655 research outputs found
Conditionals in Homomorphic Encryption and Machine Learning Applications
Homomorphic encryption aims at allowing computations on encrypted data
without decryption other than that of the final result. This could provide an
elegant solution to the issue of privacy preservation in data-based
applications, such as those using machine learning, but several open issues
hamper this plan. In this work we assess the possibility for homomorphic
encryption to fully implement its program without relying on other techniques,
such as multiparty computation (SMPC), which may be impossible in many use
cases (for instance due to the high level of communication required). We
proceed in two steps: i) on the basis of the structured program theorem
(Bohm-Jacopini theorem) we identify the relevant minimal set of operations
homomorphic encryption must be able to perform to implement any algorithm; and
ii) we analyse the possibility to solve -- and propose an implementation for --
the most fundamentally relevant issue as it emerges from our analysis, that is,
the implementation of conditionals (requiring comparison and selection/jump
operations). We show how this issue clashes with the fundamental requirements
of homomorphic encryption and could represent a drawback for its use as a
complete solution for privacy preservation in data-based applications, in
particular machine learning ones. Our approach for comparisons is novel and
entirely embedded in homomorphic encryption, while previous studies relied on
other techniques, such as SMPC, demanding high level of communication among
parties, and decryption of intermediate results from data-owners. Our protocol
is also provably safe (sharing the same safety as the homomorphic encryption
schemes), differently from other techniques such as
Order-Preserving/Revealing-Encryption (OPE/ORE).Comment: 14 pages, 1 figure, corrected typos, added introductory pedagogical
section on polynomial approximatio
SoK: Use of Cryptography in Malware Obfuscation
We look at the use of cryptography to obfuscate malware. Most surveys on malware obfuscation only discuss simple encryption techniques (e.g., XOR encryption), which are easy to defeat (in principle), since the decryption algorithm and the key is shipped within the program. This SoK proposes a principled definition of malware obfuscation, and categorises instances of malware obfuscation that use cryptographic tools into those which evade detection and those which are detectable. The SoK first examines easily detectable schemes such as string encryption, class encryption and XOR encoding, found in most obfuscated malware. It then details schemes that can be shown to be hard to break, such as the use of environmental keying. We also analyse formal cryptographic obfuscation, i.e., the notions of indistinguishability and virtual black box obfuscation, from the lens of our proposed model on malware obfuscation
- …