Protecting data confidentiality in cloud systems

Tao Li,Xiaojun Ye,Jianmin Wang
DOI: https://doi.org/10.1145/2430475.2430493
2012-01-01
Abstract:To achieve a trustworthy cloud data service, there is a need to both provide the right services from a security engineering perspective, as well as to allows specific types of computations to be carried out on encrypted cloud data. However, traditional encryption solutions can't be used to process outsourcing encrypted data hosting to an untrusted cloud provider. A novel encryption scheme, called fully homomorphic encryption (FHE), could afford the circuit ability over encrypted data without decrypting it. In this paper, we deliver a universal construction framework for fully homomorphic encryption schemes. At first, this framework initializes a somewhat homomorphic encryption scheme based on the concept of metric space in abstract algebra which encodes the plaintext into a offset vector and generates a ciphertext by adding the offset vector to a random eigenvector in the metric space. As an abelian group, the ring is closed under addition and multiplication, this abstract algebra assume the metric space could forma ring and the eigenvectors belong to an ideal of this ring, then this framework could achieve homomorphism by having the scheme live in rings. We also deduce some well-known fully homomorphic schemes from the construction framework, and propose a prototype with an FHE encryption proxy to solve confidentiality problems in cloud systems. At last, we show the performance of FHE with some experiments, and speed the performance of fully homomorphic encryption up with cloud computing (parallel computing, distribute computing, etc.). We also discuss some opening issues and directions for future fully homomorphic encryption researches.
What problem does this paper attempt to address?