Homomorphic Encryption
-
Upload
vipin-tejwani -
Category
Internet
-
view
205 -
download
1
Transcript of Homomorphic Encryption
Introduction Homomorphic Encryption[1] is a form
of encryption which allows specific types of computations to be carried out on ciphertext and obtain an encrypted result which decrypted, matches the result of operations performed on the plaintext.
For instance, one person could add two encrypted numbers and then another person could decrypt the result, without either of them being able to find the value of the individual numbers.
Earlier there was Somewhat Homomorphic Encryption technique. This encryption used low polynomial degree, which was its big drawback.
In June 2009, “Gentry” proposed the first efficient Fully Homomorphic Encryption technique. It is efficient in the sense that all algorithms run in polynomial time.
Nowadays:
Craig Gentry presented a working implementation ofthe fully homomorphic system, including thebootstrapping function.
Exists a practical application of homomorphicencryption to a hybrid wireless network.
Perform statistical tests over encrypted data such astemperature, humidity, etc.
There are also some practical implementations ofsimplifications of this scheme over databases.
An Analogy: Alice’s Jewellery Store Alice’s workers need to assemble raw materials into
jewellery.
But Alice is worried about theft
How can the workers process the raw materials without having access to
them?
Alice puts materials in locked glove box
For which only she has the key
Workers assemble jewellery in the box.
Alice unlocks box to get “results”.
Terminologies of Analogy Encrypt: putting things inside the box.
Anyone can do this (imagine a mail-drop).
Decrypt: Taking things out of the box. Only Alice can do it, requires the key.
Evaluate: Assembling the jewelry,i.e., performing operations.
Why Homomorphic Encryption Confidentiality problems
Ability to compute over ciphertext instead of plaintext
One could use information without knowing the content of that information
Privacy guaranteed
Homomorphic Encryption Crypto Magic
5 * 6 = CT(5) * CT(6) -> D ( k, E(k,5) * E(k,6) ) = 5 * 6
Homomorphic Assumption
• Partially homomorphic/fully homomorphic
Homomorphic Encryption Partially homomorphic schemes
RSA: CT(x)*CT(y) = (xe mod M) * (ye mod M) = xeye
mod M = (xy)e mod M = CT(x*y), where e is theexponent key and M the modulus.
M=3233;
e=17;
Partially homomorphic schemes
RSA: Obtain 5*6 performing RSA(5)*RSA(6)
RSA(5) = 517 (mod 3233) = 3086;
RSA(6) = 617 (mod 3233) = 824;
3068*824 = 2542864;
RSA-1(2542864) = 25428642753 (mod 3233) = 30;
5*6 = 30;
Homomorphic Encryption
Homomorphic Encryption Fully homomorphic Encryption[2]:
A cryptosystem that supports arbitrary computation on ciphertexts is known as fully homomorphic encryption (FHE) and is far more powerful. Such a scheme enables the construction of programs for any desirable functionality, which can be run on encrypted inputs to produce an encryption of the result.
Fully homomorphic Encryption schemes:
Craig Gentry scheme
Zaryab Khan scheme
Craig Gentry scheme Suppose a scheme with a “noise parameter” attached to
each CT;
Encryption algorithm outputs a CT with a small noiseparameter (say less than n);
Decryption algorithm only works if noise is less than someparameter N >> n;
To compute E(a+b) / E(a*b), include noise;
This gives a “somewhat homomorphic” scheme.
Craig Gentry scheme (integers) Craig Gentry scheme’s homomorphic assumptions
Addition: c1 + c2 = b1+ b2 + 2(x1+x2) + (k1+k2)p = b1 xorb2 + 2x + kp
Decryption works if (b1+2x1) + (b2+2x2) is in [-N,N]
Multiplication: c1*c2 = b1*b2 + 2(b1x2 + b2x1 + 2x1x2) + kp= b1*b2 + 2x + kp
Decryption works if (b1+2x1) * (b2+2x2) is in [-N,N]
Craig Gentry scheme (integers)
Addition example: 4+4
CT(100):
CT(1) = 1 + 2*3 + 5*3 = 22
CT(0) = 0 + 2*3 + 5*3 = 21
CT(0) = 0 + 2*3 + 5*3 = 21
D(44 42 42):
D(44) = 44 mod 3 = 2
D(42) = 42 mod 3 = 0
D(42) = 42 mod 3 = 0
22 21 21+22 21 21
44 42 42
1000 = 8 = 4+4
Craig Gentry scheme (integers)
Multiplication example: 4*4
CT(100):
CT(1) = 1 + 2*3 + 5*3 = 22
CT(0) = 0 + 2*3 + 5*3 = 21
CT(0) = 0 + 2*3 + 5*3 = 21
D(484 924 1365 882 441):
D(484) = 484 mod 3 = 1
D(924) = 924 mod 3 = 0
D(1365) = 1365 mod 3 = 0
D(882) = 882 mod 3 = 0
D(441) = 441 mod 3 = 0
22 21 21×22 21 21
484 924 1365 882 441
10000 = 16 = 4*4
HELib Helib[4] is a software library that implements
homomorphic encryption (HE), specifically the Brakerski-Gentry-Vaikuntanathan (BGV) scheme, focusing on effective use of the Smart ciphertext packing techniques and the Gentry-Halevi-Smart optimizations.
HELib Developed by Shai Halevi (2013)
○ Implementation of Brakerski-Gentry-Vaikuntanathan scheme.
○ Using many optimizations in literature for speed.
Performance:
Advantages
Cloud security.
Working with information stored in databases.
Queries to search engines.
Spam Filtering.
Problems Solved
Wireless Sensor/Mesh Network.
Problems related to personal records like medical records:
○ Analyze disease / treatment without disclosing them
○ Search for DNA markers without revealing DNA.
HELib[4] from IBM.https://github.com/shaih/HElib/tree/master/src
Abstract: Homomorphic Encryption Applied to Cloud Computing Security
Current Cloud Computing(supposedly The Next Big Thing) lacks security.
Security and confidentiality needs to be protected among several enterprises.
Homomorphic Encryption solves these problems
Craig Gentry Fully Homomorphic Encryption evaulates arbitrary number of operations and thus can calculate any type of encrypted data.
We can outsource the calculations on confidential data to the Cloud server, keeping the secret key that can decrypt the result of the calculation.
References [1]. Hacker Lexicon: What Is Homomorphic Encryption?
www.wired.com/2014/11/hacker-lexicon-homomorphic-encryption/
[2]. A Fully Homomorphic Encryption Scheme
www.crypto.stanford.edu/craig/craig-thesis.pdf
[3]. Homomorphic Encryption - MIT Technology Review
www2.technologyreview.com/article/423683/homomorphic-encryption/
[4]. IBM takes a big new step in cryptography practical homomorphic encryption
nakedsecurity.sophos.com/2013/05/05/ibm-takes-big-new-step-in-cryptography/