T10-AT-011HIGH
Homomorphic Encryption Exploits
T10 · Integrity & Confidentiality Breach →Risk score200
RatingHigh
Procedures9
Severity
Mechanism
Homomorphic encryption (HE) enables computation on encrypted data without decryption, theoretically allowing secure ML inference on private inputs. Attacks target the implementation gap between HE's mathematical guarantees and real-world deployment. HE schemes introduce noise that grows with computation depth — at some point noise overwhelms signal and decryption fails, requiring "bootstrapping" (re-encryption).
Detection
- Constant-time HE implementation verification
- Power/timing anomaly monitoring during HE operations
- Ciphertext integrity verification (MACs or authenticated encryption alongside HE)
- Noise budget consumption monitoring: abnormal noise growth rates indicate adversarial inputs
Mitigation
Authenticated HE (AHE)HIGH
Constant-time implementationsHIGH
Noise budget validationMEDIUM
Hardware isolation (TEE-backed HE)HIGH
Chaining
Open in the technique browser →HE exploits enable access to data protected by encrypted inference, feeding T10-AT-001 (Training Data Extraction) against privacy-preserving ML deployments. Computation-graph inference informs T10-AT-007 (Model Inversion) by revealing model architecture.