In this deliverable D5.5 "Final Report on Hardware-Assisted Schemes", we give a description of work that has been done in FENTEC for developing hardware-assisted schemes for FE. This deliverable is specifically about the work in Task 5.3. D5.5 extends D5.4 "Preliminary Report on Hardware-Assisted Schemes" from June 2019. As defined in D5.1 "Security and Trust Models", we assume partial trust to the computing platform for the hardware-assisted schemes. Specifically, we assume that there exists a trusted part in an otherwise untrusted platform. Untrusted in this context means that it can be a subject for implementation attacks and that an adversary can potentially compromise it by utilizing weaknesses of the system.
On the other hand, compromising a trusted component is assumed to be out of the adversary's capabilities.
We consider two different cases of hardware-assisted schemes in this deliverable: (1) the entire HW part of the computing platform (e.g., an FPGA) is trusted and (2) there exists only a small trusted component (e.g., a commercial TPM chip or a TEE in the main CPU) in an otherwise untrusted platform. We consider a specific multi-input inner-product FE scheme based on Paillier encryption and cryptographic pairings (optimal ate pairings on Barreto-Naehrig curves) as examples and show how they map to these two cases. In addition to these discussions, we also present a prototype FE implementation under the HW-assisted trust model where the trusted component is implemented with ARM TrustZone. Finally, we identify certain directions for future research.