Efficient Fully Homomorphic Encryption Scheme

Since Gentry discovered in 2009 the first fully homomorphic encryption scheme, the last few years have witnessed dramatic progress on designing more efficient homomorphic encryption schemes, and some of them have been implemented for applications. The main bottlenecks are in bootstrapping and large cipher expansion (the ratio of the size of ciphertexts to that of messages). Ducas and Micciancio (2015) show that homomorphic computation of one bit operation on LWE ciphers can be done in less than a second, which is then reduced by Chillotti et al. (2016, 2017) to 13ms. This paper presents a compact fully homomorphic encryption scheme that has the following features: (a) its cipher expansion is 6 with private-key encryption and 20 with public-key encryption; (b) all ciphertexts after any number (unbounded) of homomorphic bit operations have the same size and are always valid with the same error size; (c) its security is based on the LWE and RLWE problems (with binary secret keys) and the cost of breaking the scheme by the current approaches is at least $2^{160}$ bit operations. The scheme protects function privacy and provides a simple solution for secure two-party computation and zero knowledge proof of any language in NP

A Verifiable Fully Homomorphic Encryption Scheme for Cloud Computing Security

Performing smart computations in a context of cloud computing and big data is highly appreciated today. Fully homomorphic encryption (FHE) is a smart category of encryption schemes that allows working with the data in its encrypted form. It permits us to preserve confidentiality of our sensible data and to benefit from cloud computing powers. Currently, it has been demonstrated by many existing schemes that the theory is feasible but the efficiency needs to be dramatically improved in order to make it usable for real applications. One subtle difficulty is how to efficiently handle the noise. This paper aims to introduce an efficient and verifiable FHE based on a new mathematic structure that is noise free

Improving Additive and Multiplicative Homomorphic Encryption Schemes Based on Worst-Case Hardness Assumptions}

In CRYPTO 2010, Aguilar et al. proposed a somewhat homomorphic encryption scheme, i.e. an encryption scheme allowing to compute a limited amount of sums and products over encrypted data, with a security reduction from LWE over general lattices. General lattices (as opposed to ideal lattices) do not have an inherent multiplicative structure but, using a tensorial product, Aguilar et al. managed to obtain a scheme allowing to compute products with a polylogarithmic amount of operands. In this paper we present an alternative construction allowing to compute products with polynomially-many operands while preserving the security reductions of the initial scheme. Unfortunately, despite this improvement our construction seems to be incompatible with Gentry\u27s seminal transformation allowing to obtain fully-homomorphic encryption schemes. Recently, Brakerski et al. used the tensorial product approach introduced by Aguilar et al. in a new alternative way which allows to radically improve the performance of the obtained scheme. Based on this approach, and using two nice optimizations, their scheme is able to evaluate products with exponentially-many operands and can be transformed into an efficient fully-homomorphic encryption scheme while being based on general lattice problems. However, even if these results outperform the construction presented here, we believe the modifications we suggest for Aguilar et al.\u27s schemes are of independent interest

An improved Framework for Biometric Database’s privacy

Security and privacy are huge challenges in biometric systems. Biometrics are sensitive data that should be protected from any attacker and especially attackers targeting the confidentiality and integrity of biometric data. In this paper an extensive review of different physiological biometric techniques is provided. A comparative analysis of the various sus mentioned biometrics, including characteristics and properties is conducted. Qualitative and quantitative evaluation of the most relevant physiological biometrics is achieved. Furthermore, we propose a new framework for biometric database privacy. Our approach is based on the use of the promising fully homomorphic encryption technology. As a proof of concept, we establish an initial implementation of our security module using JAVA programming language

A Modified Symmetric Key Fully Homomorphic Encryption Scheme Based on Read-Muller Code

Homomorphic encryption became popular and powerful cryptographic primitive for various cloud computing applications. In the recent decades several developments has been made. Few schemes based on coding theory have been proposed but none of them support unlimited operations with security.   We propose a modified Reed-Muller Code based symmetric key fully homomorphic encryption to improve its security by using message expansion technique. Message expansion with prepended random fixed length string provides one-to-many mapping between message and codeword, thus one-to many mapping between plaintext and ciphertext. The proposed scheme supports both (MOD 2) additive and multiplication operations unlimitedly.   We make an effort to prove the security of the scheme under indistinguishability under chosen-plaintext attack (IND-CPA) through a game-based security proof. The security proof gives a mathematical analysis and its complexity of hardness. Also, it presents security analysis against all the known attacks with respect to the message expansion and homomorphic operations

Faster Bootstrapping with Multiple Addends

As an important cryptographic primitive in cloud computing and outsourced computation, fully homomorphic encryption (FHE) is an animated area of modern cryptography. However, the efficiency of FHE has been a bottleneck that impeding its application. According to Gentry’s blueprint, bootstrapping, which is used to decrease ciphertext errors, is the most important process in FHE. However, bootstrapping is also the most expensive process that affecting the efficiency of the whole system. Firstly, we notice that, hundreds of serial homomorphic additions take most of the time of bootstrapping. We made use of the properties of Boolean circuit to reduce the number of serial homomorphic additions by two-thirds, and thus constructed an efficient FHE scheme with bootstrapping in 10ms. Secondly, the most expensive parts in our bootstrapping, EHCM and addition operations of multiple matrices, can be accelerated by parallel. This parallel may accelerate the bootstrapping. At last, we found a set of more efficient combination of parameters. As a result, our security parameter level is 128 bits and the correctness is elevated, compared with TFHE scheme in ASIACRYPT 2016. Experiments show that the running time of our bootstrapping is 10ms, which is only 52 percent of TFHE, and is less than CGGI17

Security and privacy issues of physical objects in the IoT: Challenges and opportunities

In the Internet of Things (IoT), security and privacy issues of physical objects are crucial to the related applications. In order to clarify the complicated security and privacy issues, the life cycle of a physical object is divided into three stages of pre-working, in-working, and post-working. On this basis, a physical object-based security architecture for the IoT is put forward. According to the security architecture, security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail. Considering the development of IoT technologies, potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized. At the same time, possible directions for dealing with these challenges are also pointed out

On Fully Homomorphic Encryption

Täielikult homomorfne krüpteerimine on krüptosüsteem, mille puhul üks osapool saab enda valdusesse krüpteeritud andmed ning saab nende andmetega tõhusalt sooritada erinevaid operatsioone. Operatsioone saab teha hoolimata sellest, et andmed jäävad krüpteerituks ning seega ei ole ka vajalik teada dekrüpteerimisvõtit. Selline süsteem oleks äärmiselt kasulik, näiteks tagades andmete privaatsuse, mis on saadetud kolmanda osapoole teenusele. Täielikult homomorfne krüpteerimine on vastandiks krüptosüsteemidele nagu Paillier, kus ei ole võimalik teostada krüpteeritud andmete peal korrutamist ilma neid enne dekrüpteerimata, või ElGamal, kus ei saa sooritada krüpteeritud andmete liitmist enne andmete dekrüpteerimist. Täielikult homomorfne krüpteerimine on väga uus uurimisala: esimese taolise süsteemi lõi Gentry aastal 2009. Gentry läbimurdest alates on olnud palju tema tööst inspireeritud edasiminekuid. Kõik viimased täielikult homomorfsed krüptosüsteemid kasutavad avaliku võtmega krüptograafiat ja põhinevad võredel. Võre-põhine krüptograafia äratab üha enam huvi oma turvalisuse püsimisega kvantarvutites ning oma halvima juhu turvagarantiidega. Siiski jääb püsima peamine probleem: süsteemidel ei ole veel tõhusat teostust, mis säilitaks adekvaatsed turvalisuse nõuded. Selles valguses vaadatuna, viimased edasiminekud täielikult homomorfses krüpteerimises kas täiendavad eelnevate süsteemide tõhusust või pakuvad välja uue parema efektiivsusega skeemi. Antud uurimus on ülevaade hiljutistest täielikult homomorfsetest krüptosüsteemidest. Õpime tundma mõningaid viimaseid täielikult homomorfseid krüptosüsteeme, analüüsime ning võrdleme neid. Neil süsteemidel on teatud ühised elemendid: 1. Tõhus võre-põhine krüptosüsteem turvalisusega, mis põhineb üldteada võreprobleemide keerulisusel. 2. Arvutusfunktsioon definitsioonidega homomorfsele liitmisele ja korrutamisele müra kasvu piiramiseks. 3. Meetodid, et muuta süsteem täielikult homomorfseks selle arvutusfunktsiooniga. Niipea kui võimalik, kirjutame nende süsteemide peamised tulemused ümber detailsemas ja loetavamas vormis. Kõik skeemid, mida me arutame, välja arvatud Gentry, on väga uued. Kõige varasem arutletav töö avaldati oktoobris aastal 2011 ning mõningad tööd on veel kättesaadavad ainult elektroonilisel kujul. Loodame, et käesolev töö aitab lugejail olla kursis täielikult homomorfse krüpteerimisega, rajades teed edasistele arengutele selles vallas

Privacy-preserving Anti-Money Laundering using Secure Multi-Party Computation

Money laundering is a serious financial crime where criminals aim to conceal the illegal source of their money via a series of transactions. Although banks have an obligation to monitor transactions, it is difficult to track these illicit money flows since they typically span over multiple banks, which cannot share this information due to privacy concerns. We present secure risk propagation, a novel efficient algorithm for money laundering detection across banks without violating privacy concerns. In this algorithm, each account is assigned a risk score, which is then propagated through the transaction network. In this article we present two results. Firstly, using data from a large Dutch bank, we show that it is possible to detect unusual activity using this model, with cash ratio as the risk score. With a recall of 20%, the precision improves from 15% to 40% by propagating the risk scores, reducing the number of false positives significantly. Secondly, we present a privacy-preserving solution for securely performing risk propagation over a joint, inter-bank transaction network. To achieve this, we use Secure Multi-Party Computation (MPC) techniques, which are particularly well-suited for the risk propagation algorithm due to its structural simplicity. We also show that the running time of this secure variant scales linearly in the amount of accounts and transactions. For 200, 000 transactions, two iterations of the secure algorithm between three virtual parties, run within three hours on a consumer-grade server

PSKPIR: Symmetric Keyword Private Information Retrieval based on PSI with Payload

Symmetric Private Information Retrieval (SPIR) is a protocol that protects privacy during data transmission. However, the existing SPIR focuses only on the privacy of the data to be requested on the server, without considering practical factors such as the payload that may be present during data transmission. This could seriously prevent SPIR from being applied to many complex data scenarios and hinder its further expansion. To solve such problems, we propose a primitive (PSKPIR) for symmetric private keyword information retrieval based on private set intersection (PSI) that supports payload transmission and batch keyword search. Specifically, we combine probe-and-XOR of strings (PaXoS) and Oblivious Programmable PRF (OPPRF) to construct PSI with payload (PSI-Payload) not only satisfies client privacy and server privacy, but also facilitates efficient payload transmission. The client can efficiently generate symmetric keys locally using keywords in the intersection, and receive payloads with matching labels in batches. In addition, we provide security definitions for PSKPIR and use the framework of universal composability (UC) to prove security. Finally, we implement PSKPIR with sublinear communication costs in both LAN and WAN settings. Experimental results show that our payload transfer speed is 10× faster than previous work on sufficiently large data sets