Você confiaria a sua vida à nuvem ? Técnicas para a computação terceirizada

com privacidade e segurança

Flavio Bergamaschi Emerging Technologies, IBM

Hamish Hunt

Emerging Technologies,IBM

Cloud Computing and Security Security challenges in outsourced computation

▪ Landscape is now asymmetric

▪ Large number of mobile devices

▪ Large compute power in the cloud

▪ No control over the cloud servers

▪ No control over the communication channels

▪ Powerful servers …. untrusted …. or honest but curious

Cloud Computing and Security Security challenges in outsourced computation

Alice

Input Data

Result

Perform the correct computation, sends result to Alice

Snoops the Comms Channel See Alice’s data

Bob Honest but curious Looks at Alice’s data

Eve

Cloud Computing and Security Securing the Communications Channel

Alice

Input Data

ResultDecrypts, performs the correct computation, encrypts the result before sending.

Snoops the Comms Channel Can’t see the data

Bob Honest but curious Looks at Alice’s data

Encrypts/Decrypts

Eve

▪Verifiable delegation

How to ensure the encrypted result we get back is the result of the intended computation “F”?

Enc(F(x)) vs Enc(F’(x))

▪Functional privacy

How to protect the computation “F”

▪ Server Privacy

The computation being evaluated leaks nothing about the inputs.

▪ Functional encryption

Reveals the result of the computation but nothing else.

e.g. Spam filter for encrypted email

Cloud Computing and Security Some Cryptographic Notions - 1

▪Encrypted Searches

Tokenization: **very little security

Property preserving encryption

Deterministic encryption

Everytime Enc(x) generates same cyphertext **very little security

Order preserving encryption

Takes an ordered universe of plaintext and produces cyphertexts that can be compared/sorted

▪Searchable Symetric Encryption

Encrypts the data in a way that in a way that it can be privately queried

Encrypts the search structure

Protects the data with standard AES

Cloud Computing and Security Some Cryptographic Notions - 2

▪Secure Multi-party computation

Multiple participants compute a public function on their private data without revealing the input data and only share the result.

e.g. Millionaires problem.

▪Fully Homomorphic encryption

Allows for the computation to be preformed on encrypted data without ever decrypting it

Enc(x) + Enc(y) = Enc(x+y)

Enc(x) * Exc(y) = Enc(x*y)

Cloud Computing and Security Some Cryptographic Notions - 3

▪Access Pattern Leakage

▪Data Leakage

▪Control Flow Leakage

▪Size Leakage

Cloud Computing and Security Information Leakages

Cloud Computing and Security Struggle between usefulness <-> security

Useful Computation Security

Secure Multi-party Computation

Homomorphic Encryption

Encrypted Searches

.

How to secure the data in the cloud in a way that we can perform computations on encrypted data ?

Computing on Encrypted Data Fully Homomorphic Encryption

Alice

Input Data

ResultPerforms the correct computation, without decrypting the input or output(result)

Snoops the Comms Channel Can’t see the data

Bob Can’t see Alice’s data Doesn’t learn anything.

Encrypts/Decrypts

Eve

Fully Homomorphic Encryption - History

Theoretical Solution first proposed by Craig Gentry (IBM) in 2009

• Prompted quotes like “Not in my lifetime”

• Original scheme was inefficient and difficult to implement

Thought about since the 1970s. Can we perform operations on encrypted data without having to first decrypt it?

Rapid improvements to the theory have led to algorithmic efficiencies making practical implementations possible.

What can you do that is new?Real Oblivious Transfer

Can the bank provide information to the police without knowing the query or the information returned?

Oblivious Genome Sequence Comparison

Encrypted Edit Distance

Encrypted Genomes

IDASH PRIVACY & SECURITY

WORKSHOP 2015Current Version. • Using Commodity Intel-based hardware. • 100k entries ~5 mins on multi-threaded 4 core machine. • Ciphertexts for a security level of 80-100 bits (AES

equivalence) are 1000 times larger than the plaintext.

Av Aw Bv Bw Expected EditV1V20Vn0V5

V1V3V400V6

015307.

COMP

011101.

Mult

015307

115307.

Max weight

110304

115007

Compute the Edit Distance

Vetor Criptografado

Resultado Criptografado

FHE Match Engine

Descriptografado

FHE Base de Dados

Vector Comparison

16

Desempenho em relação à configurações de segurança de dados da NSA para 'Secret' e 'Top Secret'

Secret Top Secret

Oblivious Image Query

Referencias

▪HELIB - Biblioteca de Codigo Aberto para computacao Homomorfica

https://github.com/shaih/HElib

▪Fullu Homomorphic Encryption without Bootstrapping

https://eprint.iacr.org/2011/277

▪Future Directions in Computing on Encrypted Data

https://www.cs.bris.ac.uk/~nigel/ECRYPT-MPC/

▪Seminario: Computing on Encrypted Data

http://people.csail.mit.edu/vinodv/6892-Fall2013/

DEMO