A General Design Method of Constructing Fully Homomorphic Encryption with Ciphertext Matrix

( Xinxia Song ),( Zhigang Chen ) 한국인터넷정보학회 2019 KSII Transactions on Internet and Information Syst Vol.13 No.5

It is important to construct fully homomorphic encryption with ciphertext matrix that makes fully homomorphic encryption become very nature and simple. We present a general design method of constructing fully homomorphic encryption whose ciphertext is matrix. By using this design method, we can deduce a fully homomorphic encryption scheme step by step based on a basic encryption scheme. The process of deduction is similar to solving equation and the final output result is a fully homomorphic encryption scheme with ciphertext matrix. The idea of constructing ciphertext matrix is ciphertexts stack, which don’t simply stack ciphertexts together but is to obtain the desired homomorphic property. We use decryption structure as tool to analyze homomorphic property and noise growth during homomorphic evaluation. By using this design method, we obtain three corresponding fully homomorphic encryption schemes. Our obtained fully homomorphic encryption schemes are more efficient. Finally, we introduce the adversary advantage and improve the previous method of estimating concert parameters of fully homomorphic encryption. We give the concert parameters of these schemes.

프라이버시 보장형 연관성 분석을 위한 동형암호 기반 지지도 계산

박윤수,숙쿤리닌,이문규 한국정보과학회 2024 정보과학회논문지 Vol.51 No.3

Homomorphic encryption is a cryptographic scheme that enables computation on ciphertexts without decryption. Homomorphic encryption is attracting attention as a cryptographic technology that can solve the issue of user privacy invasion in machine learning and cloud services. A representative scheme of homomorphic encryption is the CKKS scheme. CKKS is an approximate homomorphic encryption scheme that supports real and complex number operations. In this paper, we propose a method to efficiently compute support among evaluation metrics of association analysis using CKKS scheme, and a method to compute supports in parallel using matrix multiplication for multiple itemsets. We implemented and evaluated the proposed method to compute supports using the HEaaN library. According to evaluation results, the support value calculated by the proposed method was almost identical to that calculated without encryption, confirming that the proposed method could effectively calculate the support value while protecting user data privacy.

CRT-based Fully Homomorphic Encryption over the Integers

Cheon, J.H.,Kim, J.,Lee, M.S.,Yun, A. North-Holland [etc ; Elsevier Science Ltd 2015 Information sciences Vol.310 No.-

In 1978, Rivest, Adleman and Dertouzos introduced the basic concept of privacy homomorphism that allows computation on encrypted data without decryption. It was an interesting work whose idea precedes the recent development of fully homomorphic encryption, although actual example schemes proposed in the paper are all susceptible to simple known-plaintext attacks. In this paper, we revisit one of their proposals, in particular the third scheme which is based on the Chinese Remainder Theorem and is ring homomorphic. It is known that only a single pair of known plaintext/ciphertext is needed to break this scheme. However, by exploiting the standard technique to insert an error to a message before encryption, we can cope with this problem. We present a secure modification of their proposal by showing that the proposed scheme is fully homomorphic and secure against the chosen plaintext attacks under the approximate GCD assumption and the sparse subset sum assumption when the message space is restricted to Z<SUB>2</SUB><SUP>k</SUP>. Interestingly, the proposed scheme can be regarded as a generalization of the DGHV scheme with larger plaintext space. Our scheme has O~(λ<SUP>5</SUP>) ciphertext expansion overhead while the DGHV has O~(λ<SUP>8</SUP>) for the security parameter λ. When restricted to the homomorphic encryption scheme with depth of O(logλ), the overhead is reduced to O~(λ). Our scheme can be used in applications requiring a large message space Z<SUB>Q</SUB> for logQ=O(λ<SUP>4</SUP>), or SIMD style operations on Z<SUB>Q</SUB><SUP>k</SUP> for logQ=O(λ),k=O(λ<SUP>3</SUP>), with O~(λ<SUP>5</SUP>) ciphertext size as in the DGHV.

국방 클라우드 컴퓨팅 암호화 효율적 구현 방안 연구

양현상 ( Hyeonsang Yang ) 한국국방기술학회 2020 한국국방기술학회 논문지 Vol.2 No.1

본 연구는 클라우드 컴퓨팅 암호화를 위해 동형암호에 관해 기존 문헌들의 연구 결과를 토대로 동형암호의 장단점에 대한 분석을 근거하여 동형암호 적용방법을 통해 효율적인 구현을 위한 방안을 제시하고자 한다. 이를 위해 동형암호를 IT 기술 구현 및 표준화하려는 방법이 필요하다. 본 연구에서는 동형암호 개념 이해하고 동형암호 구현을 위한 장·단점을 분석하고 효율적 구현 방법을 소개하고자 한다. This study aims to propose a method for efficient implementation through a method of applying isomorphic encryption based on the analysis of the strengths and weaknesses of isomorphic encryption based on the research results of existing literature on isotype encryption for cloud computing encryption. For this, it is necessary to implement and standardize homomorphic cryptography in IT technology. In this study, we intend to understand the concept of homomorphic cryptography, analyze the advantages and disadvantages of implementing homomorphic cryptography, and introduce efficient implementation methods.

Secure Outsourced Computation of Multiple Matrix Multiplication Based on Fully Homomorphic Encryption

( Shufang Wang ),( Hai Huang ) 한국인터넷정보학회 2019 KSII Transactions on Internet and Information Syst Vol.13 No.11

Fully homomorphic encryption allows a third-party to perform arbitrary computation over encrypted data and is especially suitable for secure outsourced computation. This paper investigates secure outsourced computation of multiple matrix multiplication based on fully homomorphic encryption. Our work significantly improves the latest Mishra et al.’s work.We improve Mishra et al.’s matrix encoding method by introducing a column-order matrix encoding method which requires smaller parameter. This enables us to develop a binary multiplication method for multiple matrix multiplication, which multiplies pairwise two adjacent matrices in the tree structure instead of Mishra et al.’s sequential matrix multiplication from left to right. The binary multiplication method results in a logarithmic-depth circuit, thus is much more efficient than the sequential matrix multiplication method with linear-depth circuit. Experimental results show that for the product of ten 32×32 (64×64) square matrices our method takes only several thousand seconds while Mishra et al.’s method will take about tens of thousands of years which is astonishingly impractical. In addition, we further generalize our result from square matrix to non-square matrix. Experimental results show that the binary multiplication method and the classical dynamic programming method have a similar performance for ten non-square matrices multiplication.

Minimizing Cipher Text in Homomorphic Encryption Scheme for Cloud Data

Manish M. Potey C. A. Dhote,Deepak H. Sharma 사단법인 인문사회과학기술융합학회 2016 예술인문사회융합멀티미디어논문지 Vol.6 No.8

Cloud data security is major concern in cloud computing. Cloud data security must satisfy the three goals of security in computing - integrity, confidentiality and availability issues. Homomorphic encryption is a technique in which user or cloud service provider (CSP) can perform operations on cloud data without performing decryption. Many algorithms are available for homomorphic encryption. But these algorithms generate large size cipher text. This paper focuses on homomorphic encryption with small size cipher text. The cipher text created here is compared with Paillier encryption scheme and with our earlier approaches. In experimentation of this algorithm data is stored in DynamoDB of Amazon Web service (AWS) public cloud. When user requires data it can be downloaded on users machine and then decrypted. It is observed that it saves 20-40% memory space using this approach.

Similarity measurement based on Min-Hash for Preserving Privacy

차현종,양호경,송유진 국제문화기술진흥원 2022 International Journal of Advanced Culture Technolo Vol.10 No.2

Because of the importance of the information, encryption algorithms are heavily used. Raw data is encrypted and secure, but problems arise when the key for decryption is exposed. In particular, large-scale Internet sites such as Facebook and Amazon suffer serious damage when user data is exposed. Recently, research into a new fourth-generation encryption technology that can protect user-related data without the use of a key required for encryption is attracting attention. Also, data clustering technology using encryption is attracting attention. In this paper, we try to reduce key exposure by using homomorphic encryption. In addition, we want to maintain privacy through similarity measurement. Additionally, holistic similarity measurements are time-consuming and expensive as the data size and scope increases. Therefore, Min-Hash has been studied to efficiently estimate the similarity between two signatures Methods of measuring similarity that have been studied in the past are time-consuming and expensive as the size and area of data increases. However, Min-Hash allowed us to efficiently infer the similarity between the two sets. Min-Hash is widely used for anti-plagiarism, graph and image analysis, and genetic analysis. Therefore, this paper reports privacy using homomorphic encryption and presents a model for efficient similarity measurement using Min-Hash.

SVM을 이용한 동형암호화된 신용평가 모델 학습

이은민,이주희 한국정보통신학회 2023 한국정보통신학회논문지 Vol.27 No.9

최근 빅데이터를 다루기 위한 기계학습과 클라우드 컴퓨팅 기술이 발전함에 따라 개인정보를 보호하는 기계학습(Privacy-Preserving Machine Learning)이 화두가 되고 있다. 동형암호는 암호화된 상태에서 데이터의 연산이 가능하며, 양자컴퓨터를 이용한 공격에도 안전한 차세대 암호 기술이다. 본 연구에서는 개인정보보호를 위한 동형암호화된 기계학습 시나리오 중, 금융 데이터를 바탕으로 채무 불이행 확률을 예측하고 대출 여부를 결정하기 위한 신용평가 모델을 학습하는 방법을 다룬다. 먼저, 신용평가 모델을 학습하고 활용하는 일련의 과정에 대해 구체적인 시나리오를 구성하고, 안전성 요구조건을 정의한다. 또한, 신용평가에서 분류 정확도가 높은 Support Vector Machine(SVM) 학습 알고리즘을 사용하여 신용평가에 최적화된 분류 모델을 학습시킨다. 이때 SVM 학습 알고리즘으로는 동형암호 연산 적용에 적합하게 변환할 수 있는 LS(Linear Square)-SVM 모델을 적용하여 효율적인 신용평가 모델 학습 시스템을 제안한다. 본 연구를 통해 데이터 소유자의 민감한 개인정보를 보호하는 암호화된 신용평가 모델 학습이 가능하며, 학습 결과로 얻은 SVM 모델을 사용하면 신용평가 예측 결과의 정확도를 높일 수 있을 것으로 예상된다. Recently, the development of machine learning and cloud computing has led to the rise of Privacy-Preserving Machine Learning (PPML). Homomorphic encryption enables computations over encrypted data without decryption, and it is secure against adversaries that use quantum computers. This study focuses on learning a credit evaluation model to determine loan eligibility using homomorphic encryption. The study outlines a concrete scenario for learning and using the credit evaluation model in a privacy-preserving way and defines the security requirements. To optimize the credit evaluation model, we use a Support Vector Machine (SVM) training algorithm with high classification accuracy. This paper proposes an efficient credit evaluation model learning system using LS(Linear Square)-SVM model, which is recomposed to an HE-friendly computation. It enables learning of a credit evaluation model over encrypted data while protecting user’s sensitive information and increases the accuracy of credit evaluation predictions.

Privacy-Preserving Cloud Data Security: Integrating the Novel Opacus Encryption and Blockchain Key Management

S. Poorani,R. Anitha 한국인터넷정보학회 2023 KSII Transactions on Internet and Information Syst Vol.17 No.11

With the growing adoption of cloud-based technologies, maintaining the privacy and security of cloud data has become a pressing issue. Privacy-preserving encryption schemes are a promising approach for achieving cloud data security, but they require careful design and implementation to be effective. The integrated approach to cloud data security that we suggest in this work uses CogniGate: the orchestrated permissions protocol, index trees, blockchain key management, and unique Opacus encryption. Opacus encryption is a novel homomorphic encryption scheme that enables computation on encrypted data, making it a powerful tool for cloud data security. CogniGate Protocol enables more flexibility and control over access to cloud data by allowing for fine-grained limitations on access depending on user parameters. Index trees provide an efficient data structure for storing and retrieving encrypted data, while blockchain key management ensures the secure and decentralized storage of encryption keys. Performance evaluation focuses on key aspects, including computation cost for the data owner, computation cost for data sharers, the average time cost of index construction, query consumption for data providers, and time cost in key generation. The results highlight that the integrated approach safeguards cloud data while preserving privacy, maintaining usability, and demonstrating high performance. In addition, we explore the role of differential privacy in our integrated approach, showing how it can be used to further enhance privacy protection without compromising performance. We also discuss the key management challenges associated with our approach and propose a novel blockchain-based key management system that leverages smart contracts and consensus mechanisms to ensure the secure and decentralized storage of encryption keys.

동형암호기반의 안전한 와일드카드 쿼리

김명선 보안공학연구지원센터(JSE) 2017 보안공학연구논문지 Vol.14 No.2

본 논문에서는 사용자가 원격 서버에 데이터베이스를 아웃소싱 (Outsourcing)한 후, 안전하게 쿼리 (Query)하는 기법에 대한 것으로 특히 쿼리문 (Query Statement)이 와일드카드 문자 (Wildcard Character)를 포함한 쿼리를 안전하게 처리하는 방법을 다룬다. 이러한 안전한 와일드카드 쿼리 문제 를 해결하기 위하여 서버의 데이터베이스에 저장할 문자열을 길이 Τ의 부분문자열로 분할하여 Τ- gram 을 만들고 이것을 다항식으로 확장하는 방식을 핵심 아이디어로 한다. 좀 더 구체적으로, 서버에 저장하는 문자열을 Τ- gram 의 다항식 Q Τ(x)로 표현한 후 와일드카드 쿼리의 조건문에 포함 된 문자열 p를 근 (Root)으로 다항식의 값을 계산하여 결과가 Q Τ(p) = 0 이면 주어진 문자열이 와일 드카드 패턴에 있는 문자열 p를 포함하는 것으로 판단한다. 데이터베이스에 저장된 데이터가 매우 민감한 경우를 고려하여 기반암호기법으로 암호화된 상태에서 산술연산을 지원하는 완전동형암호 (Fully Homomorphic Encryption)를 사용한다. 동형암호의 특성을 활용하여 모든 연산을 암호화된 상 태에서 수행할 수 있어 기반암호기법에서 제공하는 수준의 안전성을 보장할 수 있고, 프로토콜 수행 을 위한 Multiplicative Depth가 기껏해야 O (log2 k) 로서 효율적이다, 여기서 k 는 저장된 문자열의 길이이다. In this paper, we deal with a method to securely process a query to a database outsourced to a remote server. In particular we are interested in a wildcard query in which a database query statement contains a wildcard character. Moreover, we consider a setting where users’ data are very sensitive (e.g., medical information) so that they should be handled very carefully in the light of security. To this end, we use a fully homomorphic encryption scheme as a baseline encryption. Together with this encryption scheme, our basic idea to the wildcard query problem is to segment an input string as Τ- gram and to represent the Τ- gram into the correspnong polynomial Q Τ(x) . Later a user sends a wildcard pattern including p , then the server evaluate the polynomial as Q Τ(p) , and so if the evaluation result is equal to 0, then it implies that the string involves the pattern p as a substring. All computations are performed on encryptions so that we can guarantee that it is as secure as the baseline encryption scheme applied to the protocol. Finally our construction only requires multiplicative depth O (log2k) where k is the maximum length of strings.