Jian Zhang,Yang,Yanjiao Chen,Jing Chen,Qian Zhang

DOI: https://doi.org/10.1016/j.comnet.2017.08.019

IF: 5.493

2017-01-01

Computer Networks

Abstract:With the growing popularity of cloud storage, to guarantee the security of outsourced data becomes more and more important. In this paper, we make the first attempt to explore the intrinsic relationship between secure cloud storage and homomorphic encryption scheme, based on which we present a Generic way to design a Secure Cloud Storage protocol, denoted as G-SCS, using any homomorphic encryption scheme (HES). The proposed G-SCS is secure under a definition that satisfy the security requirement of cloud storage. To address various issues in real application scenarios, we further extend the protocol to support deterministic and randomized auditing, data dynamics (i.e., data insertion, deletion and modification), as well as third-party public auditing, while preserving the efficiency and security of the protocol. By instantiating all abstract semantics in G-SCS, we construct three concrete secure cloud storage protocols using RSA-based, Paillier-based and DGHV-based HESs, which are multiplicatively, additively and fully HESs, respectively. We conduct extensive theoretical analysis and experimental evaluations to validate the practicability of the proposed protocol.

YANG Pan,GUI Xiao-lin,YAO Jing,LIN Jian-cai,TIAN Feng,ZHANG Xue-jun

DOI: https://doi.org/10.11959/j.issn.1000-436x.2015019

2015-01-01

Abstract:An efficient homomorphic encryption scheme called CESIL was proposed to meet the requirements of operating on encrypted data when protecting users' privacy in computing services.CESIL included key generation algorithm,encryption algorithm,decryption algorithm and calculation algorithm.In CESIL,a polynomial coefficient vector ring was established by defining addition and multiplication using polynomial ring; by using ideal lattice,the vector ring was partitioned into many residue classes to produce a quotient ring and its representative set; the plaintext was encrypted by mapping it to a representative and replacing the representative with another element in the same residue class.The features of operations in quotient ring ensured CESIL operate on encrypted data.Furthermore,the fast Fourier transform (FFT) algorithm was used to increase the efficiency and decrease the length of key.Theoretical analysis and experimental results show that CESIL is semantically secure,and can do addition and multiplication operations on encrypted data homomorphically in a specific scope.Comparing to some existing homomorphic encryption schemes,the CESIL runs efficiently,and has shorter length in key and ciphertext.Thus,the CESIL fits the practical applications better.

HUANG Ru-Wei,GUI Xiao-Lin,YU Si,ZHUANG Wei

DOI: https://doi.org/10.3724/sp.j.1016.2011.02391

2012-01-01

Chinese Journal of Computers

Abstract:With the development of Cloud Computing,privacy has become the key problem of cloud security.Encryption is a well established technology for protecting sensitive data.But it makes effective data utilization a very challenging task.To solve the problem,we design a computable encryption scheme based on vector and matrix calculations(CESVMC).Through a variety of vector and matrix operations,CESVMC realizes the encryption of data,and supports fuzzy string search and basic arithmetic calculations(addition,subtraction,multiplication and division) on encrypted data.Security analysis and performance evaluation show that CESVMC is IND-CCA while realizing the goal of computations on encrypted cloud data effectively.

Changqing Gong,Mengfei Li,Liang Zhao,Zhenzhou Guo,Guangjie Han

DOI: https://doi.org/10.1155/2018/8142102

2018-01-01

Wireless Communications and Mobile Computing

Abstract:With the rapid development of the 5G network and Internet of Things (IoT), lots of mobile and IoT devices generate massive amounts of multisource heterogeneous data. Effective processing of such data becomes an urgent problem. However, traditional centralised models of cloud computing are challenging to process multisource heterogeneous data effectively. Mobile edge computing (MEC) emerges as a new technology to optimise applications or cloud computing systems. However, the features of MEC such as content perception, real-time computing, and parallel processing make the data security and privacy issues that exist in the cloud computing environment more prominent. Protecting sensitive data through traditional encryption is a very secure method, but this will make it impossible for the MEC to calculate the encrypted data. The fully homomorphic encryption (FHE) overcomes this limitation. FHE can be used to compute ciphertext directly. Therefore, we propose a ciphertext arithmetic operation that implements data with integer homomorphic encryption to ensure data privacy and computability. Our scheme refers to the integer operation rules of complement, addition, subtraction, multiplication, and division. First, we use Boolean polynomials (BP) of containing logical AND, XOR operations to represent the rulers. Second, we convert the BP into homomorphic polynomials (HP) to perform ciphertext operations. Then, we optimise our scheme. We divide the ciphertext vector of integer encryption into subvectors of length 2 and increase the length of private key of FHE to support the 3-multiplication level additional. We test our optimised scheme in DGHV and CMNT. In the number of ciphertext refreshes, the optimised scheme is reduced by 2/3 compared to the original scheme, and the time overhead of our scheme is reduced by 1/3. We also examine our scheme in CNT of without bootstrapping. The time overhead of optimised scheme over DGHV and CMNT is close to the original scheme over CNT.

Chun Liu,Xuexian Hu,Xiaofeng Chen,Jianghong Wei,Wenfen Liu

DOI: https://doi.org/10.48550/arXiv.2105.05525

2021-05-12

Abstract:As one of the most important basic operations, matrix multiplication computation (MMC) has varieties of applications in the scientific and engineering community such as linear regression, k-nearest neighbor classification and biometric identification. However handling these tasks with large-scale datasets will lead to huge computation beyond resource-constrained client s computation power. With the rapid development of cloud computing, outsourcing intensive tasks to cloud server has become a promising method. While the cloud server is generally out of the control of clients, there are still many challenges concerned with the privacy security of clients sensitive data. Motivated by this, Lei et al. presented an efficient encryption scheme based on random permutation to protect the privacy of client s data in outsourcing MMC task. Nevertheless, there exists inherent security flaws in their scheme, revealing the statistic information of zero elements in the original data thus not satisfying the computational indistinguishability (IND-ZEA). Aiming to enhance the security of the outsourcing MMC task, we propose a new encryption scheme based on subtly designed invertible matrix where the additive perturbation is introduced besides the multiplicative perturbation. Furthermore, we show that the proposed encryption scheme can be applied to not only MMC task but also other kinds of outsourced tasks such as linear regression and principal component analysis. Theoretical analyses and experiments indicate that our methods are more secure in terms of data privacy, with comparable performance to the state-of-the-art scheme based on matrix transformation.

Cryptography and Security

Yang Gao,Gang Quan,Soamar Homsi,Wujie Wen,Liqiang Wang

2024-05-23

Abstract:Despite the cloud enormous technical and financial advantages, security and privacy have always been the primary concern for adopting cloud computing facility, especially for government agencies and commercial sectors with high-security requirements. Homomorphic Encryption (HE) has recently emerged as an effective tool in assuring privacy and security for sensitive applications by allowing computing on encrypted data. One major obstacle to employing HE-based computation, however, is its excessive computational cost, which is multiple magnitudes higher than its counterpart based on the plaintext. In this paper, we study the problem of how to reduce the HE-based computational cost for general Matrix Multiplication (MM), i.e., a fundamental building block for numerous practical applications, by taking advantage of the Single Instruction Multiple Data (SIMD) operation supported by HE schemes. Specifically, we develop a novel element-wise algorithm for general matrix multiplication, based on which we propose two HE-based General Matrix Multiplication (HEGMM) algorithms to reduce the HE computation cost. Our experimental results show that our algorithms can significantly outperform the state-of-the-art approaches of HE-based matrix multiplication.

Cryptography and Security

Jing Li,Xiaohui Kuang,Shujie Lin,Xu Ma,Yi Tang

DOI: https://doi.org/10.1016/j.ins.2020.03.041

IF: 8.1

2020-01-01

Information Sciences

Abstract:In recent years, more and more machine learning algorithms depend on the cloud computing. When a machine learning system is trained or classified in the cloud environment, the cloud server obtains data from the user side. Then, the privacy of the data depends on the service provider, it is easy to induce the malicious acquisition and utilization of data. On the other hand, the attackers can detect the statistical characteristics of machine learning data and infer the parameters of machine learning model through reverse attacks. Therefore, it is urgent to design an effective encryption scheme to protect the data’s privacy without breaking the performance of machine learning.In this paper, we propose a novel homomorphic encryption framework over non-abelian rings, and define the homomorphism operations in ciphertexts space. The scheme can achieve one-way security based on the Conjugacy Search Problem. After that, a homomorphic encryption was proposed over a matrix-ring. It supports real numbers encryption based on the homomorphism of 2-order displacement matrix coding function and achieves fast ciphertexts homomorphic comparison without decrypting any ciphetexts operations’ intermediate result. Furthermore, we use the scheme to realize privacy preservation for machine learning training and classification in data ciphertexts environment. The analysis shows that our proposed schemes are efficient for encryption/decryption and homomorphic operations.

Xuangou Wu,Shaojie Tang,Panlong Yang

DOI: https://doi.org/10.48550/arXiv.1412.5937

2014-12-19

Abstract:Cloud-assisted image services are widely used for various applications. Due to the high computational complexity of existing image encryption technology, it is extremely challenging to provide privacy preserving image services for resource-constrained smart device. In this paper, we propose a novel encrypressive cloud-assisted image service scheme, called eCIS. The key idea of eCIS is to shift the high computational cost to the cloud allowing reduction in complexity of encoder and decoder on resource-constrained device. This is done via compressive sensing (CS) techniques, compared with existing approaches, we are able to achieve privacy protection at no additional transmission cost. In particular, we design an encryption matrix by taking care of image compression and encryption simultaneously. Such that, the goal of our design is to minimize the mutual information of original image and encrypted image. In addition to the theoretical analysis that demonstrates the security properties and complexity of our system, we also conduct extensive experiment to evaluate its performance. The experiment results show that eCIS can effectively protect image privacy and meet the user's adaptive secure demand. eCIS reduced the system overheads by up to $4.1\times\sim6.8\times$ compared with the existing CS based image processing approach.

Cryptography and Security,Networking and Internet Architecture

Qi Wang,Dehua Zhou,Yanling Li

DOI: https://doi.org/10.48550/arXiv.1812.00599

2018-12-03

Cryptography and Security

Abstract:With the rapid development of cloud computing, the privacy security incidents occur frequently, especially data security issues. Cloud users would like to upload their sensitive information to cloud service providers in encrypted form rather than the raw data, and to prevent the misuse of data. The main challenge is to securely process or analyze these encrypted data without disclosing any useful information, and to achieve the rights management efficiently. In this paper, we propose the encrypted data processing protocols for cloud computing by utilizing additively homomorphic encryption and proxy cryptography. For the traditional homomorphic encryption schemes with many limitations, which are not suitable for cloud computing applications. We simulate a cloud computing scenario with flexible access control and extend the original homomorphic cryptosystem to suit our scenario by supporting various arithmetical calculations. We also prove the correctness and security of our protocols, and analyze the advantages and performance by comparing with some latest works.

Jun Zhang,Zoe L. Jiang,Ping Li,Siu Ming Yiu

DOI: https://doi.org/10.1007/978-3-030-74717-6_23

2020-01-01

Abstract:With the popularity of cloud computing, data owners encrypt their data with different keys before uploading data to the cloud due to privacy concerns. Homomorphic encryption makes it possible to calculate on encrypted data but is usually restricted to single key. Based on an additively homomorphic encryption supporting one multiplication, we propose a general computing framework to execute common arithmetic operations on encrypted data under multiple keys such as addition, multiplication, exponentiation. Our scheme rely on two non-colluding servers and is proven to be secure against semi-honest attackers. The experimental evaluations demonstrate the practicality of our computing framework in terms of lower computational complexity and communication overhead.

Jun Zhang,Zoe L.Jiang,Ping Li,Siu Ming Yiu

DOI: https://doi.org/10.1016/j.ins.2021.06.017

IF: 8.1

2021-10-01

Information Sciences

Abstract:<p>Preparing large amounts of training data is the key to the success of machine learning. Due to the public's concern about individual privacy, different techniques are proposed to achieve privacy preserving machine learning. Homomorphic encryption enables calculation on encrypted data in the cloud. However, current schemes either focus on single key or a specific algorithm. Cooperation between different institutions is quite common in this era of big data. Encrypting data from different institutions under one single key is a risk to data privacy. Moreover, constructing secure scheme for a specific machine learning algorithm lacks universality. Based on an additively homomorphic encryption supporting one multiplication, we propose a general multikey computing framework to execute common arithmetic operations on encrypted data such as addition, multiplication, comparison, sorting, division and etc. Our scheme can be used to run different machine learning algorithms. Our scheme is proven to be secure against semi-honest attackers and the experimental evaluations demonstrate the practicality of our computing framework.</p>

computer science, information systems

Michael Naehrig,Kristin Lauter,Vinod Vaikuntanathan

DOI: https://doi.org/10.1145/2046660.2046682

2011-01-01

Abstract:The prospect of outsourcing an increasing amount of data storage and management to cloud services raises many new privacy concerns for individuals and businesses alike. The privacy concerns can be satisfactorily addressed if users encrypt the data they send to the cloud. If the encryption scheme is homomorphic, the cloud can still perform meaningful computations on the data, even though it is encrypted. In fact, we now know a number of constructions of fully homomorphic encryption schemes that allow arbitrary computation on encrypted data. In the last two years, solutions for fully homomorphic encryption have been proposed and improved upon, but it is hard to ignore the elephant in the room, namely efficiency -- can homomorphic encryption ever be efficient enough to be practical? Certainly, it seems that all known fully homomorphic encryption schemes have a long way to go before they can be used in practice. Given this state of affairs, our contribution is two-fold. First, we exhibit a number of real-world applications, in the medical, financial, and the advertising domains, which require only that the encryption scheme is &quot;somewhat&quot; homomorphic. Somewhat homomorphic encryption schemes, which support a limited number of homomorphic operations, can be much faster, and more compact than fully homomorphic encryption schemes. Secondly, we show a proof-of-concept implementation of the recent somewhat homomorphic encryption scheme of Brakerski and Vaikuntanathan, whose security relies on the &quot;ring learning with errors&quot; (Ring LWE) problem. The scheme is very efficient, and has reasonably short ciphertexts. Our unoptimized implementation in magma enjoys comparable efficiency to even optimized pairing-based schemes with the same level of security and homomorphic capacity. We also show a number of application-specific optimizations to the encryption scheme, most notably the ability to convert between different message encodings in a ciphertext.

C P Gupta,Iti Sharma

DOI: https://doi.org/10.1109/nof.2013.6724526

2013-10-01

Abstract:With single computer&#x27;s computation power not sufficing., need for sharing resources to manipulate and manage data through clouds is increasing rapidly. Hence., it is favorable to delegate computations or store data with a third party., the cloud provider. However., delegating data to third party poses the risks of data disclosure during computation. The problem can be addressed by carrying out computation without decrypting the encrypted data. The results are also obtained encrypted and can be decrypted at the user side. This requires modifying functions in such a way that they are still executable while privacy is ensured or to search an encrypted database. Homomorphic encryption provides security to cloud consumer data while preserving system usability. We propose a symmetric key homomorphic encryption scheme based on matrix operations with primitives that make it easily adaptable for different needs in various cloud computing scenarios.

Yun Fan Huang,Dian Hua Tang,Wei Zhao,Juan Ren,Xiao Peng Yu

DOI: https://doi.org/10.1109/icaml54311.2021.00038

2021-01-01

Abstract:As a new technology emerging in the era of Internet big data, cloud computing has huge storage space and tough computing power, providing a solution for the analysis and processing of big data. However, with the concern of privacy disclosure, data analysis in plaintext can not meet the needs of privacy protection. Therefore, the data security issues in the process of cloud computing need to be solved. Homomorphic encryption technology has the characteristics of computing on encrypted data, which can provide security protection for privacy data in cloud computing. In this paper, combined with CKKS homomorphic encryption scheme, using two different packing encoding methods based on row encoding and column encoding, we design different ciphertext data analysis algorithm schemes, including ciphertext mean calculation, ciphertext variance calculation, ciphertext covariance matrix calculation, etc., to achieve privacy protection in the process of big data analysis. In the order of millions of data sets, the ciphertext data analysis can achieve second order response. At the same time, the ciphertext analysis algorithm proposed in this paper supports multi-dimensional sample data sets. The experimental results show that the ciphertext data analysis under 16-dimensional data sets reaches 23.49 seconds.

Bo Zhang,Yu-Na Wang,Chuan He,Zesheng Xi

DOI: https://doi.org/10.1117/12.2667716

2023-03-28

Abstract:In the information times, with the rapid development of network technology, emerging technologies such as big data and artificial intelligence have gradually entered daily life, but various network security risks have also followed. In recent years, as a new security strategy, mimic defense technology has been a new force suddenly rises, providing a new idea and direction for protecting network security. In the actual application scenario, the resource consumption of the mimic defense service is large, and it is generally deployed and provided by the cloud service provider. Although the mimic defense can play a good role in defending against external attacks, the data transmission in the current system is based on plaintext, which cannot guarantee the privacy of user data. Homomorphic encryption technology, as an encryption supporting data ciphertext operation, can protect data privacy on the premise of completing data operation requirements. As an important field of homomorphic technology, homomorphic hash technology has been widely used in cloud storage scenarios. Aiming at the problem that the cloud service mimic defense system cannot protect data privacy, this paper introduces homomorphic encryption technology into the mimic defense system to protect the privacy of user data. The scheme proposed in this paper is based on the mimic defense architecture, which optimizes the adjudication process of the adjudication module through the homomorphic encryption technology, make full use of the characteristics of homomorphic operation, protects the privacy of user data, and improves the system security. Moreover, this paper builds a mimic routing platform for experimental analysis. The experimental results show that the malicious attacker can see the user’s private information under the traditional defense mechanism. However, after homomorphic encryption optimization, each user authentication is still less than 1 millisecond, and the user information data become invisible to malicious attackers.

Engineering,Computer Science

Tao Li,Xiaojun Ye,Jianmin Wang

DOI: https://doi.org/10.1145/2430475.2430493

2012-01-01

Abstract:To achieve a trustworthy cloud data service, there is a need to both provide the right services from a security engineering perspective, as well as to allows specific types of computations to be carried out on encrypted cloud data. However, traditional encryption solutions can't be used to process outsourcing encrypted data hosting to an untrusted cloud provider. A novel encryption scheme, called fully homomorphic encryption (FHE), could afford the circuit ability over encrypted data without decrypting it. In this paper, we deliver a universal construction framework for fully homomorphic encryption schemes. At first, this framework initializes a somewhat homomorphic encryption scheme based on the concept of metric space in abstract algebra which encodes the plaintext into a offset vector and generates a ciphertext by adding the offset vector to a random eigenvector in the metric space. As an abelian group, the ring is closed under addition and multiplication, this abstract algebra assume the metric space could forma ring and the eigenvectors belong to an ideal of this ring, then this framework could achieve homomorphism by having the scheme live in rings. We also deduce some well-known fully homomorphic schemes from the construction framework, and propose a prototype with an FHE encryption proxy to solve confidentiality problems in cloud systems. At last, we show the performance of FHE with some experiments, and speed the performance of fully homomorphic encryption up with cloud computing (parallel computing, distribute computing, etc.). We also discuss some opening issues and directions for future fully homomorphic encryption researches.

Sajjad Akherati,Yok Jye Tang,Xinmiao Zhang

2024-10-17

Abstract:Homomorphic encryption (HE) allows computations to be directly carried out on ciphertexts and is essential to privacy-preserving computing, such as neural network inference, medical diagnosis, and financial data analysis. Only addition and 2-input multiplication are defined over ciphertexts in popular HE schemes. However, many HE applications involve non-linear functions and they need to be approximated using high-order polynomials to maintain precision. To reduce the complexity of these computations, this paper proposes 3-input ciphertext multiplication. One extra evaluation key is introduced to carry out the relinearization step of ciphertext multiplication, and new formulas are proposed to combine computations and share intermediate results. Compared to using two consecutive 2- input multiplications, computing the product of three ciphertexts utilizing the proposed scheme leads to almost a half of the latency, 29% smaller silicon area, and lower noise without scarifying the throughput.

Cryptography and Security,Hardware Architecture

Yuan-Shun Dai,Miao He,Hongwei Li,Shenmin Zhang,Rongxing Lu

DOI: https://doi.org/10.1109/GLOCOM.2017.8254988

2017-12-01

Abstract:In cloud computing, outsourcing computation , as an economically promising paradigm, enables clients with limited computing resources to delegate intensive tasks to the powerful cloud server. Nevertheless, outsourcing the involved data without encryption to public brings a high risk of revealing the confidential information of the client, and no matter the returned results from server are valid or not. Due to the low trustiness of the server, it is crucial to guarantee both the security and efficiency in delegation. Motivated by those challenges, a rapidly-growing body of research mostly focuses on how to delegate mostly utilizing a feasible mechanism-verifiable computation, where the server returns results along with corresponding verification proofs. In this paper, we propose an efficient and privacyprotected delegation scheme for matrix multiplication (EPPDMM) of amortized model. EPP-DMM can realize efficient public verification together with sensitive protected data. Security analysis proves the reliability and security of our scheme, while performance evaluation presents the efficiency compared with other schemes.

Mathematics,Computer Science

Zhengkai Li,Zhenfu Cao,Jiachen Shen,Xiaolei Dong

DOI: https://doi.org/10.1109/icfeict57213.2022.00084

2022-01-01

Abstract:We propose a new scheme for privacy-preserving outsourced calculation. With the help of this scheme, a user on a local host can securely transfer his sensitive information to a cloud platform for processing and storage avoiding disclosing the original information to the unreliable cloud and prying eyes. In addition, the Cloud Platform (CP) can carry out specifical operations on ciphertexts with the help of a Cryptographic Service Provider (CSP) according to the user's requests and send the results to user in the form of ciphertext. Furthermore, data encrypted with multiple keys can also be calculated together, and the computed results will be decrypted by an authorized receiver. We not only implement addition and multiplication operations on ciphertexts, but also design an efficient comparison protocol on ciphertexts (the operations are all in encrypted domain). We then show the security of our encryption and the suggested secure computation sub-protocols. We use a one-way trapdoor permutation and a symmetric somewhat homomorphic encryption as the framework's building blocks rather than the fully homomorphic encryption (FHE) technique. Finally, we use simulations to show the effectiveness and extraordinary efficiency of our suggested scheme.

Xuelian Li,Hui Li,Juntao Gao,Runsong Wang

DOI: https://doi.org/10.1016/j.jisa.2023.103463

IF: 4.96

2023-01-01

Journal of Information Security and Applications

Abstract:As the world grapples with the COVID-19 and its variants, multi-user collaboration by means of cloud computing is ubiquitous. How to make better use of cloud resources while preventing user privacy leakage has become particularly important. Multi-key homomorphic encryption(MKHE) can effectively deal with the privacy disclosure issue during the multi-user collaboration in the cloud computing setting. Firstly, we improve the DGHV homomorphic scheme by modifying the selection of key and the coefficients in encryption, so as to eliminate the restriction on the parity of the ciphertext modulus in the public key. On this basis, we further propose a DGHV-type MKHE scheme based on the number theory. In our scheme, an extended key is introduced for ciphertext extension, and we prove that it is efficient in performance analysis. The semantic security of our schemes is proved under the assumption of error-free approximate greatest common divisor and the difficulty of large integer factorization. Furthermore, the simulation experiments show the availability and computational efficiency of our MKHE scheme. Therefore, our scheme is suitable for the multi-user scenario in cloud environment.