Fast Plaintext-Ciphertext Matrix Multiplication from Additively Homomorphic Encryption

TL;DR

This work tackles efficient plaintext-ciphertext matrix multiplication (PC-MM) when using unpacked additively homomorphic encryption (AHE). It extends Cussen's compression-reconstruction algorithm from plaintext to encrypted settings, specifically leveraging EC-ElGamal, to dramatically reduce the number of expensive plaintext-ciphertext multiplications at the cost of more ciphertext-ciphertext additions. The authors provide a concrete Raspberry Pi 5 implementation, demonstrate up to an order-of-magnitude speedup for large matrices with small element widths, and validate practical viability for edge-enabled privacy-preserving computations. They also discuss handling real numbers via fixed-point encoding and outline extensions to Paillier, illustrating broad applicability to privacy-preserving ML and signal processing on IoT devices.

Abstract

Plaintext-ciphertext matrix multiplication (PC-MM) is an indispensable tool in privacy-preserving computations such as secure machine learning and encrypted signal processing. While there are many established algorithms for plaintext-plaintext matrix multiplication, efficiently computing plaintext-ciphertext (and ciphertext-ciphertext) matrix multiplication is an active area of research which has received a lot of attention. Recent literature have explored various techniques for privacy-preserving matrix multiplication using fully homomorphic encryption (FHE) schemes with ciphertext packing and Single Instruction Multiple Data (SIMD) processing. On the other hand, there hasn't been any attempt to speed up PC-MM using unpacked additively homomorphic encryption (AHE) schemes beyond the schoolbook method and Strassen's algorithm for matrix multiplication. In this work, we propose an efficient PC-MM from unpacked AHE, which applies Cussen's compression-reconstruction algorithm for plaintext-plaintext matrix multiplication in the encrypted setting. We experimentally validate our proposed technique using a concrete instantiation with the additively homomorphic elliptic curve ElGamal encryption scheme and its software implementation on a Raspberry Pi 5 edge computing platform. Our proposed approach achieves up to an order of magnitude speedup compared to state-of-the-art for large matrices with relatively small element bit-widths. Extensive measurement results demonstrate that our fast PC-MM is an excellent candidate for efficient privacy-preserving computation even in resource-constrained environments.

Figures (12)

• Figure 1: Matrix multiplication $\boldsymbol{A}_{m \times n} \times \boldsymbol{B}_{n \times l} = \boldsymbol{C}_{m \times l}$ using (a) row-and-column inner products and (b) column-and-row outer products (diagram inspired by mlwiki_matmul).
• Figure 2: Toy example showing four iterations each of the Compression Phase and the Reconstruction Phase of plaintext vector-scalar multiplication using Cussen's algorithm.
• Figure 3: Number of multiplications and additions required for plaintext vector-scalar multiplication using schoolbook approach and Cussen's algorithm for random vectors of length $n \in \{2^3, 2^4, \cdots, 2^9\}$ with element bit-widths $t \in \{4, 8, 12, 16\}$.
• Figure 4: Number of multiplications and additions required for plaintext matrix multiplication using schoolbook approach, Strassen's algorithm and Cussen's algorithm for random square matrices of dimension $n \in \{2^3, 2^4, \cdots, 2^9\}$ with element bit-widths $t \in \{4, 8, 12, 16\}$.
• Figure 5: Toy example showing efficient multiplication of plaintext vector and EC-ElGamal ciphertext corresponding to encrypted scalar using proposed approach with four iterations of Cussen's compression-reconstruction algorithm.