c hiffrement compl tement homomorphe
play

C HIFFREMENT ( COMPLTEMENT ) HOMOMORPHE : DE LA THORIE LA PRATIQUE - PowerPoint PPT Presentation

Jun 20, 2023 •167 likes •1.03k views

C HIFFREMENT ( COMPLTEMENT ) HOMOMORPHE : DE LA THORIE LA PRATIQUE Tancrde Lepoint CryptoExperts Sminaire sur la Confiance Numrique Jeudi 9 Octobre 2014 Outline 1. Introduction 1.1 What is Fully Homomorphic Encryption? Use

  1. C HIFFREMENT ( COMPLÈTEMENT ) HOMOMORPHE : DE LA THÉORIE À LA PRATIQUE Tancrède Lepoint CryptoExperts Séminaire sur la Confiance Numérique – Jeudi 9 Octobre 2014

  2. Outline 1. Introduction 1.1 What is Fully Homomorphic Encryption? Use Cases? 1.2 Somewhat Homomorphic Encryption over the Integers 2. Implementations and Cloud Communications 2.1 Pointers to Implementations and Libraries 2.2 Cloud Communication Issues 2 / 36

  3. Outline 1. Introduction 1.1 What is Fully Homomorphic Encryption? Use Cases? 1.2 Somewhat Homomorphic Encryption over the Integers 2. Implementations and Cloud Communications 2.1 Pointers to Implementations and Libraries 2.2 Cloud Communication Issues 2 / 36

  4. Encryption Alice Bob “My cell number is 444 264 2999” Eve To:4442642999 (scam) 3 / 36

  5. Encryption Alice Bob ??? 0x93ac584f00. . . 0ab369 Eve ??? To: (scam) 3 / 36

  6. Encryption Alice Bob 0x93ac584f00. . . 0ab369 Eve ??? Alice’s number: 444 264 2999 To: (scam) 3 / 36

  7. One Motivation: Cloud Computing Program or application on connected server(s) rather than locally 4 / 36

  8. Modelization { m i } i f ( m 0 , . . . , m i ) f f is the service provided by the Cloud on your data m i 5 / 36

  9. Confidentiality of Your Data { m i } i { m i } i f ( m 0 , . . . , m i ) f The Cloud knows all your data Confidentiality of your data in the Cloud? 6 / 36

  10. Confidentiality of Your Data { m i } i { m i } i f ( m 0 , . . . , m i ) f Secure channel � The Cloud knows all your data Confidentiality of your data in the Cloud? ◮ We assume communication with the Cloud is secure � (e.g. HTTPS) 6 / 36

  11. Confidentiality w.r.t. The Cloud { Enc ( m i ) } i ??? f The Cloud knows nothing about your data ◮ For confidentiality, we use encryption 7 / 36

  12. Confidentiality w.r.t. The Cloud { Enc ( m i ) } i { Enc ( m i ) } i ∈ I Storage/Retrieval The Cloud knows nothing about your data ◮ For confidentiality, we use encryption ◮ Now... limited to storage / retrieval 7 / 36

  13. Confidentiality w.r.t. The Cloud { Enc ( m i ) } i { Enc ( m i ) } i ∈ I Storage/Retrieval The Cloud knows nothing about your data ◮ For confidentiality, we use encryption ◮ Now... limited to storage / retrieval ◮ This is not even what Dropbox / Google Drive / Microsoft OneDrive / Amazon S2 / iCloud Drive / etc. are doing ◮ Allow access control and sharing, interaction with whole app universe, etc. 7 / 36

  14. Operating on Encrypted Data [ RivestAdlemanDertouzos78 ] Going beyond the storage / retrieval of encrypted data by permitting encrypted data to be operated on for interesting operations, in a public fashion? 8 / 36

  15. Operating on Encrypted Data [ RivestAdlemanDertouzos78 ] Going beyond the storage / retrieval of encrypted data by permitting encrypted data to be operated on for interesting operations, in a public fashion? ◮ Additive Homomorphic Encryption: E = Enc ( a ) + Enc ( b ) ⇒ Dec ( E ) = a + b e.g. Paillier’s cryptosystem [ Paillier99 ] c = g m · r N mod N 2 c ′ = g m ′ · r ′ N mod N 2 ⇒ c · c ′ = g m + m ′ · ( r · r ′ ) N mod N 2 8 / 36

  16. Operating on Encrypted Data [ RivestAdlemanDertouzos78 ] Going beyond the storage / retrieval of encrypted data by permitting encrypted data to be operated on for interesting operations, in a public fashion? ◮ Additive Homomorphic Encryption: E = Enc ( a ) + Enc ( b ) ⇒ Dec ( E ) = a + b ◮ Multiplicative Homomorphic Encryption: E = Enc ( a ) × Enc ( b ) Dec ( E ) = a × b ⇒ e.g. ‘textbook ElGamal’ � g y , m · ( g x ) y � c = � g y + y ′ , ( m · m ′ ) · ( g x ) y + y ′ � g y ′ , m ′ · ( g x ) y ′ � ⇒ c ⊙ c ′ = � c ′ = 8 / 36

  17. Operating on Encrypted Data [ RivestAdlemanDertouzos78 ] Going beyond the storage / retrieval of encrypted data by permitting encrypted data to be operated on for interesting operations, in a public fashion? ◮ Additive Homomorphic Encryption: E = Enc ( a ) + Enc ( b ) Dec ( E ) = a + b ⇒ ◮ Multiplicative Homomorphic Encryption: E = Enc ( a ) × Enc ( b ) ⇒ Dec ( E ) = a × b FULLY Homomorphic Encryption : Additive and Multiplicative on { 0,1 } 8 / 36

  18. Fully Homomorphic Encryption Enable unlimited computation on encrypted data (w.l.o.g. m i ’s are bits and f Boolean circuit) pk FHE { Enc FHE ( m i ) } i Enc FHE ( f ( m 0 , . . . , m i )) f ( public homomorphic computations) 9 / 36

  19. Towards Fully Homomorphic Encryption ◮ [ RivestAdlemanDertouzos78 ] : notion of privacy homomorphism ◮ [ GoldwasserMicali84 ] : XOR of bits ◮ [ ElGamal84 ] : multiplication mod p ◮ [ Paillier98 ] : addition mod N = pq ◮ [ BonehGohNissim05 ] : additions and one multiplication mod p 10 / 36

  20. Towards Fully Homomorphic Encryption ◮ [ RivestAdlemanDertouzos78 ] : notion of privacy homomorphism ◮ [ GoldwasserMicali84 ] : XOR of bits ◮ [ ElGamal84 ] : multiplication mod p ◮ [ Paillier98 ] : addition mod N = pq ◮ [ BonehGohNissim05 ] : additions and one multiplication mod p ◮ [ Gentry09 ] : additions and multiplications mod 2! 10 / 36

  21. Awesome! Can We Use It? ◮ In theory , plentiful of applications ◮ Everything can be viewed as a circuit ◮ Humongous potential ◮ Solve many problems on privacy 11 / 36

  22. Awesome! Can We Use It? ◮ In theory , plentiful of applications ◮ Everything can be viewed as a circuit ◮ Humongous potential ◮ Solve many problems on privacy ◮ In practice ... problem because of sequential homomorphic multiplications! ◮ State-of-the-art in 2011: 30 minutes after each bit-multiplication 11 / 36

  23. Awesome! Can We Use It? ◮ In theory , plentiful of applications ◮ Everything can be viewed as a circuit ◮ Humongous potential ◮ Solve many problems on privacy ◮ In practice ... problem because of sequential homomorphic multiplications! ◮ State-of-the-art in 2011: 30 minutes after each bit-multiplication ◮ State-of-the-art in 2014: not much better... for fully homomorphic encryption ◮ (But I heard about exciting new results to come...) 11 / 36

  24. (Fully ?) Homomorphic Encryption Question [ NaehrigLauterVaikuntanathan12 ] : Do we really need fully homomorphic encryption? 12 / 36

  25. (Fully ?) Homomorphic Encryption Question [ NaehrigLauterVaikuntanathan12 ] : Do we really need fully homomorphic encryption? ◮ Work over bits? � 10 ◮ e.g. computing i = 1 t i where t i are 8-bit values: ◮ 135 ‘ × ’ and ‘ × depth’ = 8 if working over bits [ FauSirdeyFontaineAguilar-MelchorGogniat13 ] ◮ 0 ‘ × ’ if plaintext space is ≥ 2560 12 / 36

  26. (Fully ?) Homomorphic Encryption Question [ NaehrigLauterVaikuntanathan12 ] : Do we really need fully homomorphic encryption? ◮ Work over bits? � 10 ◮ e.g. computing i = 1 t i where t i are 8-bit values: ◮ 135 ‘ × ’ and ‘ × depth’ = 8 if working over bits [ FauSirdeyFontaineAguilar-MelchorGogniat13 ] ◮ 0 ‘ × ’ if plaintext space is ≥ 2560 ◮ “Real World”: limited number of multiplications ◮ Statistics on medical data: mean, variance, linear regression, etc. ◮ Geolocalization (Euclidean distance, etc.) 12 / 36

  27. Somewhat Homomorphic Encryption ◮ Somewhat Homomorphic Encryption (SHE): limited number of homomorphic operations ◮ Know in advance the × depth of the circuit to be evaluated SHE is sufficient for many applications, and this is on what we (& the community) focus on 13 / 36

  28. Somewhat Homomorphic Encryption ◮ Somewhat Homomorphic Encryption (SHE): limited number of homomorphic operations ◮ Know in advance the × depth of the circuit to be evaluated SHE is sufficient for many applications, and this is on what we (& the community) focus on ◮ Interestingly enough: FHE = (SHE that evaluates its decryption circuit) [ Gentry09 ] ◮ If c = Enc ( m ) , run homomorphically Dec : � � � � � � c result = Enc Dec ( c ) = Enc Dec ( Enc ( m )) = Enc m 13 / 36

  29. Use-Cases? Information and Communications Technologies call for projects (H2020) Construction of “Resource efficient, real-time, highly secure fully homomorphic cryptography” is a key challenge ◮ We need to focus on applications driven by real use-cases having small multiplicative depth ◮ Statistical Computations ◮ Mean ◮ Standard deviation ◮ Genomics (e.g. χ 2 test: statistical tests) ◮ Machine learning ◮ ... 14 / 36

  30. Mean ◮ Cloud want to compute the mean on private values { x 1 ,..., x n } n � � � ¯ x = x i / n i = 1 ◮ SHE encryption scheme Enc (with decryption Dec ) 15 / 36

  31. Mean ◮ Cloud want to compute the mean on private values { x 1 ,..., x n } n � � � ¯ x = x i / n i = 1 ◮ SHE encryption scheme Enc (with decryption Dec ) � n 1. We can assume that n is public, so we only need to compute i = 1 x i 15 / 36

  32. Mean ◮ Cloud want to compute the mean on private values { x 1 ,..., x n } n � � � ¯ x = x i / n i = 1 ◮ SHE encryption scheme Enc (with decryption Dec ) � n 1. We can assume that n is public, so we only need to compute i = 1 x i 2. The cloud has Enc ( x 1 ) ,..., Enc ( x n ) 15 / 36

  33. Mean ◮ Cloud want to compute the mean on private values { x 1 ,..., x n } n � � � ¯ x = x i / n i = 1 ◮ SHE encryption scheme Enc (with decryption Dec ) � n 1. We can assume that n is public, so we only need to compute i = 1 x i 2. The cloud has Enc ( x 1 ) ,..., Enc ( x n ) 3. The cloud can homomorphically compute and send back to me X = Enc ( x 1 ) + ··· + Enc ( x n ) 15 / 36

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hans Vangheluwe Software? Model Everything! Compl. Causes Dealing with Compl. MPM Software?

Hans Vangheluwe Software? Model Everything! Compl. Causes Dealing with Compl. MPM Software?

Software? Model Everything! Compl. Causes Dealing with Compl. MPM Software Intensive Systems: Dealing with Complexity Hans Vangheluwe Software? Model Everything! Compl. Causes Dealing with Compl. MPM Software? Model Everything! Compl.

1.06k views • 84 slides
Hans Vangheluwe Software? Model Everything! Compl. Causes Dealing with Compl. MPM Software?

Hans Vangheluwe Software? Model Everything! Compl. Causes Dealing with Compl. MPM Software?

Software? Model Everything! Compl. Causes Dealing with Compl. MPM Software Intensive Systems: Dealing with Complexity Hans Vangheluwe Software? Model Everything! Compl. Causes Dealing with Compl. MPM Software? Model Everything! Compl.

1.17k views • 95 slides
CASE ST UDY ON CL E AN AI R ACT COMPL I ANCE AND A PRAGMAT I C APPROACH T O AMBI E NT

CASE ST UDY ON CL E AN AI R ACT COMPL I ANCE AND A PRAGMAT I C APPROACH T O AMBI E NT

CASE ST UDY ON CL E AN AI R ACT COMPL I ANCE AND A PRAGMAT I C APPROACH T O AMBI E NT AI R DAT A QUAL I T Y ASSURANCE pre se nte d b y Andre s Quija no a nd Ma x Gre e ne CLEAN AIR ACT OVERVIEW National Ambient Air Quality

502 views • 26 slides
T ORY F NG RANSI T AT HE RI & COMPL X K N NE S E I T WORK N L OW - I NCOME COMMUNI S

T ORY F NG RANSI T AT HE RI & COMPL X K N NE S E I T WORK N L OW - I NCOME COMMUNI S

T ORY F NG RANSI T AT HE RI & COMPL X K N NE S E I T WORK N L OW - I NCOME COMMUNI S I T I E K EV IN R O Y , P H . D . D EPA RTM ENT O F F A M ILY S C IENC E U NIV ERSITY O F M A RYLA ND , C O LLEG E P A RK S C HO O L O F P UBLIC

772 views • 20 slides
FA FASB SB St State tement No. o. 157 57 Fair ir Value lue Me Measurement surements

FA FASB SB St State tement No. o. 157 57 Fair ir Value lue Me Measurement surements

FA FASB SB St State tement No. o. 157 57 Fair ir Value lue Me Measurement surements John R. Null July 16, 2009 Objec bjectiv tives Overview of fair value Valuation techniques and guidance Specific application to

506 views • 28 slides
SI L VE R ST RAND UNDE RGROUNDI NG OF UT I L I T I E S NAVAL COMPL E XE S ME

SI L VE R ST RAND UNDE RGROUNDI NG OF UT I L I T I E S NAVAL COMPL E XE S ME

SI L VE R ST RAND UNDE RGROUNDI NG OF UT I L I T I E S NAVAL COMPL E XE S ME E T I NG: NOVE MBE R 18, 2019 Unde rg ro und Co nve rsio n Distric t # 20 De sc riptio n: Unde rg ro unding o f the o ve rhe a d

433 views • 10 slides
eTG compl plete ete home e page Searching ching in eTG complete eTG

eTG compl plete ete home e page Searching ching in eTG complete eTG

Welcome to Therapeutic Guidelines eTG complete . The new version of eTG complete , launching in 2016, will be completely upgraded with improved search functions and additional features. eTG compl plete ete home e page Searching ching in eTG

97 views • 8 slides
Presentation Template This deck k is a workb kbook, k, designed d to help p you compl plete

Presentation Template This deck k is a workb kbook, k, designed d to help p you compl plete

Design n X Social Chall llen enge e 2020 Presentation Template This deck k is a workb kbook, k, designed d to help p you compl plete the project succes essfully. Plea ease follow the e instructions provided ded in each slide. de.

495 views • 25 slides
Demons onstration of on of SFAI AIRP f P for or Regul ulator ory Com y Compl pliance f

Demons onstration of on of SFAI AIRP f P for or Regul ulator ory Com y Compl pliance f

Demons onstration of on of SFAI AIRP f P for or Regul ulator ory Com y Compl pliance f for or Maj ajor or Hazard F Facilities Raghu Raman, Joel Leonard and Philip Skinner - Arriscar Pty Limited AIDGC Annual Conference, Sydney, 8

546 views • 19 slides
Tete terbor rboro Ai Airport ort Noise se Ab Abate tement ment Ad Advisory ory Co

Tete terbor rboro Ai Airport ort Noise se Ab Abate tement ment Ad Advisory ory Co

Tete terbor rboro Ai Airport ort Noise se Ab Abate tement ment Ad Advisory ory Co Commi mitt ttee ee 2019 Th Three ee Quar uarte ter Yea ear Rep eport ort Ga Gabri riel An Andino Mich chael ael Fiscu cus

395 views • 14 slides
CORPORATE PRESENTATION May 2018 For orward ard-Lo Looking oking Sta tate tement ment

CORPORATE PRESENTATION May 2018 For orward ard-Lo Looking oking Sta tate tement ment

Exploring to Discover CORPORATE PRESENTATION May 2018 For orward ard-Lo Looking oking Sta tate tement ment This presentation may contain forward-looking statements within the meaning of the Canadian securities legislation and the United

411 views • 38 slides
DM M Sear earch C ch Compl omplem ement entarity E Empl mployi oying ng pMSSM SSM SU

DM M Sear earch C ch Compl omplem ement entarity E Empl mployi oying ng pMSSM SSM SU

DM M Sear earch C ch Compl omplem ement entarity E Empl mployi oying ng pMSSM SSM SU SUSY SY . M. C Cahill ill-Row owley, ey, R. C Cotta tta, , A. D . Drlic ica-Wagner gner, S. S. Fu Funk, , J. . Gain iner, J.

1.26k views • 81 slides
CORPORATE PRESENTATION April 2018 For orward ard-Lo Looking oking Sta tate tement ment

CORPORATE PRESENTATION April 2018 For orward ard-Lo Looking oking Sta tate tement ment

Exploring to Discover CORPORATE PRESENTATION April 2018 For orward ard-Lo Looking oking Sta tate tement ment This presentation may contain forward-looking statements within the meaning of the Canadian securities legislation and the

577 views • 38 slides
Mis ission Sta tate tement The Central Okanagan Bursary and Scholarship Society (COBSS) is a

Mis ission Sta tate tement The Central Okanagan Bursary and Scholarship Society (COBSS) is a

Mis ission Sta tate tement The Central Okanagan Bursary and Scholarship Society (COBSS) is a non-profit group of volunteers from the Central Okanagan area who are dedicated to providing financial assistance to our Grade 12 graduates in order

639 views • 20 slides
Investor Presentation ASX:CWX December, 2017 COMPL PLIA IANCE, NCE, DISCL CLAIM AIMER ER

Investor Presentation ASX:CWX December, 2017 COMPL PLIA IANCE, NCE, DISCL CLAIM AIMER ER

Exploration Gold Copper Base Metals Investor Presentation ASX:CWX December, 2017 COMPL PLIA IANCE, NCE, DISCL CLAIM AIMER ER AND ND CAUTIO IONARY ARY STATEM ATEMEN ENTS S The Presentation Materials include information that

288 views • 16 slides
AkPhA Legislative Update: Pertinent Pharmacy Legislative Issues Purpose ose State tement: t:

AkPhA Legislative Update: Pertinent Pharmacy Legislative Issues Purpose ose State tement: t:

2/4/2019 AkPhA Legislative Update: Pertinent Pharmacy Legislative Issues Purpose ose State tement: t: To educat ate e pharmac acis ists ts on current ent Government/ ent/Regu gulator latory issues es on both the nation onal al

526 views • 17 slides
Clustering Eric Xing 2 1 Object Recognition and Tracking (1.9, 9.0, 2.1) (1.8, 7.4, 2.3)

Clustering Eric Xing 2 1 Object Recognition and Tracking (1.9, 9.0, 2.1) (1.8, 7.4, 2.3)

School of Computer Science Infinite Mixture and Dirichlet Process Probabilistic Graphical Models (10- Probabilistic Graphical Models (10 -708) 708) Lecture 20, Nov 28, 2007 Receptor A Receptor A X 1 X 1 X 1 Receptor B Receptor B X 2 X 2

431 views • 14 slides
1. 2.

1. 2.

1. 2. 3. 4. Big Data

274 views • 26 slides
Program Initiatives 3 CBCRP Council Meeting June 7, 2019 CBCRP Program Initiatives 2000 2005

Program Initiatives 3 CBCRP Council Meeting June 7, 2019 CBCRP Program Initiatives 2000 2005

Updates on Program Initiatives 3 CBCRP Council Meeting June 7, 2019 CBCRP Program Initiatives 2000 2005 2010 2015 2020 2025 Special 9 sub-initiatives Environmental PI1 26 grants Research effects ~ $21 million Health

714 views • 13 slides
Derivational paradigms: pushing the analogy Olivier Bonami 1 & Jana Strnadov 2 1 Universit

Derivational paradigms: pushing the analogy Olivier Bonami 1 & Jana Strnadov 2 1 Universit

Derivational paradigms: pushing the analogy Olivier Bonami 1 & Jana Strnadov 2 1 Universit Paris Diderot 2 Google, Inc. Paradigms in Word Formation @ SLE, August 2016 1 Introduction Two ways of using the notion of paradigm in word

447 views • 34 slides
Dependence and Independence: a Logical Approach Applications of team semantics Jouko V a

Dependence and Independence: a Logical Approach Applications of team semantics Jouko V a

Dependence and Independence: a Logical Approach Applications of team semantics Jouko V a an anen SLS, August 2014 Jouko V a an anen Dependence and Independence SLS, August 2014 1 / 78 Team semantics Single assignments

1.08k views • 81 slides
Who is CAPA? Industry Membership Partners 26 Members 147 Assoc./Affiliates 80 Local Agencies

Who is CAPA? Industry Membership Partners 26 Members 147 Assoc./Affiliates 80 Local Agencies

3/12/2020 2020 Asphalt & Airport Pavement Meeting Asphalt & Airport Pavement Meeting 1 Who is CAPA? Industry Membership Partners 26 Members 147 Assoc./Affiliates 80 Local Agencies 2 1 3/12/2020 Industry Partners 3 Rocky

819 views • 62 slides
Crowdsourcing dialectology in the undergraduate classroom Laurel

Crowdsourcing dialectology in the undergraduate classroom Laurel

Crowdsourcing dialectology in the undergraduate classroom Laurel MacKenzie George Bailey Danielle Turton University of Manchester Methods in Dialectology

832 views • 44 slides
Joshua 2:1-7 Joshua the son of Nun sent out of Shittim two men as spies secretly, saying, Go, view

Joshua 2:1-7 Joshua the son of Nun sent out of Shittim two men as spies secretly, saying, Go, view

Speaking A Lie In Love ? Is it ever the will of God for Christians to lie? Joshua 2:1-7 Joshua the son of Nun sent out of Shittim two men as spies secretly, saying, Go, view the land, and Jericho. They went and came into the house of a prostitute

1.1k views • 64 slides

More recommend