Skip to main content

Open Source Paillier Libraries

The Confidential Computing team at Data61 has been looking at novel methods of using privacy preserving computation - with the lofty long term goal of increasing users' privacy while still allowing modern analytical insights.

One of the principals we've been relying on is partially homomorphic encryption - the ability to carry out some basic mathematical operations on encrypted data, usually this property is either addition or multiplication. Take a quick look at my previous post on Homomorphic Encryption. My team has looked at multiple homomorphic systems and settled on using the Paillier Crypto system for some of our confidential computing projects.

The homomorphic properties of the Paillier Crypto system are:
  • An encrypted number can be multiplied by a non encrypted scalar.
  • Encrypted numbers can be added together.
  • Encrypted numbers can be added to non encrypted scalars.
Everything else (such as multiplying encrypted numbers together) is either extremely difficult or impossible. Only positive integers are supported by the encryption system, so an encoding is required to use this system with floating point numbers.

Last year we published papers on using the Paillier cryptographic system to protect an individual's genome sequence while still using it for meaningful medical research. At Nicta Techfest 2014 we demonstrated the ability to privately calculate geographic proximity between cooperating parties - using the Paillier cryptosystem. Since then we've been implementing privacy preserving statistics and machine learning algorithms using the Paillier cryptosystem.

We have created a Python and Java version of the Paillier cryptosystem using an IEEE Float compatible encoding scheme. I'm proud to say they are both open source and available on github.

Python Paillier Github, Python Paillier documentationJavallier Github

Popular posts from this blog

My setup for downloading & streaming movies and tv

I recently signed up for Netflix and am retiring my headless home media pc. This blog will have to serve as its obituary. The box spent about half of its life running FreeNAS, and half running Archlinux. I’ll briefly talk about my experience with FreeNAS, the migration, and then I’ll get to the robust setup I ended up with.

The machine itself cost around $1000 in 2014. Powered by an AMD A4-7300 3.8GHz cpu with 8GB of memory. A SilverStone DS380 case is both functional, quiet and looks great. The hard drives have been updated over the last two years until it had a full compliment of 6 WD Green 4TiB drives - all spinning bits of metal though.

Initially I had the BSD based FreeNAS operating system installed. I had a single hard drive in its own ZFS pool for TV and Movies, and a second ZFS pool comprised of 5 hard drives for documents and photos.

FreeNAS is straight forward to use and setup, provided you only want to do things supported out of the box or by plugins. Each plugin is install…

Driveby contribution to Python Cryptography

While at PyConAU 2016 I attended the Monday sprints and spent some time looking at a proposed feature I hoped would soon be part of cryptography. As most readers of this blog will know, cryptography is a very respected project within the Python ecosystem and it was an interesting experience to see how such a prominent open source project handles contributions and reviews.

The feature in question is the Diffie-Hellman Key Exchange algorithm used in many cryptography applications. Diffie-Helman Key Exchange is a way of generating a shared secret between two parties where the secret can't be determined by an eavesdropper observing the communication. DHE is extremely common - it is one of the primary methods used to provide "perfect forward secrecy" every time you initiate a TLS connection to an HTTPS website. Mathematically it is extremely elegant and the inventors were the recipients of the 2015 Turing award.

I wanted to write about this particular contribution because man…

Python, Virtualenv and Docker

Unsurprisingly I use some very popular Scientific Python packages like Numpy, Scipy and Scikit Learn. These packages don't get on that well with virtualenv and pip as they take a lot of external dependencies to build. These dependencies can be optional libraries like libblas and libatlas which if present will make Numpy run faster, or required dependencies like a fortran compiler.

Back in the good old days you wouldn't pin all your dependency versions down and you'd end up with a precarious mix of apt-get installed and pip installed packages. Working with other developers, especially on different operating system update schedules could be a pain. It was time to update your project when it breaks because of a dependency upgraded by the operating system.

Does virtualenv fully solve this? No, not when you have hard requirements on the binaries that must be installed at a system level.



Docker being at a lower level gives you much more control without adding too much extra comp…