Search

KR-20260066634-A - ELECTRONIC APPARATUS AND CONTROLLING METHOD THEREOF

KR20260066634AKR 20260066634 AKR20260066634 AKR 20260066634AKR-20260066634-A

Abstract

An electronic device for processing homomorphic encryption includes at least one processor including a processing circuit and a memory, wherein the at least one processor obtains a first ciphertext obtained by homomorphically encrypting plaintext data with a first secret key, obtains a second ciphertext corresponding to a second secret key through a first key switching module, transmits the second ciphertext to a second key switching module, obtains a third ciphertext corresponding to a third secret key through a second key switching module, transmits the third ciphertext to a decryption module, and obtains plaintext data by decrypting the third ciphertext based on a third secret key through a decryption module.

Inventors

  • 천정희
  • 김태경
  • 박진환

Assignees

  • 주식회사 크립토랩

Dates

Publication Date
20260512
Application Date
20251031
Priority Date
20241104

Claims (20)

  1. In an electronic device for processing homomorphic encryption, At least one processor including a processing circuit; and Includes memory; The above-mentioned at least one processor is, Obtain a first ciphertext obtained by homomorphically encrypting plaintext data with a first secret key, and Through the first key switching module, the first ciphertext is obtained as a second ciphertext corresponding to the second secret key, and The above second ciphertext is transmitted to the above second key switching module, and Through the second key switching module, the second ciphertext is obtained to obtain a third ciphertext corresponding to the third secret key, and The above third ciphertext is transmitted to the decryption module, and An electronic device that obtains plaintext data by decrypting the third ciphertext based on the third secret key through the decryption module.
  2. In paragraph 1, The above-mentioned at least one processor is, Receive input data encrypted with the above-mentioned first secret key, and An electronic device that obtains the first ciphertext by performing a preset homomorphic encryption operation on the input data through a homomorphic encryption calculation module.
  3. In paragraph 1, The above-mentioned first key switching module is, An electronic device comprising a first function that converts a ciphertext corresponding to the first secret key into a ciphertext corresponding to the second secret key.
  4. In paragraph 1, The above second key switching module is, An electronic device comprising a second function that converts a ciphertext corresponding to the second secret key into a ciphertext corresponding to the third secret key.
  5. In paragraph 1, The above decoding module is, An electronic device, which is a module for decrypting a ciphertext corresponding to the third secret key.
  6. In paragraph 1, The above electronic device is, Includes a communication interface, The above-mentioned at least one processor is, Through the communication interface above, user input for decrypting the first ciphertext is received from an external device, and An electronic device that transmits the second ciphertext to the second key switching module when the second ciphertext is obtained based on the above user input.
  7. In paragraph 6, The above-mentioned at least one processor is, When the second ciphertext is obtained based on the above user input, a first control signal is generated including a first command for transmitting a decryption result to the external device and a second command for requesting key switching of the second ciphertext, and An electronic device that transmits the first control signal and the second ciphertext to the second key switching module.
  8. In Paragraph 7, The above-mentioned at least one processor is, When the first control signal is generated, the second ciphertext is converted into the third ciphertext through the second key switching module, and An electronic device that transmits the third ciphertext to the decryption module when the third ciphertext is obtained.
  9. In paragraph 8, The above-mentioned at least one processor is, When the third ciphertext is obtained, a second control signal is generated including the first command for transmitting the decryption result to the external device and the third command for requesting decryption of the third ciphertext. An electronic device that transmits the second control signal and the third ciphertext to the decryption module.
  10. In Paragraph 9, The above-mentioned at least one processor is, When the second control signal is generated, the plaintext data is obtained by decrypting the third ciphertext with the third secret key through the decryption module, and An electronic device that, when the plaintext data is obtained, transmits the plaintext data to the external device based on the first command through the communication interface.
  11. In a homomorphic encryption system comprising a first electronic device, a second electronic device and a third electronic device, The above first electronic device is, Obtain a first ciphertext obtained by homomorphically encrypting plaintext data with a first secret key, and Through the first key switching module, the first ciphertext is obtained as a second ciphertext corresponding to the second secret key, and The above second ciphertext is transmitted to the above second electronic device, and The second electronic device above is, Upon receiving the above second ciphertext, Through the second key switching module, the second ciphertext is obtained to obtain a third ciphertext corresponding to the third secret key, and Transmit the above third ciphertext to the above third electronic device, and The above third electronic device is, Upon receiving the above third ciphertext, A system that obtains plaintext data by decrypting the third ciphertext based on the third secret key through a decryption module.
  12. In Paragraph 11, The above first electronic device is, Receive input data encrypted with the above-mentioned first secret key, and A system that obtains the first ciphertext by performing a pre-set homomorphic encryption operation on the input data through a homomorphic encryption calculation module.
  13. In Paragraph 11, The above-mentioned first key switching module is, A system comprising a first function that converts a ciphertext corresponding to the first secret key into a ciphertext corresponding to the second secret key.
  14. In Paragraph 11, The above second key switching module is, A system comprising a second function that converts a ciphertext corresponding to the second secret key into a ciphertext corresponding to the third secret key.
  15. In Paragraph 11, The above decoding module is, A system, which is a module for decrypting a ciphertext corresponding to the third secret key.
  16. In Paragraph 11, The above first electronic device is, Receiving user input from an external device to decrypt the above first ciphertext, and A system that transmits the second ciphertext to the second electronic device when the second ciphertext is obtained based on the user input.
  17. In Paragraph 16, The above first electronic device is, When the second ciphertext is obtained based on the above user input, a first control signal is generated including a first command for transmitting a decryption result to the external device and a second command for requesting key switching of the second ciphertext, and A system that transmits the first control signal and the second ciphertext to the second electronic device.
  18. In Paragraph 17, The second electronic device above is, When the first control signal and the second ciphertext are received, the second ciphertext is converted into the third ciphertext through the second key switching module, and A system that transmits the third ciphertext to the third electronic device when the third ciphertext is obtained.
  19. In Paragraph 18, The second electronic device above is, When the third ciphertext is obtained, a second control signal is generated including the first command for transmitting the decryption result to the external device and the third command for requesting decryption of the third ciphertext. A system that transmits the second control signal and the third ciphertext to the third electronic device.
  20. In Paragraph 19, The above third electronic device is, When the second control signal and the third ciphertext are received, the plaintext data is obtained by decrypting the third ciphertext with the third secret key through the decryption module, and A system that transmits the plaintext data to the external device based on the first command when the plaintext data is obtained.

Description

ELECTRONIC APPARATUS AND CONTROLLING METHOD THEREOF The present disclosure relates to an electronic device and a method for controlling the same, and more specifically, to an electronic device and a method for controlling the same that utilize a plurality of secret keys in decrypting the result of a homomorphic encryption operation. Homomorphic encryption systems have a structure in which operations are performed on the ciphertext, and the result is decrypted using a specific secret key to obtain the original operation result. If there is only one secret key used for decryption, the leakage of that key can expose the data encrypted with that key as well as the operation results. For example, if the secret key of data owner A is leaked externally, an attacker can decrypt not only A's ciphertext but also all the results of operations performed on A's ciphertext. Even when a design with multiple secret keys (e.g., user-specific secret keys, service-specific separate keys, etc.) is implemented, if all secret keys are centrally stored and managed by a single entity, multiple keys can be leaked simultaneously from that central management point. In other words, even with multiple keys, a ‘joint management’ approach can create a single point of failure in terms of security. FIG. 1 is a drawing for explaining the structure of a network system according to one embodiment. FIG. 2 is a drawing for explaining the structure of a network system according to one embodiment. FIG. 3 is a block diagram illustrating an electronic device according to one embodiment. FIG. 4 is a diagram illustrating a key switching node according to one embodiment. FIG. 5 is a diagram illustrating an operation to acquire plaintext data through a plurality of key switching operations according to one embodiment. FIG. 6 is a diagram illustrating the operation of acquiring plaintext data using a plurality of key switching nodes according to one embodiment. FIG. 7 is a diagram illustrating the process of performing key switching in a plurality of devices according to one embodiment. FIG. 8 is a drawing for explaining a key switching module included in each of a plurality of devices according to one embodiment. FIG. 9 is a diagram illustrating that, according to one embodiment, homomorphic encryption operations and key switching operations are performed in the same device. FIG. 10 is a diagram illustrating that, according to one embodiment, key switching and decoding operations are performed in the same device. FIG. 11 is a diagram illustrating the operation of acquiring plaintext data from a plurality of networks according to one embodiment. FIG. 12 is a diagram illustrating the operation of acquiring plaintext data individually from each of a plurality of networks according to one embodiment. FIG. 13 is a diagram illustrating an operation of dividing key switching into a plurality of levels according to one embodiment. FIG. 14 is a diagram illustrating the operation in which each of a plurality of decoding modules obtains a plurality of decoding calculation results according to one embodiment. FIG. 15 is a diagram illustrating the operation in which each of a decoding module obtains a plurality of decoding calculation results according to one embodiment. The present disclosure will be described in detail below with reference to the attached drawings. The terms used in the embodiments of this disclosure have been selected to be as widely used as possible, taking into account their functions within this disclosure; however, these terms may vary depending on the intent of those skilled in the art, case law, the emergence of new technologies, etc. Additionally, in specific cases, terms have been arbitrarily selected by the applicant, and in such cases, their meanings will be described in detail in the relevant explanatory section of this disclosure. Therefore, terms used in this disclosure should be defined not merely by their names, but based on their meanings and the overall content of this disclosure. In this specification, expressions such as “have,” “may have,” “include,” or “may include” indicate the presence of such features (e.g., numerical values, functions, operations, or components such as parts) and do not exclude the presence of additional features. The expression "at least one of A or/and B" should be understood as representing either "A" or "B" or "A and B". Expressions such as "first," "second," "first," or "second" used in this specification may modify various components regardless of order and/or importance, and are used only to distinguish one component from another and do not limit said components. Where it is stated that a component (e.g., Component 1) is "(operatively or communicatively) coupled with/to" or "connected to" another component (e.g., Component 2), it should be understood that the component may be directly connected to the other component or connected through the other component (e.g., Component 3). The singular expres