Homomorphic Encryption

Weir, Brandon

January 2013

In this thesis, we provide a summary of fully homomorphic encryption, and in particular, look at the BGV encryption scheme by Brakerski, Gentry, and Vaikuntanathan; as well the DGHV encryption scheme by van Dijk, Gentry, Halevi, and Vaikuntanathan. We explain the mechanisms developed by Gentry in his breakthrough work, and show examples of how they are used. While looking at the BGV encryption scheme, we make improvements to the underlying lemmas dealing with modulus switching and noise management, and show that the lemmas as currently stated are false. We then examine a lower bound on the hardness of the Learning With Errors lattice problem, and use this to develop specific parameters for the BGV encryption scheme at a variety of security levels. We then study the DGHV encryption scheme, and show how the somewhat homomorphic encryption scheme can be implemented as both a fully homomorphic encryption scheme with bootstrapping, as well as a leveled fully homomorphic encryption scheme using the techniques from the BGV encryption scheme. We then extend the parameters from the optimized version of this scheme to higher security levels, and describe a more straightforward way of arriving at these parameters.

Homomorphic Encryption

Lattices

Cryptography

Learning With Errors

Combinatorics and Optimization

Homomorphic Encryption

Weir, Brandon

January 2013

In this thesis, we provide a summary of fully homomorphic encryption, and in particular, look at the BGV encryption scheme by Brakerski, Gentry, and Vaikuntanathan; as well the DGHV encryption scheme by van Dijk, Gentry, Halevi, and Vaikuntanathan. We explain the mechanisms developed by Gentry in his breakthrough work, and show examples of how they are used. While looking at the BGV encryption scheme, we make improvements to the underlying lemmas dealing with modulus switching and noise management, and show that the lemmas as currently stated are false. We then examine a lower bound on the hardness of the Learning With Errors lattice problem, and use this to develop specific parameters for the BGV encryption scheme at a variety of security levels. We then study the DGHV encryption scheme, and show how the somewhat homomorphic encryption scheme can be implemented as both a fully homomorphic encryption scheme with bootstrapping, as well as a leveled fully homomorphic encryption scheme using the techniques from the BGV encryption scheme. We then extend the parameters from the optimized version of this scheme to higher security levels, and describe a more straightforward way of arriving at these parameters.

Homomorphic Encryption

Lattices

Cryptography

Learning With Errors

Combinatorics and Optimization

Homomorphic Encryption on the IoT

Wang, Han

January 2018

Security is always a big problem in IoT (internet of things),when it comes to IoT, there must have cloud computing because many devices in IoT are small embedded devices and they don’t always have enough power to finish some complex calculations. Then, they need to take advantage of a third party system especially cloud at present to finish some operations, but the cloud is not safe enough now, in which some important and private information may be leaked, then people introduce homomorphic encryption which can do calculation on encrypted data. To meet the modern needs for random calculations in which the operation can have random times’ addition and multiplication, researchers are trying to make fully homomorphic encryption practical. So in my thesis, I would choose one fully homomorphic encryption scheme to implement a detailed IoT scenario using some IoT devices such as laptop and raspberry pi. Then I would use performance measurements such as response time calculations to do the performance evaluation such as effectiveness and scalability for this technique. Finally, I find some relationship between different parameters and response time, and also effectiveness, scalability in results and conclusion part.

Security

IoT

Fully homomorphic encryption

Software Engineering

Programvaruteknik

Data aggregation using homomorphic encryption in wireless sensor networks

Ramotsoela, Tsotsope Daniel

January 2015

Wireless sensor networks have become increasingly popular in many applications such as environment monitoring and law enforcement. Data aggregation is a method used to reduce network traffic but cannot be used together with conventional encryption schemes because it is not secure and introduces extra overhead. Homomorphic encryption is an encryption scheme that allows data processing on encrypted data as opposed to plaintext. It has the benefit that each intermediate node does not have to decrypt each packet, but the resulting cyphertext is usually much larger than the original plaintext. This could negatively affect system performance because the energy consumption of each node is directly proportional to the amount of data it transmits. This study investigates the benefits and drawback of using homomorphic encryption in the aggregation process particularly in the context of scalable networks. It was found that conventional encryption outperforms the homomorphic encryption for smaller networks, but as the network size grows, homomorphic encryption starts outperforming conventional encryption. It was also found that the homomorphic encryption scheme does significantly reduce the performance of plaintext aggregation. This performance reduction will however be acceptable for most applications where security is a concern. / Draadlose sensornetwerke raak toenemend meer gewild vir heelwat verskillende toepassings, soos byvoorbeeld opgewingsmonitering en wetstoepassing. Data-aggregasie is n metode wat gebruik word om netwerkverkeer te verminder, maar kan nie gebruik word saam met konvensionele enkripsie-skemas nie, omdat dit nie veilig is nie en oorhoofse koste verhoog. Homomorfiese enkripsie is n enkripsie-skema wat dataverwerking toelaat op geënkripteerde in teenstelling met gewone-teks. Dit het die voordeel dat elke intermediêre nie nodig het om elke pakkie te dekripteer nie, maar die resulterende kodeteks is gewoonlik heelwat groter as die gewone-teks. Dit kan die stelselgedrag negatief beÏnvloed omdat die energieverbruik van elke node eweredig is aan die hoeveelheid data wat dit versend. Hierdie studie ondersoek die voor- en nadele van homomorfiese enkripsie in die aggregasieproses, veral in die konteks van skaleerbare netwerke. Daar is gevind dat konvensionele enkripsie beter vaar as homomorfies enkripsie in kleiner netwerke. Die omgekeerde is waar vir groter netwerke. Dit is ook gevind dat homomorfiese enkripsie gewone-teks-aggregasie negatief beÏnvloed, maar dit word as aanvaarbaar beskou vir toepassings waar sekuriteit belangrik is. / Dissertation (MEng)--University of Pretoria, 2015. / Electrical, Electronic and Computer Engineering / Meng / Unrestricted

UCTD

Wireless sensor networks

Homomorphic encryption

Network security

Aggregation

Efficient Fully Homomorphic Encryption and Digital Signatures Secure from Standard Assumptions / 標準仮定の下で安全で効率的な完全準同型暗号とディジタル署名

Hiromasa, Ryo

23 March 2017

京都大学 / 0048 / 新制・課程博士 / 博士(情報学) / 甲第20511号 / 情博第639号 / 新制||情||111(附属図書館) / 京都大学大学院情報学研究科社会情報学専攻 / (主査)教授 石田 亨, 教授 中村 佳正, 教授 岡部 寿男, 岡本 龍明 / 学位規則第4条第1項該当 / Doctor of Informatics / Kyoto University / DFAM

Fully Homomorphic Encryption

Digital Signatures

Blind Signatures

LWE

RSA

007

A Framework for Secure Logging and Analytics in Precision Healthcare Cloud-based Services

Moghaddam, Parisa

12 July 2022

Precision medicine is an emerging approach for disease treatment and prevention that delivers personalized care to individual patients by considering their genetic make- ups, medical histories, environments, and lifestyles. Despite the rapid advancement of precision medicine and its considerable promise, several underlying technological chal- lenges remain unsolved. One such challenge of great importance is the security and privacy of precision health–related data, such as genomic data and electronic health records, which stifle collaboration and hamper the full potential of machine-learning (ML) algorithms. To preserve data privacy while providing ML solutions, this thesis explores the feasibility of machine learning with encryption for precision healthcare datasets. Moreover, to ensure audit logs’ integrity, we introduce a blockchain-based secure logging architecture for precision healthcare transactions. We consider a sce- nario that lets us send sensitive healthcare data into the cloud while preserving privacy by using homomorphic encryption and develop a secure logging framework for this precision healthcare service using Hyperledger Fabric. We test the architecture by generating a considerable volume of logs and show that our system is tamper-resistant and can ensure integrity. / Graduate

Precision healthcare

Cloud services

Homomorphic encryption

Machine learning

GPUHElib and DistributedHElib: Distributed Computing Variants of HElib, a Homomorphic Encryption Library

Frame, Ethan Andrew

01 June 2015

Homomorphic Encryption, an encryption scheme only developed in the last five years, allows for arbitrary operations to be performed on encrypted data. Using this scheme, a user can encrypt data, and send it to an online service. The online service can then perform an operation on the data and generate an encrypted result. This encrypted result is then sent back to the user, who decrypts it. This decryption produces the same data as if the operation performed by the online service had been performed on the unencrypted data. This is revolutionary because it allows for users to rely on online services, even untrusted online services, to perform operations on their data, without the online service gaining any knowledge from their data. A prominent implementation of homomorphic encryption is HElib. While one is able to perform homomorphic encryption with this library, there are problems with it. It, like all other homomorphic encryption libraries, is slow relative to other encryption systems. Thus there is a need to speed it up. Because homomorphic encryption will be deployed on online services, many of them distributed systems, it is natural to modify HElib to utilize some of the tools that are available on them in an attempt to speed up run times. Thus two modified libraries were designed: GPUHElib, which utilizes a GPU, and DistributedHElib, which utilizes a distributed computing design. These designs were then tested against the original library to see if they provided any speed up.

GPU

Distributed computing

Homomorphic encryption

HElib

Computer Sciences

Information Security

Evaluating performance of homomorphic encryption applied on delta encoding / Prestandautvärdering av homomoprhisk kryptering applicerat på delta enkodning

Dani, János Richard

January 2022

Homomorphic encryption is an encryption scheme that allows for simple operations on encrypted data. These operations are mainly boolean circuits combined into more complexarithmetic operations, rotations, and others. Homomorphic encryption was first implemented in 2009, and in the following decade, many different versions emerged. The early schemes were mainly proof of concepts. In contrast, the later schemes have been used in practical applications such as databases where queries were done without any decryption on the server. Another practical example is genome sequencing which benefits from utilizing supercomputers but the data is very sensitive. With the help of homomorphic encryption it was shown that this could be done without having any unencrypted data on the server. While these applications have different success rates, a field that have not been investigated is the use of homomorphic encryption with delta encoding. Delta encoding is a method of encoding a set (e.g., a set of characters) such that the set is expressed as an original (a starting point) with deltas (changes). A typical use case for delta encoding is: A user wants to edit a file located on the cloud and to save bandwidth, the user could encode a delta locally. This delta could then be sent to the cloud service and decoded together with the original version to create the updated version on the cloud. However, there is a privacy infringement risk with this. When standard encryption is used, the delta and the original must be decrypted to perform the decoding. If a malicious actor gains access to the data on the cloud machine, they would then have access to unencrypted data. For example, the cloud provider could snoop on its customers or have a policy that lets them use the users’ data. Homomorphic encryption would make it much harder since the data would still be encrypted while the decoding is performed. However, homomorphic encryption comes with a great overhead and is complex to tune, even with today’s libraries.To investigate the combination of homomorphic encryption and delta encoding, a testbed is created where a client and server act as user and cloud provider. Thetest bed consists of different configurations of delta encodings and homomorphic encryption schemes running different test cases. The configurations range from non-encrypted to homomorphically encrypted with different kinds of delta encodings to investigate the performance overhead of utilizing homomorphic encryption. The different tests are created to show what kind of overhead can be expected in different scenarios and which operations take the most time. With this testbed and these test cases, the results showed a substantial overhead with using homomorphic encryption. However, many optimizations could be done to increase efficiency and make homomorphic encryption a viable solution. For example, the decoding algorithm could be optimized to use homomorphic operations more efficiently. The tests showed that most of the runtime, when using homomorphic encryption, is on the server. Most of the runtime for the client are one-time operations, which consist of creating keys that can be reused.

homomorphic encryption

delta encoding

performance test

Computer Sciences

Datavetenskap (datalogi)

Incorporating Obfuscation Techniques in Privacy Preserving Database-Driven Dynamic Spectrum Access Systems

Zabransky, Douglas Milton

11 September 2018

Modern innovation is a driving force behind increased spectrum crowding. Several studies performed by the National Telecommunications and Information Administration (NTIA), Federal Communications Commission (FCC), and other groups have proposed Dynamic Spectrum Access (DSA) as a promising solution to alleviate spectrum crowding. The spectrum assignment decisions in DSA will be made by a centralized entity referred to as as spectrum access system (SAS); however, maintaining spectrum utilization information in SAS presents privacy risks, as sensitive Incumbent User (IU) operation parameters are required to be stored by SAS in order to perform spectrum assignments properly. These sensitive operation parameters may potentially be compromised if SAS is the target of a cyber attack or an inference attack executed by a secondary user (SU). In this thesis, we explore the operational security of IUs in SAS-based DSA systems and propose a novel privacy-preserving SAS-based DSA framework, Suspicion Zone SAS (SZ-SAS), the first such framework which protects against both the scenario of inference attacks in an area with sparsely distributed IUs and the scenario of untrusted or compromised SAS. We then define modifications to the SU inference attack algorithm, which demonstrate the necessity of applying obfuscation to SU query responses. Finally, we evaluate obfuscation schemes which are compatible with SZ-SAS, verifying the effectiveness of such schemes in preventing an SU inference attack. Our results show SZ-SAS is capable of utilizing compatible obfuscation schemes to prevent the SU inference attack, while operating using only homomorphically encrypted IU operation parameters. / Master of Science / Dynamic Spectrum Access (DSA) allows users to opportunistically access spectrum resources which were previously reserved for use by specified parties. This spectrum sharing protocol has been identified as a potential solution to the issue of spectrum crowding. This sharing will be accomplished through the use of a centralized server, known as a spectrum access system (SAS). However, current SAS-based DSA proposals require users to submit information such as location and transmission properties to SAS. The privacy of these users is of the utmost importance, as many existing users in these spectrum bands are military radars and other users for which operational security is pivotal. Storing the information for these users in a central database can be an major privacy issue, as this information could be leaked if SAS is compromised by a malicious party. Additionally, malicious secondary users (SUs) may perform an inference attack, which could also reveal the location of these military radars. In this thesis, we demonstrate a SAS-framework, SZ-SAS, which allows SAS to function without direct knowledge of user information. We also propose techniques for mitigating the inference attack which are compatible with SZ-SAS

Dynamic Spectrum Access

Inference Attack

Spectrum Efficiency

Homomorphic Encryption

Inclusion of Priority Access in a Privacy-preserving ESC-based DSA System

Lu, Chang

21 August 2018

According to the Federal Communications Commission's rules and recommendations set forth for the 3.5 GHz Citizens Broadband Radio Service, a three-tiered structure shall govern the newly established shared wireless band. The three tiers are comprised of three different levels of spectrum access; Incumbent Access, Priority Access and General Authorized Access. In accordance and fulfillment with this dynamic spectrum access framework, we present the inclusion of Priority Access tier into a two-tiered privacy-preserving ESC-based dynamic spectrum access system. / Master of Science / With the development of wireless communication technologies, the number of wireless communication reliant applications has been increasing. Most of these applications require dedicated spectrum frequencies as communication channels. As such, the radio frequency spectrum, utilized and allocated for these wireless applications, is depleting. This problem can be alleviated by adopting dynamic spectrum access schemes. The current static spectrum allocation scheme assigns designated spectrum frequencies to specific users. This static frequency management approach leads to inefficient frequency utilization as the occupation of frequency channels may vary depending upon time periods. Dynamic spectrum access schemes allow unlicensed users opportunistic access to vacant spectrum spaces. Thus, the adoption of these spectrum sharing schemes will increase the efficiency of spectrum utilization, and slow down the spectrum depletion. However, the design and implementation of these schemes face different challenges. These spectrum sharing systems need to guarantee the privacy of the involved parties while maintaining specific functionalities required and recommended by the Federal Communications Commission. In this thesis, we present the inclusion of a three-tiered frame, approved by the Federal Communications Commission, into a privacy-preserving dynamic spectrum system.

Dynamic Spectrum Access

Homomorphic encryption

Privacy-preserving

Three-Tiered Frame