The update from Week 3&4

FHE-DKSAP Performance Benchmark

Our implementation of Fully Homomorphic Encryption Stealth Address comprises two integral components. The first part encompasses the initial implementation of SECP256k1, a widely recognized elliptic curve cryptography algorithm. This foundation forms the basis for secure cryptographic operations in our system. The second component involves the generation of stealth addresses, a crucial technique that enhances the privacy and anonymity of transactions.

In order to thoroughly assess the performance and effectiveness of our system, we conducted comprehensive testing of the generated stealth addresses. This testing phase encompassed a variety of scenarios and methodologies to ensure the robustness and reliability of our approach. Specifically, we evaluated the stealth address generation process using three different setups: DK-SAP (Plain), HE-DK-SAP (Pallier), and FHE-DK-SAP. These setups represent distinct encryption methods, each contributing to varying levels of security and computational complexity. The intricate details pertaining to our implementation and the subsequent testing procedures have been meticulously documented. For those seeking an in-depth understanding, we have provided a comprehensive breakdown of our implementation process and testing outcomes in the aspect of time computation.

1. Initial Implementation of SECP256k1

The SECP256k1 elliptic curve is defined with the equation:
y^2 = x^3 + 7 (mod p) over the finite field Z(2)(256)(-2)(32)(-977), which means the X and Y coordinates are 256-bit integers modulo a large number.
The main functions consist of public key generation based on the secret key
def sk_PK_HPK_WA(sk):
PK = secp256k1.privtopub(s.to_bytes(32, "big"))
PK = secp256k1.multiply(secp256k1.G, secp256k1.bytes_to_int(sk.to_bytes(32, "big")))
HPK = sha3.keccak_256(PK[0].to_bytes(32, "big")+PK[1].to_bytes(32, "big")).hexdigest()
WA = "0x"+ HPK[-40:]
return PK, HPK, WA

2. SA Generation:

In this pivotal phase of our implementation, the generation of stealth addresses takes center stage. Stealth addresses are paramount to ensuring the confidentiality and privacy of transaction participants. Our approach involves distinct methods tailored for various security requirements and computational complexities.

2.1 DK-SAP Plain:
The DK-SAP plain variant of stealth address generation is divided into three comprehensive sections, each serving a distinct purpose in the process:

• Public and Secret Key Generation: At the core of the DK-SAP plain methodology lies the generation of public and secret keys. These cryptographic keys serve as the foundation for subsequent operations and secure communication.

• ECDH Algorithm: The Elliptic Curve Diffie-Hellman (ECDH) algorithm plays a pivotal role in deriving shared secrets between parties. This cryptographic protocol ensures that secure communication channels are established while minimizing the risk of eavesdropping.

• Stealth Private Key Derivation: Building upon the generated keys and ECDH protocol, the stealth private key derivation step enhances the intricacy of the address generation process, bolstering the security and obfuscation of the generated stealth addresses.

2.2 HE-DKSAP with Paillier:
Introducing Homomorphic Encryption (HE) using the Paillier scheme, our system extends the possibilities of secure computation without compromising data privacy. The integration of Paillier encryption requires a specific library, paillier, for seamless implementation. The process unfolds in three distinct stages:

• Bob Secret Key Generation and Encryption: Bob's secret key is generated and subsequently encrypted using the Paillier encryption scheme. This ensures that sensitive information remains confidential throughout the computation process.
• Alice Secret Key Generation and Encryption: In parallel, Alice's secret key undergoes a similar treatment – generation and encryption using the Paillier scheme. This dual encryption methodology preserves the individuality of parties' contributions.
• Bob's Final Key Recovery and Stealth Address Generation: Through a meticulously orchestrated process, Bob's final key is recovered, paving the way for the secure generation of stealth addresses. The culmination of these steps ensures that the resulting addresses remain secure against potential attacks.

2.3 FHE-DKSAP with Concrete:
Advancing beyond conventional encryption methods, we employ Fully Homomorphic Encryption (FHE) using the Concrete framework. In lieu of utilizing the Paillier key generation, our approach introduces a unique strategy:

• Circuit.Keygen() and Encryption/Decryption from Concrete: We leverage the functionalities provided by the Concrete framework, specifically the circuit.keygen() function for key generation and the encryption/decryption functions for secure computation. This alternative approach demonstrates our adaptability to varying encryption techniques while maintaining the security and integrity of the stealth address generation process.

Performance Evaluation

To thoroughly assess the performance and effectiveness of FHE-DKSAP, we conducted time computation testing and storage of the generated stealth addresses. Specifically, we evaluated the stealth address generation process using three different setups: DK-SAP (Plain), HE-DKSAP (Pallier), and FHE-DKSAP(Concrete).
Environment:

• Processor: Linux, 2.3 GHz Quad-Core Intel Core i5; Memory: 8 GB 2133 MHz LPDDR3
• Python Version 3.9
• Python-Paillier 1.2.2
• Concrete: zamafhe/concrete-python:v2.0.0

1. Performance measurements:
   
   Image Not Showing Possible Reasons

   • The image was uploaded to a note which you don't have access to
   • The note which the image was originally uploaded to has been deleted

   Learn More →

Testing Summary:
DK-SAP excels in computational speed due to its lack of privacy-preserving encryption. HE-DKSAP-Paillier balances enhanced data privacy with longer computational time due to the intricate encryption and decryption of the Paillier scheme, which is around 20 times slower compared to the plain scheme. FHE-DKSAP-Concrete is slightly slower than unencrypted DK-SAP but notably faster than HE-DKSAP-Paillier. This efficiency is thanks to its implementation in the RUST programming language, highlighting the importance of suitable tools for execution.

2. Storage (on chain) measurements:

DK-SAP Plain:

HE-DKSAP-Paillier:

FHE-DKSAP-Concrete:

NA*: The outcomes are contingent upon the specific FHE schemes adopted by the Concrete library.

From our performance testing, we have identified the key advantages of FHE-DKSAP:

• Protection Against Quantum Computing Attacks: It's worth noting that FHE schemes like BGV, BFV, and CKKS are built upon learning with error assumptions, inherently fortifying our FHE-DKSAP against potential quantum computing attacks.
• Key Reusability: The process of generating the Stealth Address (SA) hinges on the public keys of both parties involved. Yet, should Alice decide to alter her key pair, it results in a distinct SA. This, in turn, allows for the potential reusability of Bob's key pair.
• Optimized Computation Time: The off-chain computation of the stealth address using FHE-DPSAP proves to be acceptable in terms of computation time.
• Minimal Storage Footprint: FHE-based DK-SAP demonstrates an advantage in terms of storage efficiency on the chain, which is considerably smaller than that of the plain DK-SAP method.

In conclusion, this approach strikes a balance between computational complexity and efficiency, ensuring efficient processing while maintaining a secure and private transaction environment.
Any feedback is welcome!