você confiaria a sua vida à nuvem · the input data and only share the result. e.g. millionaires...
TRANSCRIPT
Você confiaria a sua vida à nuvem ? Técnicas para a computação terceirizada
com privacidade e segurança
Flavio Bergamaschi Emerging Technologies, IBM
Hamish Hunt
Emerging Technologies,IBM
Cloud Computing and Security Security challenges in outsourced computation
▪ Landscape is now asymmetric
▪ Large number of mobile devices
▪ Large compute power in the cloud
▪ No control over the cloud servers
▪ No control over the communication channels
▪ Powerful servers …. untrusted …. or honest but curious
Cloud Computing and Security Security challenges in outsourced computation
Alice
Input Data
Result
Perform the correct computation, sends result to Alice
Snoops the Comms Channel See Alice’s data
Bob Honest but curious Looks at Alice’s data
Eve
Cloud Computing and Security Securing the Communications Channel
Alice
Input Data
ResultDecrypts, performs the correct computation, encrypts the result before sending.
Snoops the Comms Channel Can’t see the data
Bob Honest but curious Looks at Alice’s data
Encrypts/Decrypts
Eve
▪Verifiable delegation
How to ensure the encrypted result we get back is the result of the intended computation “F”?
Enc(F(x)) vs Enc(F’(x))
▪Functional privacy
How to protect the computation “F”
▪ Server Privacy
The computation being evaluated leaks nothing about the inputs.
▪ Functional encryption
Reveals the result of the computation but nothing else.
e.g. Spam filter for encrypted email
Cloud Computing and Security Some Cryptographic Notions - 1
▪Encrypted Searches
Tokenization: **very little security
Property preserving encryption
Deterministic encryption
Everytime Enc(x) generates same cyphertext **very little security
Order preserving encryption
Takes an ordered universe of plaintext and produces cyphertexts that can be compared/sorted
▪Searchable Symetric Encryption
Encrypts the data in a way that in a way that it can be privately queried
Encrypts the search structure
Protects the data with standard AES
Cloud Computing and Security Some Cryptographic Notions - 2
▪Secure Multi-party computation
Multiple participants compute a public function on their private data without revealing the input data and only share the result.
e.g. Millionaires problem.
▪Fully Homomorphic encryption
Allows for the computation to be preformed on encrypted data without ever decrypting it
Enc(x) + Enc(y) = Enc(x+y)
Enc(x) * Exc(y) = Enc(x*y)
Cloud Computing and Security Some Cryptographic Notions - 3
▪Access Pattern Leakage
▪Data Leakage
▪Control Flow Leakage
▪Size Leakage
Cloud Computing and Security Information Leakages
Cloud Computing and Security Struggle between usefulness <-> security
Useful Computation Security
Secure Multi-party Computation
Homomorphic Encryption
Encrypted Searches
.
How to secure the data in the cloud in a way that we can perform computations on encrypted data ?
Computing on Encrypted Data Fully Homomorphic Encryption
Alice
Input Data
ResultPerforms the correct computation, without decrypting the input or output(result)
Snoops the Comms Channel Can’t see the data
Bob Can’t see Alice’s data Doesn’t learn anything.
Encrypts/Decrypts
Eve
Fully Homomorphic Encryption - History
Theoretical Solution first proposed by Craig Gentry (IBM) in 2009
• Prompted quotes like “Not in my lifetime”
• Original scheme was inefficient and difficult to implement
Thought about since the 1970s. Can we perform operations on encrypted data without having to first decrypt it?
Rapid improvements to the theory have led to algorithmic efficiencies making practical implementations possible.
What can you do that is new?Real Oblivious Transfer
Can the bank provide information to the police without knowing the query or the information returned?
Oblivious Genome Sequence Comparison
Encrypted Edit Distance
Encrypted Genomes
IDASH PRIVACY & SECURITY
WORKSHOP 2015Current Version. • Using Commodity Intel-based hardware. • 100k entries ~5 mins on multi-threaded 4 core machine. • Ciphertexts for a security level of 80-100 bits (AES
equivalence) are 1000 times larger than the plaintext.
Av Aw Bv Bw Expected EditV1V20Vn0V5
V1V3V400V6
015307.
COMP
011101.
Mult
015307
115307.
Max weight
110304
115007
Compute the Edit Distance
Vetor Criptografado
Resultado Criptografado
FHE Match Engine
Descriptografado
FHE Base de Dados
Vector Comparison
16
Desempenho em relação à configurações de segurança de dados da NSA para 'Secret' e 'Top Secret'
Secret Top Secret
Oblivious Image Query
Referencias
▪HELIB - Biblioteca de Codigo Aberto para computacao Homomorfica
https://github.com/shaih/HElib
▪Fullu Homomorphic Encryption without Bootstrapping
https://eprint.iacr.org/2011/277
▪Future Directions in Computing on Encrypted Data
https://www.cs.bris.ac.uk/~nigel/ECRYPT-MPC/
▪Seminario: Computing on Encrypted Data
http://people.csail.mit.edu/vinodv/6892-Fall2013/
DEMO