Multi-Key Homomorphic Encryption (MKHE), proposed by Lopez-Alt et al. (STOC 2012), allows for performing arithmetic computations directly on ciphertexts encrypted under distinct keys. Subsequent works by Chen and Dai et al. (CCS 2019) and Kim and Song et al. (CCS 2023) extended this concept by proposing multi-key BFV/CKKS variants, referred to as the CDKS scheme. These variants incorporate asymptotically optimal techniques to facilitate secure computation across multiple data providers. In this paper, we identify a critical security vulnerability in the CDKS scheme when applied to multiparty secure computation tasks, such as privacy-preserving federated learning (PPFL). In particular, we show that CDKS may inadvertently leak plaintext information from one party to others. To mitigate this issue, we propose a new scheme, SMHE (Secure Multi-Key Homomorphic Encryption), which incorporates a novel masking mechanism into the multi-key BFV and CKKS frameworks to ensure that plaintexts remain confidential throughout the computation. We implement a PPFL application using SMHE and demonstrate that it provides significantly improved security with only a modest overhead in homomorphic evaluation. For instance, our PPFL model based on multi-key CKKS incurs less than a 2\times runtime and communication traffic increase compared to the CDKS-based PPFL model. The code is publicly available at https://github.com/JiahuiWu2022/SMHE.git.

翻译：多密钥同态加密（MKHE）由 Lopez-Alt 等人（STOC 2012）提出，允许直接对使用不同密钥加密的密文进行算术运算。Chen 和 Dai 等人（CCS 2019）以及 Kim 和 Song 等人（CCS 2023）的后续工作通过提出多密钥 BFV/CKKS 变体（称为 CDKS 方案）扩展了这一概念。这些变体结合了渐近最优技术，以促进跨多个数据提供者的安全计算。本文揭示了 CDKS 方案在应用于多方安全计算任务（如隐私保护联邦学习，PPFL）时存在的关键安全漏洞。具体而言，我们证明 CDKS 可能无意中将一方的明文信息泄露给其他方。为缓解此问题，我们提出了一种新方案——安全多密钥同态加密（SMHE），该方案在多密钥 BFV 和 CKKS 框架中引入了一种新颖的掩蔽机制，以确保明文在整个计算过程中保持机密。我们使用 SMHE 实现了一个 PPFL 应用，并证明其在同态评估中仅产生适度开销的情况下显著提升了安全性。例如，与基于 CDKS 的 PPFL 模型相比，我们基于多密钥 CKKS 的 PPFL 模型在运行时间和通信流量上的增加均低于 2 倍。代码已公开于 https://github.com/JiahuiWu2022/SMHE.git。