Securely Outsourcing Computations using Homomorphic Encryption.
Technische Universität, Darmstadt
[Ph.D. Thesis], (2013)
Available under Creative Commons Attribution Non-commercial No Derivatives, 2.5.
Download (885kB) | Preview
|Item Type:||Ph.D. Thesis|
|Title:||Securely Outsourcing Computations using Homomorphic Encryption|
Web-servers are a dominant medium of modern communication and thus process vast amounts of highly sensitive, private data. Social networks, online auctions, and all kinds of cloud services constitute popular examples of online services complying with this paradigm. Due to many alarming scandals regarding the misuse of private data, IT security solutions protecting this sensitive data (for example by hiding it through encryption) are indispensable. Ideally, web-servers should be able to compute on private data without seeing it - we refer to this as the "Secure Outsourcing of Computation". Most notably, the cryptographic primitive of Homomorphic Encryption (HE) enables the web-servers to process data in the encrypted domain, which thereby hides/protects all private data as it is never available in the clear. More precisely, HE is a type of encryption that allows for the computation of certain functionalities on encrypted data without knowledge of the decryption key. Depending on the HE scheme, various functionalities can be evaluated in the encrypted domain, ranging from additions or multiplications only (Group Homomorphic Encryption, GHE), to virtually any computable functionality (Fully Homomorphic Encryption, FHE).
We provide a clean foundational framework for HE that permits security characterizations for a large class of HE schemes and shows strong similarities between GHE and FHE. We study these characterizations in order to assess the limits of HE, and show that GHE is obsolete in the quantum world, meaning that any GHE scheme can be broken by a quantum computer. Together with our newly constructed universal blueprint that encompasses virtually any GHE scheme, we know exactly how these schemes must be designed and what the underlying hardness assumptions must look like. To some extent, this rounds off the topic of GHE both in the standard and quantum model of computation.
In the standard model (which is presently assumed to be the most realistic model of computation), GHE is still highly attractive as it provides very efficient solutions to a variety of practical problems. On the basis of our foundational framework, we construct new GHE schemes with unique features and show their employability in practical applications. Most importantly, we use the special features of one of these schemes and develop a novel technique to achieve a practically efficient solution to the problem of securely outsourcing computations. Our construction allows multiple users to send encryptions of their private data under their own keys to a distrusted web-server that can then, on behalf of the users, evaluate any dynamically chosen computable function on these inputs in the encrypted domain (even across encryptions under different public keys) without learning anything at all, and without interacting with the users.
|Place of Publication:||Darmstadt|
|Classification DDC:||000 Allgemeines, Informatik, Informationswissenschaft > 004 Informatik|
|Divisions:||20 Department of Computer Science|
|Date Deposited:||02 May 2013 09:15|
|Last Modified:||07 May 2013 13:36|
|Referees:||Katzenbeisser, Prof. Dr. Stefan and Armknecht, Prof. Dr. Frederik|
|Refereed:||22 February 2013|