Homomorphic Encryption and safety of the cloud

cloud security

A new algorithm was introduced based on the concept of homomorphic encryption. The aim of the development is to allow the servers to process data without needing to decrypt it.

A lot has been said about securing the cloud and different approaches for it. Developers are looking forward to cryptographers for a solution. One such avenue in this regard is that of the homomorphic encryption, which the latest research theme is.

The receiving and sending back of data from the server would maintain the integrity of the encryption, providing secured cloud computing.

Cloud service providers that offer server colocation and data services (such as Americanis) are looking forward to apply this solution on an enterprise level of cloud computing. Their aim is to improve the scale of application.

The principle of working is quite simple. Take for instance, a task that has been assigned to cloud for searching an encrypted database. The encryption is designed to make sure that the server while completing the task doesn’t know what the search term is. What it does is sends backs all the information on the database and the user can decrypt it off-cloud. While the idea is catchy, there’s the limitation of the computational burden.

Homomorphic encryption was tested on a commercial scale for the first time by Craig Gentry whose focus was combating security risk for online databases. The idea was to stop the cloud service provider from getting access to un-encrypted data.

In order to circumvent the computational burden, researchers at MIT have developed a functional encryption scheme. This allows the cloud server to proceed in single computational steps while maintaining the homomorphic encryption.

The design of this functional encryption is based upon existing schemes. For example, there’s the garbled circuit model according to which the user decrypts the result in a sequential manner. This is a private key system in which the owner of the data can encrypt/decrypt the data.

As opposed to this, the homomorphic model is based upon public key system. This model has been applied for the protection of financial transactions online. The public key encryption allows users to encrypt the data based upon the published key. However, only the holder of the key can decrypt the data. This ensures validation of safety.

Another public key encryption system that was in use is the attribute based encryption. The model is reusable but, its functionality is not n the same scale as that of homomorphic encryption.

The functional system takes the homomorphic encryption as the initial model. Next, the decryption model is added in the form of a garbled circuit. The key of decryption is covered using the attribute based encryption. The layering is what’s offering a safe use on cloud servers.

While the scheme is good, one area that’s needed to be optimized is that of the computational needs. The homomorphic model is appreciable for its safety, but is computationally intensive. If this area can be targeted, the practicality of the model can be ensured.

On the corporate front, it would be possible for companies to encrypt its database and put it on cloud. The database can be searched based upon the parameters. The data would be downloaded without exposing the details. If the data is in the form of e-mails, the results can be downloaded and no details would be exposed.

IMG Credit: abine.com