Chapter

# A guide to homomorphic encryption

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

## Abstract

Traditional cryptography techniques require our data to be unencrypted to be processed correctly. This means that at some stage on a system we have no control over, our data will be processed in plaintext. Homomorphic encryption or specifically, fully homomorphic encryption is a viable solution to this problem. It allows encrypted data to be processed as if it were in plaintext and will produce the correct value once decrypted. While many know that homomorphic encryption promises to be an ideal solution to trust, security, and privacy issues in cloud computing, few actually knows how it works and why it is not yet a practical solution despite its promises. This chapter serves as a much needed primer on current homomorphic encryption techniques, discusses about several practical challenges, and introduces workarounds proposed by practitioners and researchers to overcome these challenges.

## No full-text available

... These technologies take the form of architectures built with privacy-by-design principles and policies [S39] [S6], or data modifications based on heuristics or mathematical privacy guarantees. Prominent examples of PETs are differential privacy [13] [14], syntactic anonymization technologies like k-anonymity [15], homomorphic encryption [16] [17] [18], trusted execution environments [19], secure multiparty computation [20], zero-knowledge proofs [21] [22], and a set of conventional de-identification approaches such as masking, rounding, or hashing [23]. ...
... After the computation, the entities with the corresponding secret key can decrypt the output [80]. There are variations of HE depending on the diversity of operations it can perform [16][17]: Fully homomorphic encryption (FHE) schemata support addition and multiplication, while partially homomorphic encryption (PHE) schemata allow for only one of these alternatives; typically in exchange for drastically improved performance. Any other schema in-between is called somewhat homomorphic encryption [S48]. ...
Preprint
IoT data markets in public and private institutions have become increasingly relevant in recent years because of their potential to improve data availability and unlock new business models. However, exchanging data in markets bears considerable challenges related to the disclosure of sensitive information. Despite considerable research that has focused on different aspects of privacy-enhancing data markets for the IoT, none of the solutions proposed so far seems to find considerable practical adoption. Thus, this study aims to organize the state-of-the-art solutions, analyze and scope the technologies that have been suggested in this context, and structure the remaining challenges to determine areas where future research is required. To accomplish this goal, we conducted a systematic literature review on privacy enhancement in data markets for the IoT, covering $50$ publications dated up to July 2020. Our results indicate that most research in this area has emerged only recently, and no IoT data market architecture has established itself as canonical. Existing solutions frequently lack the required combination of anonymization and secure computation technologies. Furthermore, there is no consensus on the appropriate use of blockchain technology for IoT data markets and a low degree of leveraging existing libraries or reusing generic data market architectures. We also identified significant remaining challenges such as the copy problem and the recursive enforcement problem that -- while solutions have been suggested to some extent -- are often not sufficiently addressed in proposed designs.
... Homomorphic encryption schemes can be classified into two categories, which are; Partially Homomorphic Encryption and Fully Homomorphic Encryption. Because the e-voting system would require only the addition of the ballots, a partially homomorphic encryption scheme is suitable for adoption in this study, due to the performance and protection it offers in place of utility functionality (Will and Ko, 2015). (Jabbar and Alsaad, 2017) proposed a remote electronic voting system using the ElGamal cryptosystem for ensuring the security of votes. ...
Article
Full-text available
Blockchain is a distributed and decentralized ledger of transactions that are linked together cryptographically leading to immutability and tamper-resistance, thereby ensuring the integrity of data. Due to the ability of blockchain to guarantee the integrity of data, it has found wide-range adoption in electronic voting (e-voting) systems in recent years, this is in a bid to prevent manipulation of votes. However, due to the distributed nature of the blockchain, opportunities arise for privacy intrusion of the data being secured. The translation of this privacy flaw in blockchain to e-voting systems is the possibility of violation of the privacy of the electorates. Consequently, in a bid to achieve integrity and privacy of votes in e-voting, this study presents the use of an open-source blockchain system, coupled with a privacy-oriented cryptosystem known as the Paillier cryptosystem, towards addressing the privacy concerns of the blockchain. The performance of the system was evaluated and a transaction throughput of 1424 tps was obtained for ten thousand simulated ballot transactions. Further evaluation was carried out on the system, by increasing the number of system transactions. This showed that the mining time of the blockchain increased by an average factor of 0.18 s for every thousand increases in the number of transactions. Also, the response time of the system to a range of user actions was evaluated over an increasing number of voters. Results obtained showed that the response time of the system for vote casting operations increased by an average of 0.33 min per thousand voters while for vote tallying there was an increase in response time by an average of 0.848 min per thousand voters. The scientific value of this study is the development of an integrity and privacy-preserving e-voting system consisting of an open-source nodechain coupled with a privacy-oriented cryptosystem known as the Paillier cryptosystem following the security requirements of e-voting systems. The proposed system addresses the issue of integrity in e-voting while still maintaining the privacy of the electorates.
... Further on, n-is a message length; λ-the system security parameter. Let's consider our protocols and estimate three factors: number of operations, the storage space, and the complexity of the calculations as: Random number generation-O(1); Transmission-O(1); Hashing, Encryption (MD5)-O(n) [91]; Signature-O(n) [91]; Verification-O(n) [91]; Measurement-O(n) [92]; Calculation (subtraction)-O(log(n)) [92]; XOR-O(n) [93]; and Homomorphic encryption-O(λ 3.5 ) [94]. ...
Article
Full-text available
Today, the Intelligent Transportation Systems (ITS) are already in deep integration phase all over the world. One of the most significant enablers for ITS are vehicle positioning and tracking techniques. Worldwide integration of ITS employing Dedicated Short Range Communications (DSRC) and European standard for vehicular communication, known as ETSI ITS-G5, brings a variety of options to improve the positioning in areas where GPS connectivity is lacking precision. Utilization of the ready infrastructure, next-generation cellular 5G networks, and surrounding electronic devices together with conventional positioning techniques could become the solution to improve the overall ITS operation in vehicle-to-everything (V2X) communication scenario. Nonetheless, effective and secure communication protocols between the vehicle and roadside units should be both analyzed and improved in terms of potential attacks on the transmitted positioning-related data. In particular, said information might be misused or stolen at the infrastructure side conventionally assumed to be trusted. In this paper, we first survey different methods of vehicle positioning, which is followed by an overview of potential attacks on ITS systems. Next, we propose potential improvements allowing mutual authentication between the vehicle and infrastructure aiming at improving positioning data privacy. Finally, we propose a vision on the development and standardization aspects of such systems.
... Let P be the plaintext space, i.e., P ¼ {0,1} which consists of input message tuple (m 1 , m 2 , …m n ). Let us represent the Boolean circuit by C and ordinary function notation as C (m 1 , m 2 , …m n ) to represent the evaluation of the circuit on the message tuple [21]. The general HE is described below: • Gen(1 λ , α) is the key generation algorithm that generates output keys triplets, i.e., secret key-pair (sk and pk) along with evaluation key (evk), where λ is security parameter and α is auxiliary input, (sk, pk, evk) KeyGen(\$) ...
... Rivest et al., 1978 was the first to explore the design of a homomorphic encryption scheme. Acar et al., 2018;Armknecht et al., 2015;Gentry, 2009. In the next section, we will provide an overview of homomorphic encryption schemes. ...
Article
Full-text available
Nowadays, cloud computing offers a digital infrastructure for smart city development. Cognitive cities are steadily automating daily urban processes. The ever expanding objective‐driven communities gather and share sensitive data that must be stored securely. Cloud computing offers a suitable platform that allows cognitive smart cities to access and re‐access data to learn from their past to adapt its current behaviour. However, the cloud is an untrusted entity that may expose data when decrypted for processing by systems. In this paper, we treat the issue of encrypted data processing. Often, the data is encrypted prior to transferring it to the cloud, where the cloud must have the data in clear to be able to make calculations which raises security and privacy threats if the cloud is considered untrusted. The scenario of asking users to make the calculations after decrypting the received cloud data and encrypting the obtained results before sending them back to the cloud is not a practical solution in distributed multi‐tenant architectures. Homomorphic encryption allows offers a solution for processing encrypted data. Many existing homomorphic encryption schemes suffer from limitations that hinder their usability. This paper presents an efficient fully homomorphic encryption scheme using twin key encryption and magic number fragmentation. The details of the scheme are presented along with cryptanalytic attacks to assess its effectiveness. The proposed scheme exhibits strong resilience against brute‐force attacks compared to its rivals from the literature. Finally, we illustrate the applicability of the proposed scheme using a cognitive smart city application.
... IACR Cryptology ePrint Archive, 2015, 1192". [11]. Research Method: Conceptual framework. ...
Conference Paper
Full-text available
Homomorphic Encryption is a class of encryption methods envisioned by Rivest, Adleman, and Dertouzos already in 1978, and first constructed by Craig Gentry in 2009. It differs from typical encryption methods in the sense that it allows computation operations to be performed directly on encrypted data without requiring access to a secret key (A Few Thoughts on Cryptographic Engineering). The result of such a computation remains in encrypted form, and can at a later point be revealed by the owner of the secret key. This form of encryption allows computation on ciphertexts, generating an encrypted result which, when decrypted, matches the result of the operations as if they had been performed on the plaintext. The purpose of Homomorphic Encryption is to allow computation on encrypted data. Usually, it is used for large-scale statistical analysis and mostly used in data encryption and decryption. Thus, it is used programs that rely mainly on information security and high-security documents in many governmental segments. The challenging aspect is performing statistical analysis on encrypted data and getting an accurate result, without putting the data through the risk of being stolen or having a backdoor copy for it.
... Our motivation for this is that we need the cleartext data for ensuring the good work of the blockchain system. However, future work might address this issue by using some dedicated crypto primitives, such as functional encryption [51] (functions operating on ciphertexts), homomorphic encryption [54] (any kind of computation on ciphertexts), and zero-knowledge proofs [20] (no information leaks from the transaction, except that it is valid. An example of a blockchain implementing zero-knowledge proofs is ZCash, in which all transactions can be zero-knowledge, if the emitter decides so [24]. ...
Conference Paper
Full-text available
... Additionally, the authors of [19] proposed Gentry's encryption in parallel processing and were tested on a private cloud. Also, in [20] simplified and structured wide definitions in the homomorphic encryption discipline has been introduced, and raised the question of using homomorphic encryption as a solution to their problem. ...
Article
Full-text available
Cloud computing is the provision of computing services over the internet, which provides unlimited computing capabilities to its users. Cloud Service Providers (CSP) in the distanced places helps the users such as businesses and individuals to use its software and hardware means. The physical distance between the users and providers allows third parties to be capable of accessing the data which threats the privacy of the users. Thus, its security is the main concern when it comes to transform data from a locally owned storage to cloud storage. Cloud providers are required to save an encrypted version of user’s data on their storage. The traditional encryption schemes have been used for data encryption prior to sending them to the provider. Thought, the secret key has to be provided by the users to the server so as to decrypt the information prior to the requirement of calculations. Therefore, the traditional cryptographic schemes cannot be used to process cloud’s data. After the encryption of the information data are revealed to calculation in clouds, so confidentiality is not guaranteed and this result in difficulty in using cloud. In Homomorphic Encryptions calculation on ciphertext can be performed with no need for decryption. This paper, develops and designs a new mathematical model to achieve the characteristics of the Fully Homomorphic Encryption. The proposed model’s security depends on the problem of Factorization the integers to their primary numbers. In this paper, instead of dealing with two prime numbers it is expanded to deal with n prime numbers. The security of the presumptive algorithm to be more efficient in front of the security challenges facing cloud computing. What distinguishes this proposed system is that it deals with the explicit text after converting it to the ASCII code instead of converting it to the binary system as it is in the existing systems, thus providing speed in the encryption process and returns the encryption.
... For the homomorphic encryption parameter settings, we select the parameters shown in Table I to guarantee sufficient security. Our settings for the security level, coefficient modulus and degree of polynomial modulus match the most recent homomorphic encryption security standards proposed by the Homomorphic-Encryption.org group [32]. The degree of polynomial modulus is a power of 2, while the coefficient moduli in paramckks and parambfv are products of 25 and 4 distinct primes, respectively, where every prime is 35 bits long in paramckks and 60 bits long in parambfv. ...
Article
Full-text available
The Cox proportional hazards model is one of the most widely used methods for analyzing survival data. Data from multiple data providers are required to improve the generalizability and confidence of the results of Cox analysis; however, such data sharing may result in leakage of sensitive information, leading to financial fraud, social discrimination or unauthorized data abuse. Some privacy-preserving Cox regression protocols have been proposed in past years, but they lack either security or functionality. In this paper, we propose a privacy-preserving Cox regression protocol for multiple data providers and researchers. The proposed protocol allows researchers to train models on horizontally or vertically partitioned datasets while providing privacy protection for both the sensitive data and the trained models. Our protocol utilizes threshold homomorphic encryption to guarantee security. Experimental results demonstrate that with the proposed protocol, Cox regression model training over 9 variables in a dataset of 113,035 samples takes approximately 44 min, and the trained model is almost the same as that obtained with the original nonsecure Cox regression protocol; therefore, our protocol is a potential candidate for practical real-world applications in multicenter medical research.
... addition and multiplication) while protected under encryption, or in the form of a ciphertext , without requiring the data to be revealed or decrypted. Three predominant schemes are employed -partial , fully , and leveled homomorphic encryption (HME) -each with a trade-off between computational and space efficiency and complexity [32] . While partial HME may offer less space and computational overhead compared to the other two schemes, it only allows for a single type of operation, either addition or multiplication, between two ciphertexts. ...
Article
Full-text available
Machine learning applications are intensively utilized in various science fields, and increasingly the biomedical and healthcare sector. Applying predictive modeling to biomedical data introduces privacy and security concerns requiring additional protection to prevent accidental disclosure or leakage of sensitive patient information. Significant advancements in secure computing methods have emerged in recent years, however, many of which require substantial computational and/or communication overheads, which might hinder their adoption in biomedical applications. In this work, we propose SecureLR, a novel framework allowing researchers to leverage both the computational and storage capacity of Public Cloud Servers to conduct learning and predictions on biomedical data without compromising data security or efficiency. Our model builds upon homomorphic encryption methodologies with hardware-based security reinforcement through Software Guard Extensions (SGX), and our implementation demonstrates a practical hybrid cryptographic solution to address important concerns in conducting machine learning with public clouds.
Chapter
Most computer checked proofs are tied to the particular technology of a prover’s software. While sharing results between proof assistants is a recognized and desirable goal, the current organization of theorem proving tools makes such sharing an exception instead of the rule. In this talk, I argue that we need to turn the current architecture of proof assistants and formal proofs inside-out. That is, instead of having a few mature theorem provers include within them their formally checked theorems and proofs, I propose that proof assistants should sit on the edge of a web of formal proofs and that proof assistant should be exporting their proofs so that they can exist independently of any theorem prover. While it is necessary to maintain the dependencies between definitions, theories, and theorems, no explicit library structure should be imposed on this web of formal proofs. Thus a theorem and its proofs should not necessarily be located at a particular URL or within a particular prover’s library. While the world of symbolic logic and proof theory certainly allows for proofs to be seen as global and permanent objects, there is a lot of research and engineering work that is needed to make this possible. I describe some of the required research and development that must be done to achieve this goal.
Chapter
Homomorphic encryption (HE) is often viewed as impractical, both in communication and computation. Here we provide an additively homomorphic encryption scheme based on (ring) LWE with nearly optimal rate ($$1-\epsilon$$ for any $$\epsilon >0$$). Moreover, we describe how to compress many Gentry-Sahai-Waters (GSW) ciphertexts (e.g., ciphertexts that may have come from a homomorphic evaluation) into (fewer) high-rate ciphertexts.
Article
With the vast increase in data transmission due to a large number of information collected by devices, data management and security has been a challenge for organisations. Many data owners outsource their data to cloud repositories due to several economic advantages cloud service providers present. However, data owners, after their data are outsourced, do not have complete control of the data, and therefore, external systems are incorporated to manage the data. Several kinds of research refer to the use of encryption techniques to prevent unauthorised access to data but prove to be deficient in providing suitable solutions to the problem. In this paper, we proffer a secure fine-grain access control system for outsourced data, which supports read and write operations to the data. We make use of an Attribute-based Encryption (ABE) scheme, which is regarded as a suitable scheme to achieve access control for security and privacy(confidentiality) of outsourced data. Our work considers different categories of data users, and make provisions for distinct access roles and permissible actions on the outsourced data with dynamic and efficient policy updates to the corresponding ciphertext in cloud repositories. We adopt blockchain technologies to enhance traceability and visibility to enable control over outsourced data by a data owner. The security analysis presented demonstrates that the security properties of the system are not compromised. Results based on extensive experiments illustrate the efficiency and scalability of our system.
Article
Prototype-based machine learning methods such as learning vector quantisation (LVQ) offer flexible classification tools, which represent a classification in terms of typical prototypes. This representation leads to a particularly intuitive classification scheme, since prototypes can be inspected by a human partner in the same way as data points. Yet, it bears the risk of revealing private information included in the training data, since individual information of a single training data point can significantly influence the location of a prototype. In this contribution, we investigate the question how to algorithmically extend LVQ such that it provably obeys privacy constraints as offered by the notion of so-called differential privacy. More precisely, we demonstrate the sensitivity of LVQ to single data points and hence the need of its extension to private variants in case of possibly sensitive training data. We investigate three technologies which have been proposed in the context of differential privacy, and we extend these technologies to LVQ schemes. We investigate the effectiveness and efficiency of these schemes for various data sets, and we evaluate their scalability and robustness as regards the choice of meta-parameters and characteristics of training sets. Interestingly, one algorithm, which has been proposed in the literature due to its beneficial mathematical properties, does not scale well with data dimensionality, while two alternative techniques, which are based on simpler principles, display good results in practical settings.
Article
Cloud computing has emerged as a dominant computing platform for the foreseeable future, resulting in an ongoing disruption to the way we build and deploy software. This disruption offers a rare opportunity to integrate new approaches to computer security. The aggregating effect of cloud computing and the role of cloud providers as trust anchors can significantly benefit computing security.
Conference Paper
The cloud computing revolution has emphasized the need to execute programs in private using third party infrastructure. In this work, we investigate the application of One Instruction Set Computing (OISC) for processing encrypted data. This novel architecture combines the simplicity and high throughput of OISC with the security of well-known homomorphic encryption schemes, allowing execution of encrypted machine code and secure computation over encrypted data. In the presented case study, we choose addleq as the OISC instruction and Paillier’s scheme for encryption, and we extensively discuss the architecture and security implications of encrypting the instructions and memory accesses. Preliminary results in our implemented hardware–cognizant software simulator indicate an average execution overhead of 26 times for 1024–bit security parameter, compared to unencrypted execution of the same OISC programs.
Article
Full-text available
In this work, we demonstrate how the blockchain and the off-chain storage interact via Oracle-based mechanisms, which build an effective connection between a distributed database and real assets. For demonstration purposes, smart contracts were drawn up to deal with two different applications. Due to the characteristics of the blockchain, we may still encounter severe privacy issues, since the data stored on the blockchain are exposed to the public. The proposed scheme provides a general solution for resolving the above-mentioned privacy issue; that is, we try to protect the on-chain privacy of the sensitive data by using homomorphic encryption techniques. Specifically, we constructed a secure comparison protocol that can check the correctness of a logic function directly in the encrypted domain. By using the proposed access control contract and the secure comparison protocol, one can carry out sensitive data-dependent smart contract operations without revealing the data themselves.
Chapter
Full-text available
Smart contract is a programming interface to interact with the underlying blockchain storage models. It is a database abstraction layer for blockchain. Existing smart contract platforms follow the imperative style programming model since states are shared. As a result, there is no concurrency control mechanism when executing transactions, resulting in considerable latency and hindering scalability. To address performance and scalability issues of existing smart contract platforms, we design a new smart contract platform called “Aplos” based on the Scala functional programming language and Akka actors. In Aplos, all blockchain-related smart contract functions are implemented with Akka actors. The Aplos platform is built over Mystiko—a highly scalable blockchain storage for big data. Mystiko supports concurrent transactions, high transaction throughput, data analytics and machine learning. With Aplos smart contracts over Mystiko, we have developed a blockchain for highly scalable storage that aligns with big data requirements.
Article
Cloud computing platforms are being increasingly used for closing feedback control loops, especially when computationally expensive algorithms, such as model-predictive control, are used to optimize performance. Outsourcing of control algorithms entails an exchange of data between the control system and the cloud, and, naturally, raises concerns about the privacy of the control system's data (e.g., state trajectory, control objective). Moreover, any attempt at enforcing privacy needs to add minimal computational overhead to avoid degrading control performance. In this paper, we propose several transformation-based methods for enforcing data privacy. We also quantify the amount of provided privacy and discuss how much privacy is lost when the adversary has access to side knowledge. We address three different scenarios: a) the cloud has no knowledge about the system being controlled; b) the cloud knows what sensors and actuators the system employs but not the system dynamics; c) the cloud knows the system dynamics, its sensors, and actuators. In all of these three scenarios, the proposed methods allow for the control over the cloud without compromising private inform
Chapter
Exchanging model updates is a widely used method in the modern federated learning system. For a long time, people believed that gradients are safe to share: i.e., the gradients are less informative than the training data. However, there is information hidden in the gradients. Moreover, it is even possible to reconstruct the private training data from the publicly shared gradients. This chapter discusses techniques that reveal information hidden in gradients and validate the effectiveness on common deep learning tasks. It is important to raise people’s awareness to rethink the gradient’s safety. Several possible defense strategies have also been discussed to prevent such privacy leakage.
Article
The paper presents a fully distributed private aggregation protocol that can be employed in dynamical networks where communication is only assumed on a neighbor-to-neighbor basis. The novelty of the scheme is its low overhead in communication and computation due to a pre-processing phase that can be executed even before the participants know their input to aggregation. Moreover, the scheme is resilient to node drop-outs, and it is defined without introducing any trusted or untrusted third parties. We prove the privacy of the scheme itself and subsequently, we discuss the privacy leakage caused by the output of the scheme. Finally, we discuss implementation of the proposed protocol to solve distributed optimization problems using two versions of the alternating direction method of multipliers (ADMM).
Chapter
Comparison of two numbers is one of the most frequently used operations, but it has been a challenging task to efficiently compute the comparison function in homomorphic encryption (HE) which basically supports addition and multiplication. Recently, Cheon et al. (Asiacrypt 2019) introduced a new approximate representation of the comparison function with a rational function, and showed that this rational function can be evaluated by an iterative algorithm. Due to this iterative feature, their method achieves a logarithmic computational complexity compared to previous polynomial approximation methods; however, the computational complexity is still not optimal, and the algorithm is quite slow for large-bit inputs in HE implementation.
Conference Paper
Privacy has gained a growing interest nowadays due to the increasing and unmanageable amount of produced confidential data. Concerns about the possibility of sharing data with third parties to gain fruitful insights beset enterprise environments; value not only resides in data, but also in the intellectual property of algorithms and models that offer anal- ysis results. This impasse locks both the availability of high- performance computing resources in the “as-a-service” paradigm and the exchange of knowledge with the scientific community in a collaborative view. Privacy-preserving data science enables the use of private data and algorithms without putting their privacy at risk. Conventional encryption schemes are not able to work on encrypted data without decrypting them first. Homomorphic Encryption (HE) is a form of encryption that allows the compu- tation on encrypted data while preserving the features and the format of the plaintext. Against the background of interesting use cases for the Central Bank of Italy, this article focuses on how HE and data science can be leveraged to design and develop privacy- preserving enterprise applications. We propose a survey of main Homomorphic Encryption techniques and recent advances in the conubium between data science and HE.
Technical Report
Full-text available
With the emergence of new digital trends like the Internet of Things (IoT), more industry actors and technical committees pursue research in utilizing such technologies as they promise better and optimized management, improved energy efficiency and better quality living by facilitating a magnitude of value-added services. However, as communication, sensing and actuation become increasingly sophisticated, such promising data-driven IoT systems generate, process, and exchange larger amounts of data, some of which is privacy-sensitive and security-critical. The sustained increase in number of connected devices, catalyzed by IoT, affirms the importance of addressing data protection, privacy and security challenges, as indices of trust, to achieve market acceptance. This consequently, emphasizes the need of a solid technical and regulatory foundation to ensure trustworthiness within the IoT ecosystem. The goal of this study is to first introduce the concept of trustworthiness in IoT with its main pillars, data protection, privacy and security, and then analyze developments in research and standardization for each of these. The study presents a gap analysis on data protection, privacy and security between research and standardization, throughout which the use case of Unmanned Aerial Vehicles (UAVs) is referred to, as a promising value-added service example of mobile IoT devices. The study concludes with suggestions for future research and standardization in order to address the identified gaps. https://portail-qualite.public.lu/dam-assets/publications/normalisation/2019/TR-Smart-ICT-Gap-Analysis-SR-TS-ILNAS-UL.pdf#page=29
Article
Most decentralized algorithms for multi-agent systems used in control, signal processing and machine learning for example, are designed to fit the problem where agents can only communicate with immediate neighbors in the network. For instance, decentralized and distributed optimization algorithms are based on the fact that every agent in a network will be able to influence every other agent in the network even if each agent only communicates with its immediate neighbors (given that the network is connected). That is, a distributed optimization problem can be solved in a decentralized manner by letting the agents exchange messages with their neighbors iteratively. In many algorithms that solve this kind of problem, agents in the network does not need individual values from their neighbors, rather they need a function of the values from its neighbors. This observation makes it interesting to consider privacy preservation in such algorithms. By privacy preservation, we mean that raw data from individual agents will not be exposed at any time during calculations. This paper is concerned with decentralized algorithms, where each agent must learn the sum of its neighbors values, and we propose a privacy preserving method to compute this sum. Employing this method in corresponding decentralized algorithms makes the whole algorithm privacy preserving. The only restriction we make on the graph topology of the network is that each agent must have at least two neighbors. We provide simulations of the proposed method, which illustrates the scalability of it.
Preprint
Capabilities for trustworthy cloud-based computing and data storage require usable, secure and efficient solutions which allow clients to remotely store and process their data in the cloud. In this paper, we present RESeED, a tool which provides user-transparent and cloud-agnostic search over encrypted data using regular expressions without requiring cloud providers to make changes to their existing infrastructure. When a client asks RESeED to upload a new file in the cloud, RESeED analyzes the file's content and updates novel data structures accordingly, encrypting and transferring the new data to the cloud. RESeED provides regular expression search over this encrypted data by translating queries on-the-fly to finite automata and analyzes efficient and secure representations of the data before asking the cloud to download the encrypted files. We evaulate a working prototype of RE-SeED experimentally (currently publicly available) and show the scalability and correctness of our approach using real-world data sets from arXiv.org and the IETF. We show absolute accuracy for RESeED, with very low (6%) overhead, and high performability, even beating grep for some benchmarks.
Article
Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.