Homomorphic encryption (HE) allows secure computation on encrypted data without revealing the original data, providing significant benefits for privacy-sensitive applications. Many cloud computing applications (e.g., DNA read mapping, biometric matching, web search) use exact string matching as a key operation. However, prior string matching algorithms that use homomorphic encryption are limited by high computational latency caused by the use of complex operations and data movement bottlenecks due to the large encrypted data size. In this work, we provide an efficient algorithm-hardware codesign to accelerate HE-based secure exact string matching. We propose CIPHERMATCH, which (i) reduces the increase in memory footprint after encryption using an optimized software-based data packing scheme, (ii) eliminates the use of costly homomorphic operations (e.g., multiplication and rotation), and (iii) reduces data movement by designing a new in-flash processing (IFP) architecture. We demonstrate the benefits of CIPHERMATCH using two case studies: (1) Exact DNA string matching and (2) encrypted database search. Our pure software-based CIPHERMATCH implementation that uses our memory-efficient data packing scheme improves performance and reduces energy consumption by 42.9X and 17.6X, respectively, compared to the state-of-the-art software baseline. Integrating CIPHERMATCH with IFP improves performance and reduces energy consumption by 136.9X and 256.4X, respectively, compared to the software-based CIPHERMATCH implementation.
翻译:同态加密(HE)允许在加密数据上执行安全计算而无需暴露原始数据,为隐私敏感应用提供了显著优势。许多云计算应用(如DNA序列比对、生物特征匹配、网络搜索)将精确字符串匹配作为关键操作。然而,现有的基于同态加密的字符串匹配算法受限于复杂操作导致的高计算延迟,以及加密数据规模庞大造成的数据移动瓶颈。本研究提出一种高效的算法-硬件协同设计,以加速基于HE的安全精确字符串匹配。我们提出CIPHERMATCH方案,其具备以下特点:(i)通过优化的基于软件的数据打包方案降低加密后内存占用的增长;(ii)避免使用代价高昂的同态操作(如乘法与旋转);(iii)通过设计新型闪存内处理(IFP)架构减少数据移动。我们通过两个案例研究验证CIPHERMATCH的优势:(1)精确DNA字符串匹配;(2)加密数据库搜索。实验表明,采用内存高效数据打包方案的纯软件CIPHERMATCH实现,与当前最先进的软件基线相比,性能提升42.9倍,能耗降低17.6倍。将CIPHERMATCH与IFP集成后,相较于纯软件CIPHERMATCH实现,性能进一步提升136.9倍,能耗降低256.4倍。