Conditionals in Homomorphic Encryption and Machine Learning Applications

Homomorphic encryption aims at allowing computations on encrypted data without decryption other than that of the final result. This could provide an elegant solution to the issue of privacy preservation in data-based applications, such as those using machine learning, but several open issues hamper this plan. In this work we assess the possibility for homomorphic encryption to fully implement its program without relying on other techniques, such as multiparty computation (SMPC), which may be impossible in many use cases (for instance due to the high level of communication required). We proceed in two steps: i) on the basis of the structured program theorem (Bohm-Jacopini theorem) we identify the relevant minimal set of operations homomorphic encryption must be able to perform to implement any algorithm; and ii) we analyse the possibility to solve -- and propose an implementation for -- the most fundamentally relevant issue as it emerges from our analysis, that is, the implementation of conditionals (requiring comparison and selection/jump operations). We show how this issue clashes with the fundamental requirements of homomorphic encryption and could represent a drawback for its use as a complete solution for privacy preservation in data-based applications, in particular machine learning ones. Our approach for comparisons is novel and entirely embedded in homomorphic encryption, while previous studies relied on other techniques, such as SMPC, demanding high level of communication among parties, and decryption of intermediate results from data-owners. Our protocol is also provably safe (sharing the same safety as the homomorphic encryption schemes), differently from other techniques such as Order-Preserving/Revealing-Encryption (OPE/ORE).Comment: 14 pages, 1 figure, corrected typos, added introductory pedagogical section on polynomial approximatio

Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8

Survey of Data Confidentiality and Privacy in the Cloud Computing Environment

The objective of this research is to develop a scheme for improving cloud data confidentiality. A considerable number of people are sharing data through third-party applications in the cloud computing environment. According to reviewed literature, it has been realized that data security and privacy were the key challenges to the wider adoption of cloud services with insider threats being the most prevalent. Similarly, our online survey indicated that 53.3% of the respondents citing insider breaches as the main threat to their organizational data. The survey also confirmed that data security and privacy is one of the greatest barriers to the adoption of cloud services in their organization. Noting the flaws of Attribute-Based Encryption (ABE) and Identity-based encryption (IBE), and with the growth of computing power, applications are constantly being developed which makes them vulnerable to attacks. Since data confidentiality is essential in the provision of information security in the cloud, this paper suggested the development and the deployment of a hybrid attribute-based re-encryption scheme, which is a scheme that bridges the ABE and IBE, to secure data in the cloud computing environment. Keywords: Encryption, Cloud Computing, Data, confidentiality, Privacy DOI: 10.7176/CEIS/11-5-03 Publication date:September 30th 2020

The Potential for Machine Learning Analysis over Encrypted Data in Cloud-based Clinical Decision Support - Background and Review

This paper appeared at the 8th Australasian Workshop on Health Informatics and Knowledge Management (HIKM 2015), Sydney, Australia, January 2015. Conferences in Research and Practice in Information Technology (CRPIT), Vol. 164, Anthony Maeder and Jim Warren, Ed. Reproduction for academic, not-for profit purposes permitted provided this text is includedIn an effort to reduce the risk of sensitive data exposure in untrusted networks such as the public cloud, increasing attention has recently been given to encryption schemes that allow specific computations to occur on encrypted data, without the need for decryption. This relies on the fact that some encryption algorithms display the property of homomorphism, which allows them to manipulate data in a meaningful way while still in encrypted form. Such a framework would find particular relevance in Clinical Decision Support (CDS) applications deployed in the public cloud. CDS applications have an important computational and analytical role over confidential healthcare information with the aim of supporting decision-making in clinical practice. This review paper examines the history and current status of homomoprhic encryption and its potential for preserving the privacy of patient data underpinning cloud-based CDS applications

THE RSA CRYPTOSYSTEM

This paper intends to present an overview of the RSA cryptosystem. Cryptosystems are mathematical algorithms that disguise information so that only the people for whom the information is intended can read it. The invention of the RSA cryptosystem in 1977 was a significant event in the history of cryptosystems. We will describe in detail how the RSA cryptosystem works and then illustrate the process with a realistic example using fictional characters. In addition, we will discuss how cryptosystems worked prior to the invention of RSA and the advantage of using RSA over any of the previous cryptosystems. This will help us understand the significance of the invention of the RSA in the world of security. We will also explain how RSA was created and who the inventors are. The RSA algorithm has become the standard cryptosystem for industrial-strength encryption, especially for data sent over the Internet. At the present time, RSA is one of the most convenient, widely used and strongest cryptosystems available