapSVP. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 868–886. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_50

    Chapter  Google Scholar 

  7. Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. ACM Trans. Comput. Theor. 6, 1–36 (2014)

    Article  MathSciNet  Google Scholar 

  8. Brakerski, Z., Langlois, A., Peikert, C., Regev, O., Stehlé, D.: Classical hardness of learning with errors. In: STOC (2013)

    Google Scholar 

  9. Chen, H., Dai, W., Kim, M., Song, Y.: Homomorphic conversion between (ring) LWE ciphertexts. In: ACNS (2021)

    Google Scholar 

  10. Cheon, J.H., Han, K., Kim, A., Kim, M., Song, Y.: Bootstrapping for approximate homomorphic encryption. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 360–384. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78381-9_14

    Chapter  Google Scholar 

  11. Cheon, J.H., Kim, A., Kim, M., Song, Y.: Homomorphic encryption for arithmetic of approximate numbers. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 409–437. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_15

    Chapter  Google Scholar 

  12. Chillotti, I., Gama, N., Georgieva, M., Izabachène, M.: Faster packed homomorphic operations and efficient circuit bootstrapping for TFHE. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 377–408. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_14

    Chapter  Google Scholar 

  13. Chillotti, I., Joye, M., Paillier, P.: Programmable bootstrapping enables efficient homomorphic inference of deep neural networks. In: Dolev, S., Margalit, O., Pinkas, B., Schwarzmann, A. (eds.) CSCML 2021. LNCS, vol. 12716, pp. 1–19. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-78086-9_1

    Chapter  Google Scholar 

  14. Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding (2018). https://arxiv.org/abs/1810.04805

  15. Ding, Y., et al.: East: efficient and accurate secure transformer framework for inference (2023). https://arxiv.org/abs/2308.09923

  16. Dumas, J.G., Giorgi, P., Pernet, C.: Dense linear algebra over word-size prime fields: the FFLAS and FFPACK packages. ACM Trans. Math. Softw. 35, 1–42 (2008)

    Article  MathSciNet  Google Scholar 

  17. Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption (2012). http://eprint.iacr.org/2012/144

  18. FFLAS14, T.F.F.G.: FFLAS-FFPACK: Finite Field Linear Algebra Subroutines/Package, v2.0.0 edn. (2014). http://linalg.org/projects/fflas-ffpack

  19. Froelicher, D., et al.: Scalable and privacy-preserving federated principal component analysis (2023). https://arxiv.org/abs/2304.00129

  20. Gentry, C., Halevi, S., Peikert, C., Smart, N.P.: Ring switching in BGV-style homomorphic encryption. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 19–37. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32928-9_2

    Chapter  Google Scholar 

  21. Goldwasser, S., Kalai, Y.T., Peikert, C., Vaikuntanathan, V.: Robustness of the learning with errors assumption. In: ICS (2010)

    Google Scholar 

  22. Halevi, S., Shoup, V.: Algorithms in HElib. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 554–571. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_31

    Chapter  Google Scholar 

  23. Hao, M., Li, H., Chen, H., Xing, P., Xu, G., Zhang, T.: Iron: private inference on transformers. In: Advances in Neural Information Processing Systems (2022)

    Google Scholar 

  24. HEaaN Crytolab: HEaaN library (2022). https://www.cryptolab.co.kr/en/products-en/heaan-he/

  25. Jiang, X., Kim, M., Lauter, K., Song, Y.: Secure outsourced matrix computation and application to neural networks. In: CCS (2018)

    Google Scholar 

  26. Langlois, A., Stehlé, D.: Worst-case to average-case reductions for module lattices. Des. Codes Crypt. 75(3), 565–599 (2014). https://doi.org/10.1007/s10623-014-9938-4

    Article  MathSciNet  Google Scholar 

  27. Liu, J., Zhang, L.F.: Privacy-preserving and publicly verifiable matrix multiplication. IEEE Trans. Serv. Comput. 16, 2059–2071 (2022)

    Google Scholar 

  28. Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1–23. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_1

    Chapter  Google Scholar 

  29. OpenBLAS: An optimized BLAS library – version 0.3.26. https://www.openblas.net/

  30. Pang, Q., Zhu, J., Mollering, H., Zheng, W., Schneider, T.: BOLT: privacy-preserving, accurate and efficient inference for transformers (2023). https://eprint.iacr.org/2023/1893

  31. Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem. In: STOC (2009)

    Google Scholar 

  32. Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. In: STOC (2008)

    Google Scholar 

  33. Radford, A., Narasimhan, K., Salimans, T., Sutskever, I.: Improving language understanding by generative pre-training (2018). https://openai.com/research/language-unsupervised

  34. Stehlé, D., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 617–635. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_36

    Chapter  Google Scholar 

  35. Touvron, H., et al.: LLaMA: open and efficient foundation language models (2023). https://arxiv.org/abs/2302.13971

  36. Zhang, J., et al.: Secure transformer inference made non-interactive (2023). https://eprint.iacr.org/2024/136

Download references

Author information

Authors and Affiliations

  1. CryptoLab Inc., Seoul, Republic of Korea

    Youngjin Bae & Jung Hee Cheon

  2. Seoul National University, Seoul, Republic of Korea

    Jung Hee Cheon & Jai Hyun Park

  3. CryptoLab Inc., Lyon, France

    Guillaume Hanrot & Damien Stehlé

Authors
  1. Youngjin Bae
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jung Hee Cheon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guillaume Hanrot
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jai Hyun Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Damien Stehlé
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Youngjin Bae .

Editor information

Editors and Affiliations

  1. Boston University, Boston, MA, USA

    Leonid Reyzin

  2. University of Waterloo, Waterloo, ON, Canada

    Douglas Stebila

Rights and permissions

Reprints and permissions

Copyright information

© 2024 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bae, Y., Cheon, J.H., Hanrot, G., Park, J.H., Stehlé, D. (2024). Plaintext-Ciphertext Matrix Multiplication and FHE Bootstrapping: Fast and Fused. In: Reyzin, L., Stebila, D. (eds) Advances in Cryptology – CRYPTO 2024. CRYPTO 2024. Lecture Notes in Computer Science, vol 14922. Springer, Cham. https://doi.org/10.1007/978-3-031-68382-4_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-68382-4_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-68381-7

  • Online ISBN: 978-3-031-68382-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation