Conference PaperPDF Available

Cloud Computing Algebra Homomorphic Encryption Scheme Based on Fermat's Little Theorem

Authors:

Abstract

Although cloud computing is growing rapidly, a key challenge is to build confidence that the cloud can handle data securely. Data is migrated to the cloud after encryption. However, this data must be decrypted before carrying out any calculations; which can be considered as a security breach. Homomorphic encryption solved this problem by allowing different operations to be conducted on encrypted data and the result will come out encrypted as well. In this paper, we propose the application of Algebraic Homomorphic Encryption Scheme based on Fermat's Little Theorem on cloud computing for better security.
1
Cloud Computing Algebra Homomorphic Encryption
Scheme Based on Fermat's Little Theorem
Reem Alattas & Khaled Elleithy
Computer Science & Engineering Department
University of Bridgeport
ralataas@bridgeport.edu & elleithy@bridgeport.edu
AbstractAlthough cloud computing is
growing rapidly, a key challenge is to build
confidence that the cloud can handle data
securely. Data is migrated to the cloud after
encryption. However, this data must be
decrypted before carrying out any calculations;
which can be considered as a security breach.
Homomorphic encryption solved this problem by
allowing different operations to be conducted on
encrypted data and the result will come out
encrypted as well. In this paper, we propose the
application of Algebraic Homomorphic
Encryption Scheme based on Fermat's Little
Theorem on cloud computing for better security.
Index TermsCloud computing, homomorphic
encryption, security, algebra homomorphism.
INTRODUCTION
Cloud computing opens up a new world of
opportunities, but mixed in with these opportunities
are numerous security challenges that need to be
considered and addressed. Among these challenges
are availability, third party control, and data
security. Data in the cloud is usually globally
distributed which raises concerns about jurisdiction,
data exposure, and privacy. If all data stored in the
cloud was encrypted, that would effectively solve
many issues. However, a user would be unable to
leverage the power of the cloud to carry out
computation on data without first decrypting it, or
shipping it entirely back to the user for computation.
The cloud provider thus has to decrypt the data first,
perform the computation then send the result to the
user.
Homomorphic encryption schemes allow the
transformation of cipher-text C(m) of message m, to
cipher-text C(f(m)) of a computation/function of
message m, without disclosing the message.
Therefore, the user could carry out any arbitrary
computation on the hosted data without the cloud
provider intervention.
In this paper, we propose applying Algebra
Homomorphic Encryption Scheme Based on
Fermat's Little Theorem (AHEF) on cloud
computing to solve the data security and third party
control issues. AHEF is based on the concept of
fully homomorphism and Fermat's little theorem.
This paper structure is as follows: related work
and approaches are discussed in section II. Then,
section III gives a brief overview of homomorphic
encryption and introduces the application of AHEF
on cloud computing. The scheme of the new
methodology is described in Section IV. Finally, we
give a short summary of our contributions in section
V.
RELATED WORK
In 1978, Ronald Rivest, Leonard Adleman and
Michael Dertouzos introduced for the first time the
concept of Homomorphic encryption. Since then,
little progress has been made for almost 30 years.
The encryption system of Shafi Goldwasser and
Silvio Micali, that was proposed in 1982, was an
additive Homomorphic encryption, but it could
encrypt only a single bit. In the same notion, Pascal
Paillier proposed a provable security encryption
system in 1999 that was also an additive
Homomorphic encryption. Few years later, in 2005,
Dan Boneh, Eu-Jin Goh and Kobi Nissim invented a
2
security system that can perform an unlimited
number of additions but only one multiplication.
Most recently, Craig Gentry proposed the first
fully homomorphic encryption scheme in 2009. That
system evaluates an arbitrary number of additions
and multiplications; and thus computes a function of
any type on the encrypted data.
The application of fully homomorphic encryption
is an important brick in cloud computing security.
Generally, we could outsource the calculations on
confidential data to the cloud, while keeping the
secret key to decrypt the result of calculation.
HOMOMORPHIC ENCRYPTION
The proposed algebraic homomorphic encryption
scheme is based on the concept of fully
homomorphism, and uses a subset of it. It is also
based on Fermat's little theorem and Fraction
Module.
Fermat's little theorem is one of the four number
theorems. It states that if p is a prime number, then
for any integer a, the number a
p
a is an integer
multiple of p. In the notation of modular arithmetic,
this is expressed as

If a is not divisible by p, Fermat's little theorem is
equivalent to the statement that a
p 1
1 is an
integer multiple of p:


Fraction Module is simply a new operation.
When discussing homomorphic encryption in this
paper, we call this operation similar module
operation, and use the symbol smod to present it.
Algebra Homomorphic Encryption Scheme Based
on Fermat's Little Theorem (AHEF)
Xiang and Cui came up with the Algebraic
Homomorphism Encryption Scheme based on
Fermat's Little Theorem (AHEF), which can be
described as follows:
1) Select two large secure primes p and q.
Let N = pq, such that p and q are secret,
and N is public.
2) A rational number x can be expressed as
the fraction form:
x=x
a
/x
b
, such that the numerator x
a
is an
integer, and the denominator is a positive
integer.
3) Select a random integer r. The
encryption algorithm is E (x), and the
encrypted cipher text is:
c=E(x)=fmod((x
a
/x
b
)
r(p−1)+1
, N).
4) Decryption algorithm is D( ), such
that x = D (c) = fmod (c, p).
A fully homomorphic encryption scheme, such as
AHEF, must respect both addition and
multiplication operations as shown below.
Multiplicative Homomorphism: Let x and y be
rational numbers, then AHEF meets the
multiplicative homomorphism, i.e.
E(xy) = fmod(E(x)E(y), N), or
xy = D(E(x)E(y)) = fmod(E(x)E(y),p).
Additive Homomorphism: Let x and y be rational
numbers, then AHEF meets additive
homomorphism, i.e.
E(x+y) = fmod(E(x)+E(y),N), or
x+y = D(E(x)+E(y)) = fmod(E(x)+E(y),p).
A simple example to verify the nature of
algebraic homomorphism of AHEF is given below.
Selecting p = 173, q = 199, then N = pq = 34427.
Let x = 2.4 and y = -1.75. Now, we will express x
and y as fractions:

Then, we will randomly select r
x
=17, r
y
=26.
AHEF can be used to encrypt x and y:
 






 






Multiplicative Homomorphism:

















3
Additive homomorphism:

 

 








 
 


 


 



 



 
The security of AHEF algorithm is based on the
difficulty of dividing by a large integer. Due to the
random number being used in the encryption
process, for the same plaintext x, the two encrypted
results are not the same, i.e. E1(x)
E2(x), but
D(E1 (x)) = D(E2 (x)).This feature guarantees that
users can not infer the original data through
statistical laws. More security properties can be
found in [1].
AHEF SCHEME
Figure 1. AHEF Applied to Cloud Computing
As shown in figure 1, the process will start by
sending the encrypted data to the cloud provider.
The user can access the encrypted data on the cloud.
Moreover, she can do calculations on that encrypted
data, get the encrypted result. Then, decrypt the
result on premise for better security.
SUMMARY
In this paper, AHEF algorithm was applied to
cloud computing in order to carry out different
calculations on encrypted data without decryption.
The obtained result is encrypted as well and can be
decrypted securely on premise.
REFERENCES
[1] Xiang Guangli; Cui Zhuxiao; , "The Algebra
Homomorphic Encryption Scheme Based on
Fermat's Little Theorem," Communication
Systems and Network Technologies (CSNT),
2012 International Conference on , vol., no.,
pp.978-981, 11-13 May 2012
[2] Tebaa, M.; El Hajji, S.; El Ghazi, A.; ,
"Homomorphic encryption method applied to
Cloud Computing," Network Security and
Systems (JNS2), 2012 National Days of , vol.,
no., pp.86-89, 20-21 April 2012
[3] Brenner, M.; Wiebelitz, J.; von Voigt, G.;
Smith, M.; , "Secret program execution in the
cloud applying homomorphic encryption,"
Digital Ecosystems and Technologies
Conference (DEST), 2011 Proceedings of the
5th IEEE International Conference on , vol., no.,
pp.114-119, May 31 2011-June 3 2011
[4] R. Rivest, A. Shamir, and L. Adleman. A
method for obtaining digital signatures and
public key cryptosystems. Communications of
the ACM, 21(2) :120-126, 1978. Computer
Science, pages 223-238. Springer, 1999.
[5] Taher ElGamal. A public key cryptosystem and
a signature scheme based on discrete
logarithms. IEEE Transactions on Information
Theory, 469-472, 1985.
[6] Craig Gentry, A Fully Homomorphic
Encryption Scheme, 2009.
[7] WiebBosma, John Cannon, and Catherine
Playoust. The Magma algebra system I: The
user language. J. Symbolic Comput., 24(3-4):
235-265,1997. Computational algebra and
number theory ,London,1993.
[8] Ronald L. Rivest, Leonard Adleman, and
Michael L. Dertouzos. On Data Banks and
Privacy Homomorphisms, chapter On Data
Banks and Privacy Homomorphisms, pages 169
180. Academic Press, 1978.
[9] Dan Boneh, Eu-Jin Goh, and Kobbi Nissim.
Evaluating 2-DNF formulas on ciphertexts. In
Theory of Cryptography Conference,
TCC'2005, volume 3378 of Lecture Notes in
Computer Science, pages 325-341. Springer,
2005.
4
[10] Domingo-Ferrer J , Herrera-Joancomart i J.
A new privacy homomorphism and applications
[ J ]. Information Processing Letters, 1996, 60
(5) : 277-282.
[11] T. Sander and C. Tschudin. Towards mobile
cryptography. In Proceedings of the IEEE
Symposium on Security and Privacy, Oakland,
CA, 1998. IEEE Computer Society Press.
[12] N. Karnik. Security in Mobile Agent
Systems. PhD thesis, Department of Computer
Science and Engineering. University of
Minnesota, 1998.
[13] Yao A.C. How to generate and exchange
secrets[C].The 27th IEEE Symp on Foundations
of Computer Science(FOCS)
Toronto,Canada:IEEE,1986:162-167
[14] Chen L.and Gao C.M.Public Key
Homomorphism Based on Modified ElGamal in
Real Domain[A].2008 International Conference
on Computer Science and Software
Engineering[C].Wuhan, Hubei, China: IEEE
Computer Society,2008:802-805
[15] Xing G.L.,Chen X.M.,and Zhu P.,et al.A
Method of Homomorphic Encryption[J]. Wuhan
University Journal of Natural Sciences, 2006,
11(1):181-184.
[16] Zhu P.,He Y.X.,and Xiang G.L.
Homomorphic encryption scheme of the
rational[A]. 2006 International Conference on
Wireless Communications, Networking and
Mobile Computing, WiCOM 2006[C].Piscata
way: IEEE Computer Society,2007:1-4
[17] Fontaine C.and Galand F.A Survey of
Homomorphic Encryption for Nonspecialists[J].
EURASIP Journal on Information
Security,2007,Vol.2007:1-9
[18] M. Ajtai. Generating hard instances of
lattice problems (extended abstract). STOC ’96,
pp. 99108.
[19] M. Ajtai and C. Dwork. A public key
cryptosystem with worst-case / average-case
equivalence. STOC ’97, pp. 284–293.
[20] J.H. An, Y. Dodis, and T. Rabin. On the
security of joint signature and encryption.
Eurocrypt ’02, pp. 83–107.
[21] F. Armknecht and A.-R. Sadeghi. A new
approach for algebraically homomorphic
encryption. Eprint 2008/422.
[22] L. Babai. On Lov´asz’s lattice reduction and
the nearest lattice point problem. Combinatorica
6 (1986), 114.
[23] D. Barrington. Bounded-width polynomial-
size branching programs recognize exactly those
languages in NC1. STOC ’86, pp. 1–5.
[24] D. Beaver. Minimal-latency secure function
evaluation. Eurocrypt ’00, pp. 335–350.
[25] J. Benaloh. Verifiable secret-ballot
elections. Ph.D. thesis, Yale Univ., Dept. of
Comp. Sci., 1988.
[26] J. Black, P. Rogaway, and T. Shrimpton.
Encryption-scheme security in the presence of
key-dependent messages. SAC ’02, pp. 6275.
[27] M. Blaze, G. Bleumer, and M. Strauss.
Divertible protocols and atomic proxy
cryptography. Eurocrypt ’98, pp. 127–144.
[28] D. Boneh, E.-J. Goh, and K. Nissim.
Evaluating 2-DNF formulas on ciphertexts.
TCC ’05, pp. 325–341.
[29] D. Boneh, S. Halevi, M. Hamburg, and R.
Ostrovsky. Circular-Secure Encryption from
Decision Diffie-Hellman. Crypto ’08, pp. 108–
125.
[30] D. Boneh and R. Lipton. Searching for
Elements in Black-Box Fields and Applications.
Crypto ’96, pp. 283–297.
... Further, comparision is being performed based on main four specialities -"Homomorphic Encryption type", "Privacy of data", "Security applied to" and "the keys used". Reem Alattas et al. [3] introduced the application of Algebraic Homomorphic Encryption mechanism, based on Fermat's Little Theorem on cloud computing for better security. To fix the challenging problem of data privacy along with confidentiality in the cloud, Fully Homomorphic Encryption(FHE) mechanism is an explication, where the encrypted information can be handled, and it returns the results in encrypted manner. ...
Article
Full-text available
and its several services associated with its scalable data centers in the cloud and can be obtained from the Internet. Computing gives an added amount of risk as vital services which are usually deployedtoanythirdparty,whichcreatesthedifficultytoenabledata security, privacy factor, confidentiality, integrity, and authentication. Most of the users prefer to store their data inside the cloud in an encrypted/unoriginal format to decrease the security concerns. However, to perform any operation on data at server, cloud needs tofirstdecryptthedata.Thisoperationmightcausethechallenging issues like - confidentiality along with privacy of confidential data, stored inside the cloud. Here, This paper presents state of the art in this Homomorphic Encryption (HE) domain, and solve the problems of confidentiality and privacy of stored data in a cloud. HE is a kind of encryption mechanism that give ability to users for computations to be prosecuted on cipher text itself, thus producing an unoriginal/encrypted resultwhendecrypteditshowssimilarityontheresultofoperations prosecutedontheplaintext.HomomorphicEncryptionisgenerally of two types i.e. Partial Homomorphic encryption (PHE) and Fully Homomorphic Encryption (FHE). FHE considered to be as more secureandefficientintheformofthirdpartycomputations,sinceit gains the advantage of both properties - Additive as well as multiplicativehomomorphism.Basedontheresearchdoneinpastyears, identificationoftheproblemintheexistingsystemisalsopresented in this paper and have given our future research directions.
Conference Paper
Full-text available
When the data transferred to the Cloud we use standard encryption methods to secure this data, but when we want to do the calculations on data located on a remote server, it is necessary that the Cloud provider has access to the raw data, and then it will decrypt them. In this paper we propose the application of a method to perform the operation on encrypted data without decrypted and provide the same result as well that the calculations were carried out on raw data.
Article
Full-text available
A growing number of compute and data storage jobs is performed on remote resources. In a cloud environment the customer can't be sure where a particular job is physically executed and thus cannot rely on the security and confidentiality of the remote resource. A solution for this problem is operating on encrypted functions and encrypted data. This enables a customer to generate a program that can be executed by a third party, without revealing the underlying algorithm or the processed data. This helps securing applications and data in a distributed digital ecosystem. We present a method to compute a secret program on an untrusted resource using fully homomorphic encrypted circuits. We sketch an algebraic homomorphism as a cryptographic foundation and define a sample system architecture for which we provide a software implementation. Our concept solves the problems of encrypted storage access with encrypted addresses and encrypted branching: in contrast to other approaches, like static one-pass circuit simulations, our system supports dy- namic parameters and non-linear programs, that render branch- decisions at runtime and cannot be represented in a circuit with hard-wired in-circuit parameters and data. Our implementation comprises the runtime environment for an encrypted program and an assembler to generate the encrypted machine code. Index Terms—homomorphic encryption, secure function eval- uation, encrypted program execution, encrypted memory access, encrypted branching, mobile code security I. INTRODUCTION The ability to securely delegate computation to a remote resource provider is becoming a key feature in resource outsourcing and cloud computing, where programs and data are distributed over a wide network of machines and resources that can no longer be controlled by the customer. The customer has to trust the resource provider, because to date all software - once transmitted to the remote resource provider - is executed in unencrypted form and is entirely under the control of the resource owner. There is a need for a mechanism to operate on encrypted programs and data. A solution to this is fully homomorphic encryption, which has often been called the cryptographer's holy grail. Once the mathematical foundation has been established (1), we need further procedures and an architecture that enable a reasonable application of encrypted additions and multipli- cations on single bits. It's essentially this, what the latest homomorphic systems provide. Our goal is the construction of a generic runtime container that is capable of executing arbitrary encrypted programs, operating on encrypted data. In this paper we present a method to compute an encrypted program on an untrusted resource using fully homomorphic encrypted circuits. To avoid the reader's distraction and for a more readable discourse, we introduce a simple algebraic homomorphism as a cryptographic foundation to present our concept. We define a sample system architecture for which we provide a software implementation. Our concept solves the problems of encrypted storage access with encrypted addresses and encrypted branching: in contrast to other approaches, like Yao's Garbled Circuits (2) and several extensions such as (3) and (4), our system supports non-linear programs, dynamic parameters and subsequent provision of encrypted input data that can easily be written into the encrypted memory. We support programs that render dynamic branch-decisions at runtime, even allow self-modifying code and thus cannot be represented in a one-pass circuit. We achieve this by applying a cipherspace lock up strategy that seals program code and data entirely in the encrypted domain, which is a closed algebraic system. Our concept also solves the problem of both protecting an executing host from malicious code and protecting mobile code from a malicious host. The paper structure is as follows: Related work and other interesting approaches are discussed in Section II. Section III gives a brief overview of homomorphic encryption and describes a simple algebraic homomorphism that is used as a reference model for the description of our concept. Section IV introduces our approach of homomorphically encrypting circuits using an integer representation. We also introduce processor primitives that are described in detail, both in boolean and encryptable integer logic. Section V gives an overview of different use cases for our system in a distributed or cloud environment. Applying the foundation of encrypted circuits, we discuss our software implementation and provide basic performance figures in Section VI. Our future work and lessons learned from the implementation are presented in Section VII. We give a short summary of our contributions in Section VIII.
Conference Paper
We formally study the notion of a joint signature and encryption in the public-key setting. We refer to this primitive as signcryption, adapting the terminology of [35]. We present two definitions for the security of signcryption depending on whether the adversary is an outsider or a legal user of the system. We then examine generic sequential composition methods of building signcryption from a signature and encryption scheme. Contrary to what recent results in the symmetric setting [5, 22] might lead one to expect, we show that classical "encryptthen-sign" (EtS) and "sign-then-encrypt" (StE) methods are both secure composition methods in the public-key setting. We also present a new composition method which we call "commit-thenencrypt-and-sign" (CtE&S). Unlike the generic sequential composition methods, CtE&S applies the expensive signature and encryption operations in parallel, which could imply a gain in efficiency over the StE and EtS schemes. We also show that the new CtE&S method elegantly combines with the recent "hash-sign-switch" technique of [30], leading to efficient on-line/off- line signcryption. Finally and of independent interest, we discuss the definitional inadequacy of the standard notion of chosen ciphertext (CCA2) security. We suggest a natural and very slight relaxation of CCA2-security, which we call generalized CCA2-security (gCCA2). We show that gCCA2-security suffices for all known uses of CCA2-secure encryption, while no longer suffering from the definitional shortcomings of the latter.
Article
In many cryptographic techniques, Homomorphic encryption has been taken attention widely for its special performance by scholars. Common cryptographic techniques can not directly operate on encrypted data, but homomorphic encryption can do, and the result of the operation is automatically encrypted. Homomorphic encryption will widely have a application fields in secure multiparty computation, electronic voting, secret text search, encrypting e-mail filtering, mobile code. Technology related with homomorphic encryption scheme will be briefly reviewed in this article on the basis of previous studies, and a new operation is defining - similar modular arithmetic that is used to achieve algebra homomorphic encryption shceme on the scope of a rational. Moreover, safety analysis of the shceme has been taken and further research has been pointed out.
Article
Much work has been done in recent decades to apply sophisticated cryptographic techniques to achieve strong end-to-end verifiability in election protocols. The properties of these protocols are much stronger than in any system in general use; however, the complexity of these systems has retarded their adoption. This paper describes a relatively simple but still effective approach to cryptographic elections. Although not as computationally efficient as previously proposed cryptographic approaches, the work presented herein is intended to be more accessible and therefore more suitable for comparison with other voting systems.
Article
The existing homomorphic encryption scheme is based on ring of the integer, and the possible operators are restricted to addition and multiplication only. In this paper, a new operation is defined—Similar Modul. Base on the Similar Modul, the number sets of the homomorphic encryption scheme is extended to real number, and the possible operators are extended to addition, subtraction, multiplication and division. Our new approach provides a practical ways of implementation because of the extension of the operators and the number sets.
Conference Paper
A new signature scheme is proposed together with an implementation of the Diffie - Hellman key distribution scheme that achieves a public key cryptosystem. The security of both systems relies on the difficulty of computing discrete logarithms over finite fields.