Multiparty Computation from Threshold Homomorphic Encryption
SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption...
Transcript of SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption...
![Page 1: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/1.jpg)
SAC-PA:CloudSecurity
BalajiPalanisamy
1
SchoolofInformationSciencesUniversityofPittsburgh
![Page 2: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/2.jpg)
Cloud computing Benefits
For clients:◦ No upfront commitment in
buying/leasing hardware◦ Can scale usage according to demand◦ Barriers to entry lowered for startups
For providers:◦ Increased utilization of datacenter
resources minimizes cost
2
![Page 3: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/3.jpg)
So, if cloud computing is so great, why aren’t everyone doing it?
3
Clouds are still subject to traditional data
confidentiality, integrity, availability, and privacy
issues, plus some additional attacks
![Page 4: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/4.jpg)
AWS Security Advice
4
7.2. Security. We strive to keep Your Content secure, but cannot
guarantee that we will be successful at doing so, given the nature of
the Internet. Accordingly, without limitation to Section 4.3 above
and Section 11.5 below, you acknowledge that you bear sole
responsibility for adequate security, protection and backup of Your
Content. We strongly encourage you, where available and
appropriate, to use encryption technology to protect Your Content
from unauthorized access and to routinely archive Your
Content. We will have no liability to you for any unauthorized
access or use, corruption, deletion, destruction or loss of any of
Your Content.
Source:http://aws-portal.amazon.com/gp/aws/developer/terms-and-conditions.html
![Page 5: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/5.jpg)
Example: Online Course Database
5
StudentId
Name Addr GP
A CreditCard …
Student
CourseId
Name InstrId …
Course
CourseId
StudentId
Grade …
StudentCourse
![Page 6: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/6.jpg)
Encryption and DbaaS: Functionality
6
ClientApp
SELECT *FROM coursesWHERE StudentId = 1234
![Page 7: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/7.jpg)
Encryption and DbaaS: Functionality
7
ClientApp
SELECT *FROM coursesWHERE StudentId = 1234
Encrypted
[HIL+02]SIGMOD Test of Time Award
![Page 8: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/8.jpg)
Deterministic Encryption Scheme
Encr
Decr
The quick brown fox jumps over the lazy dog
000102030405060708090a0b0c0d0e0f
a7be1a6997ad739bd8c9ca451f618b61b6ff744ed2c2c9bf6c590cbf0469bf4147f7f7bc95353e03f96c32bcfd8058df
a7be1a6997ad739bd8c9ca451f618b61b6ff744ed2c2c9bf6c590cbf0469bf4147f7f7bc95353e03f96c32bcfd8058df
000102030405060708090a0b0c0d0e0f
The quick brown fox jumps over the lazy dog
Key:
8CryptoTextbook:[KL07]
Plaintext
Plaintext
Ciphertext
Ciphertext
Key:
![Page 9: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/9.jpg)
Nondeterministic Encryption Scheme
EncrThe quick brown fox jumps over the lazy dog
000102030405060708090a0b0c0d0e0f
a7be1a6997ad739bd8c9ca451f618b61b6ff744ed2c2c9bf6c590cbf0469bf4147f7f7bc95353e03f96c32bcfd8058df
EncrThe quick brown fox jumps over the lazy dog
000102030405060708090a0b0c0d0e0f
fa636a2825b339c940668a3157244d17247240236966b3fa6ed2753288425b6c69c4e0d86a7b0430d8cdb78070b4c55a
Key:
9
Example:AES+CBC+variableIV
![Page 10: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/10.jpg)
Deterministic Encryption
10
StudentId AssignId
Score
1 1 68
1 2 71
3 4 99
… … …
select *from assignmentwhere studentid = 1
![Page 11: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/11.jpg)
Deterministic Encryption
11
StudentId_DET AssignId Score
bd6e7c3df2b5779e0b61216e8b10b689
1 68
bd6e7c3df2b5779e0b61216e8b10b689
2 71
7ad5fda789ef4e272bca100b3d9ff59f
4 99
… … …
select *from assignmentwhere studentid_det = bd6e7c3df2b5779e0b61216e8b10b689
![Page 12: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/12.jpg)
Homomorphic Encryption
7ad5fda789ef4e272bca100b3d9ff59f
bd6e7c3df2b5779e0b61216e8b10b689
7a9f102789d5f50b2beffd9f3dca4ea7
Encryptionkeyisnotaninput
12
![Page 13: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/13.jpg)
Order Preserving Encryption
13
Value Enc (Value)
1 0x0001102789d5f50b2beffd9f3dca4ea7
2 0x0065fda789ef4e272bcf102787a93903
3 0x009b5708e13665a7de14d3d824ca9f15
4 0x04e062ff507458f9be50497656ed654c
5 0x08db34fb1f807678d3f833c2194a759e
[BCN11,PLZ13]
![Page 14: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/14.jpg)
Order-Preserving Encryption
14
StudentId
AssignId
Score
1 1 68
1 2 71
3 4 99
… … …
select *from assignmentwhere score >= 90
![Page 15: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/15.jpg)
Order-Preserving Encryption
15
StudentId
AssignId
Score_OPE
1 1 0x0065fda789ef4e272bcf102787a93903
1 2 0x009b5708e13665a7de14d3d824ca9f15
3 4 0x08db34fb1f807678d3f833c2194a759e
… … …
select *from assignmentwhere score_OPE >= 0x04e062ff507458f9be50497656ed654c
![Page 16: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/16.jpg)
Homomorphic Encryption Schemes
FullyHomomorphicEncryption
Order-PreservingEncryption
DeterministicEncryption
Non-DeterministicEncryption
PaillierCryptosystem
ElGamalCryptosystem
(Anyfunction)
16
[G09,G10]
[P99] [E84]
[BCN11,PLZ13]
![Page 17: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/17.jpg)
Homomorphic Encryption Schemes
FullyHomomorphicEncryption
Order-PreservingEncryption
DeterministicEncryption
Non-DeterministicEncryption
PaillierCryptosystem
ElGamalCryptosystem
(Anyfunction)
17
[G09,G10]
[P99] [E84]
[BCN11,PLZ13]
PartialHomomorphicEncryption
![Page 18: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/18.jpg)
Homomorphic Encryption Schemes
FullyHomomorphicEncryption
Order-PreservingEncryption
DeterministicEncryption
Non-DeterministicEncryption
PaillierCryptosystem
ElGamalCryptosystem
(Anyfunction)
18
[G09,G10]
[P99] [E84]
[BCN11,PLZ13]
PartialHomomorphicEncryption
![Page 19: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/19.jpg)
Homomorphic Encryption Schemes: Performance
Scheme Spacefor 1integer(bits)
Timefor1operation
Cosmictimescales
ms
sDeterministic
Order-preserving
PaillierElGamal
FullyHomomorphicEncryption
19
![Page 20: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/20.jpg)
Trusted Client Architecture
� Distributed query processing between untrusted DBMS and client-end DBMS shell
DBMSShell
Client Query Fragment
KeyDBMS
Server Query Fragment
Encrypted Data
Client App
Plaintext Query
Plaintext Results
![Page 21: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/21.jpg)
CryptDB Architecture
� Web proxy rewrites queries, decrypts result
� Leverage P.H.E techniques
WebProxy
Client App
DBMS +UDFs
Rewritten Query
Encrypted DataKey
PlainTextQuery
PlainTextResults
[PRZ+11]
![Page 22: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/22.jpg)
Secure In-Cloud Compute Architecture
� Distributed query processing between untrusted DBMS and trusted cloud compute
� Solutions differ in granularity of integration
DBMS
Untrusted Query Fragment
Encrypted Data
TrustedCompute
Trusted Query Fragment
Key
Encrypted Data
QueryTranslation& Splitting
Client App
Plaintext Results Plaintext
Query
![Page 23: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/23.jpg)
Secure Processors
� TrustedDB◦ Trusted compute is
a full DBMS
Client App
CloudDBMS
Query
Results
IBM SecureCo-processor
Key
EmbeddedLinux & SQL Lite
Storage
[BS11]
![Page 24: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/24.jpg)
TrustedDB Hybrid Example
24[BS11]
![Page 25: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/25.jpg)
Partioned Computing
� Hybrid Clouds◦ Public cloud for non-sensitive data◦ Private cloud for sensitive data◦ Data and compute shipped between them
� Example Hybrid Cloud architectures◦ SEDIC (CCS 2011)◦ SEMROD (SIGMOD 2015)◦ VNCACHE (CCGrid 2014)
25
![Page 26: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/26.jpg)
How can Ann delete her sensitive email?� She doesn’t know where all the copies are� Services may retain data for long after user
tries to delete
Loss of Control: Data Lives Forever
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
26
Ann CarlaSensitive email
ISP
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
![Page 27: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/27.jpg)
Archived Copies Can Resurface Years Later
27
ISP
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
Some time later…
SensitiveSenstive
Sensitive
SensitiveSenstive
Sensitive
CarlaAnn
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
This is sensitive stuff.
Retroactive attack on archived data
![Page 28: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/28.jpg)
n A system composed of individually-owned computers that make a portion of their resources available directly to their peers without intermediary managed hosts or servers. [~wikipedia]
Important P2P properties (for Vanish):n Huge scale – millions of nodesn Geographic distribution – hundreds of countriesn Decentralization – individually-owned, no single point of trustn Constant evolution – nodes constantly join and leave
Vanish Peer-To-Peer Protocol (OSDI’06)
28
![Page 29: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/29.jpg)
Timed-releaseofSelf-emergingData(ICDCS’17,CLOUD’17)
generated
timer
released
Securelyprotected
Availableforreceivers
Use cases: • non-releasable private data may become releasable due to the degradation of
time-varying data privacy.• time-sensitive online events: secure voting mechanism, online examination.
Timed release of self emerging data:• securely hide the protected data from being accessed prior to the release
time.• automatic appearance of the stored data at the predetermined release
time.
![Page 30: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/30.jpg)
S R
Self-emergingData
Parameters:•Totalfragmentnumber– m(3)•Thresholdfragmentnumber– n(2)•Length– l(3)
Package generation
Package routing
The adjust one-hop scheme can only support medium emerging time period. We propose the multi-hop scheme to handle the very long requirements:
Instead of deploying a single set of nodes to hold the packages during the entire T, we now arrange multiple sets of nodes to carry the packages in relay from the sender to the receiver. Also, the single usage of the erasure coding is now extended to a nested usage so that the old packages can be merged at each set of nodes to generate new packages and the reduced number of alive packages can be replenished during each re-generation.
ChaoLiandBalajiPalanisamy,"Timed-releaseofSelf-emergingDatausingDistributedHashTables",Proc.of37thIEEEInternationalConferenceonDistributedComputingSystems,Atlanta,USA.(ICDCS2017).
ChaoLiandBalajiPalanisamy,"Emerge:Self-emergingDataReleaseusingCloudDataStorage",Proc.of10thIEEEInternationalConferenceonCloudComputing,Honolulu,USA.(IEEECLOUD2017).
![Page 31: SAC-PA: Cloud Security · [BCN11, PLZ13] Partial Homomorphic Encryption. Homomorphic Encryption Schemes: Performance Scheme Space for1 integer (bits) Time for 1 operation Cosmic time](https://reader036.fdocuments.us/reader036/viewer/2022070112/6053c7d590aa61226807e08c/html5/thumbnails/31.jpg)
� Thank you & Questions
31