Paper 2025/382

On the Security and Privacy of CKKS-based Homomorphic Evaluation Protocols

Intak Hwang, Seoul National University
Seonhong Min, Seoul National University
Jinyeong Seo, Seoul National University
Yongsoo Song, Seoul National University
Abstract

CKKS is a homomorphic encryption (HE) scheme that supports arithmetic over complex numbers in an approximate manner. Despite its utility in PPML protocols, formally defining the security of CKKS-based protocols is challenging due to its approximate nature. To be precise, in a sender-receiver model, where the receiver holds input ciphertexts and the sender evaluates its private circuit, it is difficult to define sender's privacy in terms of indistinguishability, whereas receiver's privacy is easily achieved through the semantic security of CKKS. In this paper, we present a new definition for CKKS-based protocols, called Differentially Private Homomorphic Evaluation (DPHE) protocols, along with a general method to achieve this. In our definition, we relax the sender’s privacy condition from indistinguishability to differential privacy notion. We focus on the fact that most security concern for PPML protocols is differential privacy on evaluation results, rather than the simulatability of the evaluation. We prove that if the ideal functionality satisfies differential privacy and a protocol satisfies DPHE, then the output of the protocol also satisfies differential privacy. Next, we provide a general compiler that transforms a plain CKKS-based protocol into a DPHE one. We achieve this by mixing the Laplace mechanism and zero-knowledge argument of knowledge (ZKAoK) for CKKS. This approach allows us to achieve sender's privacy with a moderate noise, whereas the previous indistinguishability-based approach requires exponentially large overhead. Finally, we provide a concrete instantiation of ZKAoK for CKKS in the form of PIOP. To prove the well-formedness of CKKS ciphertexts and public keys, we devise new proof techniques that use homomorphic evaluation during verification. We also provide an implementation to demonstrate the practicality of our ZKAoK for CKKS by compiling PIOPs using the HSS polynomial commitment scheme (Crypto'24).

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Homomorphic EncryptionZero-knowledge ProofDifferential PrivacyCKKS
Contact author(s)
intak hwang @ snu ac kr
minsh @ snu ac kr
jinyeong seo @ protonmail com
y song @ snu ac kr
History
2025-03-04: approved
2025-02-28: received
See all versions
Short URL
https://ia.cr/2025/382
License
Creative Commons Attribution-NonCommercial
CC BY-NC

BibTeX 

@misc{cryptoeprint:2025/382,
      author = {Intak Hwang and Seonhong Min and Jinyeong Seo and Yongsoo Song},
      title = {On the Security and Privacy of {CKKS}-based Homomorphic Evaluation Protocols},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/382},
      year = {2025},
      url = {https://eprint.iacr.org/2025/382}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.