Homomorphic encryption scheme
Download as PPTX, PDF0 likes62 views
This document presents a presentation on developing a secure database system using homomorphic encryption schemes. The presentation was given by 4 students from IIT, Jahangirnagar University. It introduces cloud computing and the need for confidentiality and integrity of data stored in the cloud. It then discusses private information retrieval techniques and how to execute SQL queries over encrypted data. The presentation describes a homomorphic encryption scheme and shows how to implement basic SQL operations like SELECT, UPDATE, and DELETE. It analyzes the performance and computational overhead of processing encrypted data and identifies optimization of efficiency as future work.
![23 January 2020
PRIVATE INFORMATION RETRIEVAL 7
IIT, Jahangirnagar University
Chow et al. [8]
discussed the
importance of cloud
computing, and how
this technology can be
enticing due to its
flexibility and cost-
efficiency. The
authors highlight that
people require explicit
guarantees that their
data will be protected
under well-defined
policies and
mechanisms.
The private
information retrieval
(PIR) approach,
introduced by Chor et
al. in [9], achieves the
retrieval of an ith bit
in a block without
revealing information
about the bit
retrieved or about the
request for the bit
itself.
Raykova et al. [10]
extended the PIR
approach by
proposing a secure
anonymous search
system. The system
employs keyword
search such that only
authorized clients
have access to their
blocks.](https://image.slidesharecdn.com/homomorphicencryptionscheme-200123161532/85/Homomorphic-encryption-scheme-7-320.jpg)
![23 January 2020
PRIVATE INFORMATION RETRIEVAL 8
IIT, Jahangirnagar University
Shang et al. [11]
tackled the problem
of protecting the
database itself. The
information attained
from the monitoring
process is used to
understand how a
malicious querier can
conduct attacks to
retrieve excessive
amount of data from
the server.
Nakamura et al. [12]
constructed a system
with three
components, a
querier that initiates
requests, an
authentication-server
that processes these
requests, and a
database that returns
the appropriate data
in response to the
request.
Yinan and Cao [13]
used the PIR approach
to propose a system
that controls the
access to the
database.](https://image.slidesharecdn.com/homomorphicencryptionscheme-200123161532/85/Homomorphic-encryption-scheme-8-320.jpg)
![23 January 2020
PRIVATE INFORMATION RETRIEVAL 9
IIT, Jahangirnagar University
Among the most important criteria in PIR protocol are the communication cost and the
amount of data sent back to the querier.
Gentry et al. [14] proposed a
scheme to retrieve a bit or a
block from a database with a
constant communication rate.
Melchor et al. [15] proposed a
scheme that reaches the
available data with a
reasonable communication
cost while achieving lower
computational cost compared
to other PIR protocols.](https://image.slidesharecdn.com/homomorphicencryptionscheme-200123161532/85/Homomorphic-encryption-scheme-9-320.jpg)
![23 January 2020
REFERENCES 23
IIT, Jahangirnagar University
[1] R. Rivest, A. Shamir, and L. Adleman, A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, Communications of the ACM 21 (2): pp.
120–126, 1978.
[2] T. ElGamal, A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, IEEE Transactions on Information Theory, pp. 469–472,
1985.
[3] S. Goldwasser and S. Micali, Probabilistic Encryption. Journal of Computer and System Sciences, 28(2): pp. 270-299, April 1984.
[4] P. Paillier, Public-Key Cryptosystems Based on Composite Degree Residuosity Classes, Advances in Cryptology — EUROCRYPT ’99 In Advances in
Cryptology — EUROCRYPT ’99 , Vol. 1592 (1999), pp. 223-238, 1999.
[5] M. V. Dijk, C. Gentry, S. Halevi, and V. Vaikuntanathan, Fully Homomorphic Encryption over the Integers. EUROCRYPT 2010: pp. 24-43, June 2010.
[6] C. Gentry, Computing arbitrary functions of encrypted data, Commun. ACM, Vol. 53, No. 3., pp. 97-105, March 2010.
[7] C. Gentry, A fully homomorphic encryption scheme. PhD thesis, Stanford University, 2009.
[8] R. Chow, P. Golle, M. Jakobsson, R. Masuoka, and J. Molina, Controlling Data in the Cloud : Outsourcing Computation without Outsourcing Control.
CCSW’09, pp. 85-90, Chicago, Illinois, USA, November 13, 2009.
[9] B. Chor, E. Kushilevitz, O. Goldreich, and M. Sudan, Private Information Retrieval, Journal of the ACM, 45(6): pp. 965-982, 1998.
[10] M. Raykova, B. Vo, and S. Bellovin, Secure Anonymous Database Search, CCSW’09, pp. 115-126, Chicago, Illinois, USA, November 13, 2009.
[11] N. Shang, G. Ghinita, Y. Zhou, and E. Bertino, Controlling Data Disclosure in Computational PIR Protocols. ASIACCS’10, pp. 310-313, Beijing, China, April
13–16, 2010.
[12] T. Nakamura, S. Inenaga, D. Ikeda, K. Baba, H. Yasuura, Anonymous Authentication Systems Based on Private Information Retrieval. Networked Digital
Technologies. NDT '09, pp.53-58, 28-31 July 2009.
[13] S. Yinan and Z. Cao, Extended Attribute Based Encryption for Private Information Retrieval. Mobile Adhoc and Sensor Systems, 2009. MASS '09, pp. 702-
707, 12-15 Oct. 2009.
[14] C. Gentry and Z. Ramzan, Single-Database Private Information Retrieval with Constant Communication Rate. ICALP 2005, LNCS 3580, pp. 803–815, 2005.
[15] C. A. Melchor and P. Gaborit, A Fast Private Information Retrieval Protocol. ISIT 2008, pp. 1848-1852, Toronto, Canada, July 6 - 11, 2008.](https://image.slidesharecdn.com/homomorphicencryptionscheme-200123161532/85/Homomorphic-encryption-scheme-23-320.jpg)
Homomorphic encryption scheme
- 1. Presentation on A Secure Database System using Homomorphic Encryption Schemes 1
- 2. 23 January 2020 GROUP INFORMATION 2 Md. Shahin Kadir Student ID: 183235 Md. Ibrahim Ali Student ID: 183202 Md. Shams Sayied Haque Student ID: 183227 Saleh Ahmmed Miajee Student ID: 183228 IIT, Jahangirnagar University
- 3. 23 January 2020 INTRODUCTION 3 IIT, Jahangirnagar University Cloud computing is an attractive solution that can provide low cost storage and processing capabilities for government agencies, hospitals, and small and medium enterprises.
- 4. 23 January 2020 INTRODUCTION 4 IIT, Jahangirnagar University The confidentiality of information as well as the liability for incidents affecting the infrastructure arise major problems. So, the ultimate objective is to present a relational database system based on homomorphism encryption schemes to preserve the integrity and confidentiality of the data.
- 5. 23 January 2020 INTRODUCTION 5 IIT, Jahangirnagar University The data can be encrypted by the client, and then sent to the cloud’s provider for storage or processing. Only the client holds the decryption keys necessary to read the data. Despite the fact that this type of processing may increase the amount of computing time, the benefits associated with it are worth the processing overhead. Indeed, this model of computing can preserve the confidentiality and integrity of the data while delegating the storage and processing to an un-trusted third party.
- 6. 23 January 2020 INTRODUCTION 6 IIT, Jahangirnagar University In this paper, it is presented a novel technique to execute SQL statements over encrypted data and developed a secure database system that processes these queries. The parameters of SQL queries are encrypted by the client and sent to the server for processing. The latter performs the requested operation over an encrypted database and returns an encrypted result to the client.
- 7. 23 January 2020 PRIVATE INFORMATION RETRIEVAL 7 IIT, Jahangirnagar University Chow et al. [8] discussed the importance of cloud computing, and how this technology can be enticing due to its flexibility and cost- efficiency. The authors highlight that people require explicit guarantees that their data will be protected under well-defined policies and mechanisms. The private information retrieval (PIR) approach, introduced by Chor et al. in [9], achieves the retrieval of an ith bit in a block without revealing information about the bit retrieved or about the request for the bit itself. Raykova et al. [10] extended the PIR approach by proposing a secure anonymous search system. The system employs keyword search such that only authorized clients have access to their blocks.
- 8. 23 January 2020 PRIVATE INFORMATION RETRIEVAL 8 IIT, Jahangirnagar University Shang et al. [11] tackled the problem of protecting the database itself. The information attained from the monitoring process is used to understand how a malicious querier can conduct attacks to retrieve excessive amount of data from the server. Nakamura et al. [12] constructed a system with three components, a querier that initiates requests, an authentication-server that processes these requests, and a database that returns the appropriate data in response to the request. Yinan and Cao [13] used the PIR approach to propose a system that controls the access to the database.
- 9. 23 January 2020 PRIVATE INFORMATION RETRIEVAL 9 IIT, Jahangirnagar University Among the most important criteria in PIR protocol are the communication cost and the amount of data sent back to the querier. Gentry et al. [14] proposed a scheme to retrieve a bit or a block from a database with a constant communication rate. Melchor et al. [15] proposed a scheme that reaches the available data with a reasonable communication cost while achieving lower computational cost compared to other PIR protocols.
- 10. 23 January 2020 SECURED SQL OPERATIONS 10 IIT, Jahangirnagar University Cloud Provider Client Encrypted Data Encrypted Request Encrypted Result Figure: Secure Data Retrieval
- 11. 23 January 2020 SECURED SQL OPERATIONS 11 IIT, Jahangirnagar University Here describe below the circuit of a simple SQL SELECT query: SELECT * from T where c = v Here the value v is in encrypted form. The processing of the SELECT query is divided into three sub-circuits. Firstly, we calculate the following index for each record R in the table T: Where size is the number of bits in column c; 𝑐𝑖 and 𝑣𝑖 are the ith bits of column c and search criteria v, respectively. 𝐼𝑅 is a one bit value that is equal to 1 if v matches the value of column c, 0 otherwise.
- 12. 23 January 2020 SECURED SQL OPERATIONS 12 IIT, Jahangirnagar University Next, identify the nth record that matches the selection criteria. For that purpose, we consider 𝜂 = 𝜀𝑝𝑘(𝑛) to be the encryption of n under public key pk. For each record R we calculate the following sum: Calculate a second index 𝐼′𝑅: 𝐼′𝑅 is equal to 1 if the record R is the nth record that matches the selection criteria, 0 otherwise.
- 13. 23 January 2020 SECURED SQL OPERATIONS 13 IIT, Jahangirnagar University Then, we multiply every bit of each record R in table T by the corresponding value 𝐼′𝑅. This latter operation forms a table 𝑇′ that is related to the original table T as follows:
- 14. 23 January 2020 SECURED SQL OPERATIONS 14 IIT, Jahangirnagar University Finally, by adding all records of table 𝑇′, we retrieve the nth record Rs that matches the selection criteria: If no record matches the selection criteria, a record containing zeros will be returned to the requester.
- 15. 23 January 2020 HOMOMORPHIC ENCRYPTION SCHEME 15 IIT, Jahangirnagar University Key Generation The private key Sk is a random P-bit odd number.Private Key Public Key The public key consists of a list of integers that are the using the encryption scheme with the secret key sk as a public key. Generate a set 𝑦⃗={𝑦1,…,yβ} of rational numbers in [0,2[ such that there is a sparse subset 𝑆 ∈ {1,…,𝛽} of size ∝ with Set sk* to be the sparse subset S, encoded as a vector 𝑠 ∈ {0,1} 𝛽 with hamming weight α. Set 𝑝𝑘∗← to be the public key.
- 16. 23 January 2020 HOMOMORPHIC ENCRYPTION SCHEME 16 IIT, Jahangirnagar University Encryption (pk*,m) Set 𝑚′ to be a random N-bit number such that m and m’ have the same parity, Here q is a random Q-bit number. Then the cipher text c is post-processed to produce a vector 𝑧⃗={𝑧1,…,𝑧𝛽}, defined by, The output cipher text c* consists of c and 𝑧⃗={ 𝑧1,…, 𝑧𝛽} Now compute c as,
- 17. 23 January 2020 HOMOMORPHIC ENCRYPTION SCHEME 17 IIT, Jahangirnagar University Decryption (sk*, c*) Addition Multiplication The output cipher text c* consists of c together with the result of post-processing the resulting cipher text with 𝑦⃗. Arithmetic Operations
- 18. 23 January 2020 HOMOMORPHIC ENCRYPTION SCHEME 18 IIT, Jahangirnagar University Bootstrapping the Encryption Scheme C1 Decryption circuit m (Noise) C2 m Figure: Removing noise from original cipher text (bootstrapping)
- 19. 23 January 2020 IMPLEMENTATION 19 IIT, Jahangirnagar University The application supports the following SQL operations: SELECT with wildcard characters (*, ?) and relational operators (< >). UPDATE with wildcard characters (*, ?) and relational operators (< >). DELETE with wildcard characters (*, ?) and relational operators (< >). Statistical operations like COUNT and AVG. Figure: Client side of the application
- 20. 23 January 2020 PERFORMANCE ANALYSIS 20 IIT, Jahangirnagar University Table lists the number of arithmetic operations required to execute some basic SQL statements over an encrypted database of 10 records. From this table we can see that processing data in encrypted form creates a substantial computation overhead. TABLE: NUMBER OF ARITHMETIC OPERATIONS
- 21. 23 January 2020 PERFORMANCE ANALYSIS 21 IIT, Jahangirnagar University Figure: Processing time required to perform the product of two n-bits integers As we can see in Figure, it takes 23 minutes to compute the product of two 16-bit integers. The implementation of the system proves that the execution of SQL statements over encrypted data is feasible. The time required to execute these statements is very high and therefore is not suitable for real-time transactions that involve a large database. This drawback is mainly due to the homomorphic encryption scheme. In fact, there might be more efficient techniques to optimize the implementation, that is, one could perform recryption only when it is necessary, since the noise value can be bounded.
- 22. 23 January 2020 CONCLUSION & FUTURE DIRECTIONS 22 IIT, Jahangirnagar University This concept has many direct applications in cloud computing environments, banking, electronic voting and many other applications. In this paper we developed the first secure database system based on a fully homomorphic encryption scheme. Presented the circuits to implement SQL statements over encrypted data. Built a prototype of a database system where data is stored & processed in encrypted form. Conducted performance analysis to measure the time needed to execute a simple query on the database. As future work, here planning to work on the optimization of the efficiency of the system. Also investigate how to reduce the number of recryptions needed.
- 23. 23 January 2020 REFERENCES 23 IIT, Jahangirnagar University [1] R. Rivest, A. Shamir, and L. Adleman, A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, Communications of the ACM 21 (2): pp. 120–126, 1978. [2] T. ElGamal, A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, IEEE Transactions on Information Theory, pp. 469–472, 1985. [3] S. Goldwasser and S. Micali, Probabilistic Encryption. Journal of Computer and System Sciences, 28(2): pp. 270-299, April 1984. [4] P. Paillier, Public-Key Cryptosystems Based on Composite Degree Residuosity Classes, Advances in Cryptology — EUROCRYPT ’99 In Advances in Cryptology — EUROCRYPT ’99 , Vol. 1592 (1999), pp. 223-238, 1999. [5] M. V. Dijk, C. Gentry, S. Halevi, and V. Vaikuntanathan, Fully Homomorphic Encryption over the Integers. EUROCRYPT 2010: pp. 24-43, June 2010. [6] C. Gentry, Computing arbitrary functions of encrypted data, Commun. ACM, Vol. 53, No. 3., pp. 97-105, March 2010. [7] C. Gentry, A fully homomorphic encryption scheme. PhD thesis, Stanford University, 2009. [8] R. Chow, P. Golle, M. Jakobsson, R. Masuoka, and J. Molina, Controlling Data in the Cloud : Outsourcing Computation without Outsourcing Control. CCSW’09, pp. 85-90, Chicago, Illinois, USA, November 13, 2009. [9] B. Chor, E. Kushilevitz, O. Goldreich, and M. Sudan, Private Information Retrieval, Journal of the ACM, 45(6): pp. 965-982, 1998. [10] M. Raykova, B. Vo, and S. Bellovin, Secure Anonymous Database Search, CCSW’09, pp. 115-126, Chicago, Illinois, USA, November 13, 2009. [11] N. Shang, G. Ghinita, Y. Zhou, and E. Bertino, Controlling Data Disclosure in Computational PIR Protocols. ASIACCS’10, pp. 310-313, Beijing, China, April 13–16, 2010. [12] T. Nakamura, S. Inenaga, D. Ikeda, K. Baba, H. Yasuura, Anonymous Authentication Systems Based on Private Information Retrieval. Networked Digital Technologies. NDT '09, pp.53-58, 28-31 July 2009. [13] S. Yinan and Z. Cao, Extended Attribute Based Encryption for Private Information Retrieval. Mobile Adhoc and Sensor Systems, 2009. MASS '09, pp. 702- 707, 12-15 Oct. 2009. [14] C. Gentry and Z. Ramzan, Single-Database Private Information Retrieval with Constant Communication Rate. ICALP 2005, LNCS 3580, pp. 803–815, 2005. [15] C. A. Melchor and P. Gaborit, A Fast Private Information Retrieval Protocol. ISIT 2008, pp. 1848-1852, Toronto, Canada, July 6 - 11, 2008.
- 24. 23 January 2020 24 IIT, Jahangirnagar University
- 25. 23 January 2020 25 IIT, Jahangirnagar University Any Question Please