An implementation of an encrypted machine prototype
A growing number of compute and data storage jobs is performed on remote resources. In a cloud environment the customer can’t be sure where a particular job is physically executed and thus cannot rely on the security and confidentiality of the remote resource. A solution for this problem is the operation on encrypted functions and encrypted data. This enables a customer to generate a program that can be executed by a third party, without revealing the underlying algorithm or the processed data. This helps securing applications and data in a distributed digital ecosystem. The shapeCPU is a method to compute a secret program on an untrusted resource using fully homomorphic encrypted circuits. The concept solves the problems of encrypted storage access with encrypted addresses and encrypted branching: in contrast to other approaches, like static one-pass circuit simulations, our system supports dynamic parameters and non-linear programs, that render branchdecisions at runtime and cannot be represented in a circuit with hard-wired in-circuit parameters and data. Our implementation comprises the runtime environment for an encrypted program and an assembler to generate the encrypted machine code.
Currently the runtime properties of the shapeCPU are very slow due to the underlying homomorphic cryptographic operations. We hope this open source project can serve as a foundation to actively encourage research and participation into optimizing both the cryptographic performance as well as the CPU performance. If you are interested in collaborating with us please drop us a line.
There is a lot of source code available on github.
An encrypting assembler is here.