3,684 research outputs found
Efficient cryptographic primitives: Secure comparison, binary decomposition and proxy re-encryption
”Data outsourcing becomes an essential paradigm for an organization to reduce operation costs on supporting and managing its IT infrastructure. When sensitive data are outsourced to a remote server, the data generally need to be encrypted before outsourcing. To preserve the confidentiality of the data, any computations performed by the server should only be on the encrypted data. In other words, the encrypted data should not be decrypted during any stage of the computation. This kind of task is commonly termed as query processing over encrypted data (QPED).
One natural solution to solve the QPED problem is to utilize fully homomorphic encryption. However, fully homomorphic encryption is yet to be practical. The second solution is to adopt multi-server setting. However, the existing work is not efficient. Their implementations adopt costly primitives, such as secure comparison, binary decomposition among others, which reduce the efficiency of the whole protocols. Therefore, the improvement of these primitives results in high efficiency of the protocols. To have a well-defined scope, the following types of computations are considered: secure comparison (CMP), secure binary decomposition (SBD) and proxy re-encryption (PRE). We adopt the secret sharing scheme and paillier public key encryption as building blocks, and all computations can be done on the encrypted data by utilizing multiple servers. We analyze the security and the complexity of our proposed protocols, and their efficiencies are evaluated by comparing with the existing solutions.”--Abstract, page iii
Enabling Secure Database as a Service using Fully Homomorphic Encryption: Challenges and Opportunities
The database community, at least for the last decade, has been grappling with
querying encrypted data, which would enable secure database as a service
solutions. A recent breakthrough in the cryptographic community (in 2009)
related to fully homomorphic encryption (FHE) showed that arbitrary computation
on encrypted data is possible. Successful adoption of FHE for query processing
is, however, still a distant dream, and numerous challenges have to be
addressed. One challenge is how to perform algebraic query processing of
encrypted data, where we produce encrypted intermediate results and operations
on encrypted data can be composed. In this paper, we describe our solution for
algebraic query processing of encrypted data, and also outline several other
challenges that need to be addressed, while also describing the lessons that
can be learnt from a decade of work by the database community in querying
encrypted data
Homomorphic Encryption for Speaker Recognition: Protection of Biometric Templates and Vendor Model Parameters
Data privacy is crucial when dealing with biometric data. Accounting for the
latest European data privacy regulation and payment service directive,
biometric template protection is essential for any commercial application.
Ensuring unlinkability across biometric service operators, irreversibility of
leaked encrypted templates, and renewability of e.g., voice models following
the i-vector paradigm, biometric voice-based systems are prepared for the
latest EU data privacy legislation. Employing Paillier cryptosystems, Euclidean
and cosine comparators are known to ensure data privacy demands, without loss
of discrimination nor calibration performance. Bridging gaps from template
protection to speaker recognition, two architectures are proposed for the
two-covariance comparator, serving as a generative model in this study. The
first architecture preserves privacy of biometric data capture subjects. In the
second architecture, model parameters of the comparator are encrypted as well,
such that biometric service providers can supply the same comparison modules
employing different key pairs to multiple biometric service operators. An
experimental proof-of-concept and complexity analysis is carried out on the
data from the 2013-2014 NIST i-vector machine learning challenge
Privacy-Aware Processing of Biometric Templates by Means of Secure Two-Party Computation
The use of biometric data for person identification and access control is gaining more and more popularity. Handling biometric data, however, requires particular care, since biometric data is indissolubly tied to the identity of the owner hence raising important security and privacy issues. This chapter focuses on the latter, presenting an innovative approach that, by relying on tools borrowed from Secure Two Party Computation (STPC) theory, permits to process the biometric data in encrypted form, thus eliminating any risk that private biometric information is leaked during an identification process. The basic concepts behind STPC are reviewed together with the basic cryptographic primitives needed to achieve privacy-aware processing of biometric data in a STPC context. The two main approaches proposed so far, namely homomorphic encryption and garbled circuits, are discussed and the way such techniques can be used to develop a full biometric matching protocol described. Some general guidelines to be used in the design of a privacy-aware biometric system are given, so as to allow the reader to choose the most appropriate tools depending on the application at hand
A Survey on Homomorphic Encryption Schemes: Theory and Implementation
Legacy encryption systems depend on sharing a key (public or private) among
the peers involved in exchanging an encrypted message. However, this approach
poses privacy concerns. Especially with popular cloud services, the control
over the privacy of the sensitive data is lost. Even when the keys are not
shared, the encrypted material is shared with a third party that does not
necessarily need to access the content. Moreover, untrusted servers, providers,
and cloud operators can keep identifying elements of users long after users end
the relationship with the services. Indeed, Homomorphic Encryption (HE), a
special kind of encryption scheme, can address these concerns as it allows any
third party to operate on the encrypted data without decrypting it in advance.
Although this extremely useful feature of the HE scheme has been known for over
30 years, the first plausible and achievable Fully Homomorphic Encryption (FHE)
scheme, which allows any computable function to perform on the encrypted data,
was introduced by Craig Gentry in 2009. Even though this was a major
achievement, different implementations so far demonstrated that FHE still needs
to be improved significantly to be practical on every platform. First, we
present the basics of HE and the details of the well-known Partially
Homomorphic Encryption (PHE) and Somewhat Homomorphic Encryption (SWHE), which
are important pillars of achieving FHE. Then, the main FHE families, which have
become the base for the other follow-up FHE schemes are presented. Furthermore,
the implementations and recent improvements in Gentry-type FHE schemes are also
surveyed. Finally, further research directions are discussed. This survey is
intended to give a clear knowledge and foundation to researchers and
practitioners interested in knowing, applying, as well as extending the state
of the art HE, PHE, SWHE, and FHE systems.Comment: - Updated. (October 6, 2017) - This paper is an early draft of the
survey that is being submitted to ACM CSUR and has been uploaded to arXiv for
feedback from stakeholder
- …