After serializing ciphertext using CKKS, the memory footprint is about ten times larger than when serializing the original data. I’m curious about roughly how many times larger the memory footprint would be with OPENFHE. Additionally, I have an idea I’d like to discuss: Would designing a transmission protocol tailored specifically for the CKKS encryption scheme significantly reduce memory usage and thus lower communication costs?
ten times larger
This is by design. When you take your original data and encode it, we “pad” numbers to the end of it to make it a vector of size ring_dim; this is done for security reasons.
transmission protocol tailored specifically for the CKKS encryption scheme significantly reduce memory usage and thus lower communication costs
Can you elaborate? The OpenFHE team is probably not going to take this on, but what did you have in mind?
I understand, and I also believe that the OpenFHE team doesn’t need to invest time and effort into such a task. I came up with this idea because I’m currently trying to apply homomorphic encryption to aggregate gradient parameters in federated learning. The performance of other metrics is quite good, but the communication overhead increases tenfold due to the encryption algorithm, which is a drawback. I remember someone in this discussion forum also suggested whether we could use encryption algorithms similar to CKKS to compress data for transmission in smaller sizes. The comments section and I were skeptical at that time. But now, I’m considering whether we can leverage the properties of encoding and encryption in reverse. We could design a special communication protocol so that computers can “understand” data at a higher level, rather than through repeated transformations via byte code (serialization). This may involve more direct and tailored data mapping designs. It may require reimagining data representation so that computers can interpret data at a higher level, involving encoding data in formats that preserve its structure and semantics, enabling more efficient processing without the need for extensive serialization and deserialization.
These thoughts have emerged from my research needs, leaning more towards the application layer. Regardless, perhaps I will also make some attempts.
For the lattice cryptography community, I believe that you are one of the best teams in the world in this field. You have profound insights and a wealth of expertise. Could we exchange some thoughts and ideas on this concept? I would be deeply grateful for your invaluable insights and thoughts on this matter.