SlideShare ist ein Scribd-Unternehmen logo

Homomorphic encryption on Blockchain Principles

Johann Höchtl
Johann Höchtl

Basics of Holomorphic Encryption Blockchain Principles, Enigma and ShareMind

Technologie
1 von 31
Downloaden Sie, um offline zu lesen
Homomorphic encryption Secure Multiparty Computation on the Blockchain?
Homomorphic encryption The “holy grail” of cryptography Its cryptographic magic Voodoo
Process data without “seeing” it Image processor in the darkroom 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Homomorphism? • H1 and H2 have a different “shape” • They are not easily comparable • Yet they share the same expressive power r p q s t rp q s t H1 H2 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Homomorphic encryption Form of encryption which allows specific types of computations to be carried out on ciphertext and obtain an encrypted result, which decrypted, matches the result of operations performed on the plaintext 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Homomorphic encryption Discovered as a “by-product” of RSA-Encryption: has the property: Partially homomorphic as only defined for multiplication 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Fully homomorphic encryption Supports a minimal set of mathematical operations upon all other operations can be derived Proof: Addition ⊕ and Multiplication ⊙ are sufficient to construct arbitrary “circuits” (in mod2 mathematics that’s XOR and AND) 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Real-world Analogy 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Example of a FHE Scheme: Craig Gentie’s Integer scheme 2. To Encrypt a bit b: – pick a random “large” multiple of p, say q·p – pick a random “small” even number 2·r – Ciphertext c = q·p+2·r+b introduce “noise” otherwise same input would result in same encrypted output with adversary giving the possibility to learn from patterns 1. KeyGen Secret key: an n2-bit odd number p 3. To Decrypt a ciphertext c: – c (mod p) = 2·r+b (mod p) = 2·r+b 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Integer addition example • 4+4 (4=bitwise 100) – CT(100): • CT(1) = 1 + 2*3 + 5*3 = 22 • CT(0) = 0 + 2*3 + 5*3 = 21 • CT(0) = 0 + 2*3 + 5*3 = 21 – D(44 42 42): • D(44) = 44 mod 3 = 2 • D(42) = 42 mod 3 = 0 • D(42) = 42 mod 3 = 0 22 21 21 +22 21 21 44 42 42 1000 = 8 = 4+4 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Real-world Analogy Eval [KeyGen, Enc, Dec] 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Symptoms of FHE Problem with noise • Accumulates with every operation • Eventually makes result indecipherable  EVAL: Limited amount of operations allowed until decryption becomes impossible due to accumulated error. Solution: De-crypt intermediary results using an intermediary key 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Re-fresh Keys 1. Operate on problem, until error accumulates preventing decryption 2. Put partly assembled solution into another “box” 3. Use the key within the box#2 to open box#1 4. Continue working on the solution 5. Re-iterate until problem is solved 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Parallelizing Eval Why? 1. FHC is computationally heavy 2. Secret Sharing increases security How • Split analysis problem into sub-problems and distribute computation onto (many) nodes • Problem: Detect whether the participating nodes behave correct and honest 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Secure Multiparty Computations (sMPC) Divide a Secret into slices, requiring n parties to assemble the secret eg. SSS – Shamir Secret Sharing In case you want to protect your login password with a set of ten shares in such a way that any three of them can reconstruct the password, you simply run the command ssss-split -t 3 -n 10 -w passwd http://point-at-infinity.org/ssss/ 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
SPDZ (speedz) an sMPC Protocol including bytecode specification and VM supports distributed computation • addition (linear) • multiplication requiring input data pre-processing and inter-node communication using MAC-based approach to guarantee integrity 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
SPDZ Architecture Overview Compiler Bytecode Program VM (online) Inputs Prep Output optim. http://www.cs.bris.ac.uk/Research/CryptographySecurity/TPMPC/Slides2017/SPDZ.pdf 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
sMPC Challenges Branching? a = if b != 0: c else d Impossible to decide as value of ‘b’ is only visible to data owner Solution: Rewrite conditionals to eagerly evaluate each branch a = (b & c) | ((!b) & d) Cond. Loops? while a < 5: b *= 2 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Blockchain coordinated sMPC • Data sharing among participating parties? • nodes performing computations (addition, multiplication) on encrypted, secretly shared data • Guaranteeing correctness through public ledger consensus 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Downsides of the classical Blockchain approach • Data sharing? Blockchain bad as a database not designed for transaction speed • Distributed computing? Blockchain is a bad execution environment  every node performs every computation • by default not privacy-preserving 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Enigma concept 1. A data owner O off-loads data analytics tasks to the Enigma network. He sets up / obtains an Enigma script which analytically describes the computation and 2. Uploads input data to the DHT. This is done seamlessly by splitting input data into shares that are distributed to the network. 3. The Engima interpreter distributes computational work to Enigma nodes and uses the public ledger (blockchain) to announce computations and pointers to encrypted data. 4. Node A is selected to perform the computation and 5. generates a result which he 6. stores on the public ledger. 7. The data owner can read out the encrypted intermediary results and distribute them to other nodes or assemble the final result. 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Enigma concept Complexity reduction and optimization input [x1] input [x2] sub [x2], [x1]open openy1 y2 mul y1, y2 input [x1] input [x2] sub [x2], [x1] open y1 y2 mul y1, y2 I Input #1 Input #2 Input #3 Input #4 Input #5 Output Addition layer1 Mult. layer1 Addition layer2 Mult. layer2 Output layer Parameter Analysis and result re-useProgram layout analysis and load distribution 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Enigma concept - Incentives General Blockchain network Enigma network • Operations on the Enigma network are still computing-intense and require coordination. • Nodes are encouraged to participate by receiving Bitcoins/any other cryptocurrency for performed operations. • In order to participate as an Enigma node, currency has to be deposited, which in case of other nodes detecting malicious operations such as correctness breaches, will be withdrawn and shared among the benign nodes. 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
sMPC roles I … Input Party, R … Result Party, C … Computing Party I C R SMC Millionaires Problem: Who of two millionaires is richer? I R SMC C Outsourcing computation to the cloud I SMC R C Statistics office wants to get aggregated results from personal data coming from different ministries 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
MPC use cases • Secure cloud computing • Joining distributed containing personnel data sets • Identify patterns in genetic databases • Identify colliding survey-satelites 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
ShareMind – a working implementation • Used in Estonia to analyze personal data from Ministry of Finance and Ministry of Education • Generally available, free for personal/education purpose https://sharemind.cyber.ee/privacy-preserving-policy-decisions/25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Enigma • In development at MIT since 2015 • Blockchain- supported • Not generally available 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Applications in Austria? https://datamarket.at/25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
Reading • Enigma Design Paper http://www.enigma.co/enigma_full.pdf • SPDZ Design and Implementation – https://bristolcrypto.blogspot.co.at/2016/10/what-is-spdz-part-1-mpc-circuit.html – https://eprint.iacr.org/2012/642.pdf – https://www.youtube.com/watch?v=N80DV3Brds0 – http://www.cs.bris.ac.uk/Research/CryptographySecurity/TPMPC/Slides2017/SPDZ.pdf • Craig Gentry: FHE Integer Scheme https://cs.au.dk/~stm/local-cache/gentry-thesis.pdf • Cohen, Gil, et al. ”Efficient multiparty protocols via log-depth threshold formulae.” Advances in CryptologyCRYPTO 2013. Springer Berlin Heidelberg, 2013. 185-202. • A Math Primer for Gentry's Fully Homomorphic Encryption https://community.embarcadero.com/blogs/entry/a-math-primer-for-gentrys-fully- homomorphic-encryption-38577 • Kamm, Liina. ‘Privacy-Preserving Statistical Analysis Using Secure Multi-Party Computation’. Tartu, 2015. Google Scholar. Web. 25 Apr. 2017. https://cyber.ee/uploads/2013/04/kamm_liina_PhD.pdf 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems http://www.slideshare.net/jhoechtl/ http://at.linkedin.com/in/johannhoechtl/ Dr. Johann Höchtl johann.hoechtl@donau-uni.ac.at https://twitter.com/myprivate42
Real World Analogy Theme taken from the original slides of Craig Gentry http://www.di.ens.fr/~pnguyen/LCD/LCD_Gentry.pdf 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems

Empfohlen

Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonZero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
SSIMeetup
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum Cryptography
CSNP
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
Victor Pereira
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
Göktuğ Serez
 
Introduction to Homomorphic Encryption
Introduction to Homomorphic EncryptionIntroduction to Homomorphic Encryption
Introduction to Homomorphic Encryption
Christoph Matthies
 
Homomorphic encryption in cloud computing final
Homomorphic encryption in cloud computing finalHomomorphic encryption in cloud computing final
Homomorphic encryption in cloud computing final
Santanu Das Saan
 
Zero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationZero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and Authentication
Clare Nelson, CISSP, CIPP-E
 
Elliptical curve cryptography
Elliptical curve cryptographyElliptical curve cryptography
Elliptical curve cryptography
Barani Tharan
 

Empfohlen

Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonZero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
SSIMeetup
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum Cryptography
CSNP
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
Victor Pereira
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
Göktuğ Serez
 
Introduction to Homomorphic Encryption
Introduction to Homomorphic EncryptionIntroduction to Homomorphic Encryption
Introduction to Homomorphic Encryption
Christoph Matthies
 
Homomorphic encryption in cloud computing final
Homomorphic encryption in cloud computing finalHomomorphic encryption in cloud computing final
Homomorphic encryption in cloud computing final
Santanu Das Saan
 
Zero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and AuthenticationZero-Knowledge Proofs: Identity Proofing and Authentication
Zero-Knowledge Proofs: Identity Proofing and Authentication
Clare Nelson, CISSP, CIPP-E
 
Elliptical curve cryptography
Elliptical curve cryptographyElliptical curve cryptography
Elliptical curve cryptography
Barani Tharan
 
Applied Cryptography
Applied CryptographyApplied Cryptography
Applied Cryptography
Marcelo Martins
 
Cryptography-Known plain text attack
Cryptography-Known plain text attack Cryptography-Known plain text attack
Cryptography-Known plain text attack
amiteshg
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
Vipin Tejwani
 
Hashing
HashingHashing
Hashing
Hossain Md Shakhawat
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSM
Narudom Roongsiriwong, CISSP
 
Lattice Cryptography
Lattice CryptographyLattice Cryptography
Lattice Cryptography
Priyanka Aash
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
Indra97065
 
Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystem
Abhishek Gautam
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
Kathirvel Ayyaswamy
 
Elliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofElliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge Proof
Arunanand Ta
 
Homomorphic encryption
Homomorphic encryptionHomomorphic encryption
Homomorphic encryption
Namit Sinha
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
Gulcin Yildirim Jelinek
 
Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
A Brief History of Cryptography
A Brief History of CryptographyA Brief History of Cryptography
A Brief History of Cryptography
guest9006ab
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
SAURABHDHAGE6
 
RSA without Padding
RSA without PaddingRSA without Padding
RSA without Padding
Dharmalingam Ganesan
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
Dr.Florence Dayana
 
Public Key Algorithms
Public Key AlgorithmsPublic Key Algorithms
Public Key Algorithms
Bit Hacker
 
Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
7wounders
 
Data compression, data security, and machine learning
Data compression, data security, and machine learningData compression, data security, and machine learning
Data compression, data security, and machine learning
Chris Huang
 
Improving Cloud Efficiency using ECDH, AES & Blowfish Algorithms
Improving Cloud Efficiency using ECDH, AES & Blowfish AlgorithmsImproving Cloud Efficiency using ECDH, AES & Blowfish Algorithms
Improving Cloud Efficiency using ECDH, AES & Blowfish Algorithms
IRJET Journal
 

Weitere ähnliche Inhalte

Was ist angesagt?

6. cryptography
6. cryptography6. cryptography
6. cryptography
7wounders
 

Was ist angesagt? (20)

Applied Cryptography
Applied CryptographyApplied Cryptography
Applied Cryptography
 
Cryptography-Known plain text attack
Cryptography-Known plain text attack Cryptography-Known plain text attack
Cryptography-Known plain text attack
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic Encryption
 
Hashing
HashingHashing
Hashing
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSM
 
Lattice Cryptography
Lattice CryptographyLattice Cryptography
Lattice Cryptography
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
 
Rsa cryptosystem
Rsa cryptosystemRsa cryptosystem
Rsa cryptosystem
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
Elliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge ProofElliptic Curve Cryptography and Zero Knowledge Proof
Elliptic Curve Cryptography and Zero Knowledge Proof
 
Homomorphic encryption
Homomorphic encryptionHomomorphic encryption
Homomorphic encryption
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
 
Cryptography
CryptographyCryptography
Cryptography
 
A Brief History of Cryptography
A Brief History of CryptographyA Brief History of Cryptography
A Brief History of Cryptography
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
 
RSA without Padding
RSA without PaddingRSA without Padding
RSA without Padding
 
2. public key cryptography and RSA
2. public key cryptography and RSA2. public key cryptography and RSA
2. public key cryptography and RSA
 
Public Key Algorithms
Public Key AlgorithmsPublic Key Algorithms
Public Key Algorithms
 
Cryptography
CryptographyCryptography
Cryptography
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 

Ähnlich wie Homomorphic encryption on Blockchain Principles

MPEG-21 Digital Items in Research and Practice
MPEG-21 Digital Items in Research and PracticeMPEG-21 Digital Items in Research and Practice
MPEG-21 Digital Items in Research and Practice
Alpen-Adria-Universität
 
Cloud, Fog, or Edge: Where and When to Compute?
Cloud, Fog, or Edge: Where and When to Compute?Cloud, Fog, or Edge: Where and When to Compute?
Cloud, Fog, or Edge: Where and When to Compute?
Förderverein Technische Fakultät
 
Linked Open Data about Springer Nature conferences. The story so far
Linked Open Data about Springer Nature conferences. The story so farLinked Open Data about Springer Nature conferences. The story so far
Linked Open Data about Springer Nature conferences. The story so far
Aliaksandr Birukou
 
Securing Image Transmission Using in- Compression Encryption Technique
Securing Image Transmission Using in- Compression Encryption TechniqueSecuring Image Transmission Using in- Compression Encryption Technique
Securing Image Transmission Using in- Compression Encryption Technique
CSCJournals
 
Towards a distributed framework to analyze multimodal data.pdf
Towards a distributed framework to analyze multimodal data.pdfTowards a distributed framework to analyze multimodal data.pdf
Towards a distributed framework to analyze multimodal data.pdf
CarlosRodrigues517978
 
Mundi
MundiMundi
Mundi
OCRE | Open Clouds for Research Environments
 
A new RSA public key encryption scheme with chaotic maps
A new RSA public key encryption scheme with chaotic maps A new RSA public key encryption scheme with chaotic maps
A new RSA public key encryption scheme with chaotic maps
IJECEIAES
 
A Software Design and Algorithms for Multicore Capture in Data Center Forensics
A Software Design and Algorithms for Multicore Capture in Data Center ForensicsA Software Design and Algorithms for Multicore Capture in Data Center Forensics
A Software Design and Algorithms for Multicore Capture in Data Center Forensics
Tokyo University of Science
 
Census Hub Project
Census Hub ProjectCensus Hub Project
Census Hub Project
Vincenzo Patruno
 

Ähnlich wie Homomorphic encryption on Blockchain Principles (20)

Data compression, data security, and machine learning
Data compression, data security, and machine learningData compression, data security, and machine learning
Data compression, data security, and machine learning
 
Improving Cloud Efficiency using ECDH, AES & Blowfish Algorithms
Improving Cloud Efficiency using ECDH, AES & Blowfish AlgorithmsImproving Cloud Efficiency using ECDH, AES & Blowfish Algorithms
Improving Cloud Efficiency using ECDH, AES & Blowfish Algorithms
 
From a sea of projects to collaboration opportunities within seconds
From a sea of projects to collaboration opportunities within secondsFrom a sea of projects to collaboration opportunities within seconds
From a sea of projects to collaboration opportunities within seconds
 
Accelerating Media Business Developments, MPEG-M: MPEG Extensible Middleware
Accelerating Media Business Developments, MPEG-M: MPEG Extensible MiddlewareAccelerating Media Business Developments, MPEG-M: MPEG Extensible Middleware
Accelerating Media Business Developments, MPEG-M: MPEG Extensible Middleware
 
MPEG-21 Digital Items in Research and Practice
MPEG-21 Digital Items in Research and PracticeMPEG-21 Digital Items in Research and Practice
MPEG-21 Digital Items in Research and Practice
 
Cloud, Fog, or Edge: Where and When to Compute?
Cloud, Fog, or Edge: Where and When to Compute?Cloud, Fog, or Edge: Where and When to Compute?
Cloud, Fog, or Edge: Where and When to Compute?
 
Linked Open Data about Springer Nature conferences. The story so far
Linked Open Data about Springer Nature conferences. The story so farLinked Open Data about Springer Nature conferences. The story so far
Linked Open Data about Springer Nature conferences. The story so far
 
Information Technology ITM1
Information Technology ITM1Information Technology ITM1
Information Technology ITM1
 
Securing Image Transmission Using in- Compression Encryption Technique
Securing Image Transmission Using in- Compression Encryption TechniqueSecuring Image Transmission Using in- Compression Encryption Technique
Securing Image Transmission Using in- Compression Encryption Technique
 
Towards a distributed framework to analyze multimodal data.pdf
Towards a distributed framework to analyze multimodal data.pdfTowards a distributed framework to analyze multimodal data.pdf
Towards a distributed framework to analyze multimodal data.pdf
 
Mundi
MundiMundi
Mundi
 
RESUME_
RESUME_RESUME_
RESUME_
 
Introduction to HPC Programming Models - EUDAT Summer School (Stefano Markidi...
Introduction to HPC Programming Models - EUDAT Summer School (Stefano Markidi...Introduction to HPC Programming Models - EUDAT Summer School (Stefano Markidi...
Introduction to HPC Programming Models - EUDAT Summer School (Stefano Markidi...
 
A new RSA public key encryption scheme with chaotic maps
A new RSA public key encryption scheme with chaotic maps A new RSA public key encryption scheme with chaotic maps
A new RSA public key encryption scheme with chaotic maps
 
A Software Design and Algorithms for Multicore Capture in Data Center Forensics
A Software Design and Algorithms for Multicore Capture in Data Center ForensicsA Software Design and Algorithms for Multicore Capture in Data Center Forensics
A Software Design and Algorithms for Multicore Capture in Data Center Forensics
 
Access Control &amp; Encryption In Cloud Environments
Access Control &amp; Encryption In Cloud EnvironmentsAccess Control &amp; Encryption In Cloud Environments
Access Control &amp; Encryption In Cloud Environments
 
Cse 318 Project Report on Goethe Institut Bangladesh Network Design
Cse 318 Project Report on Goethe Institut Bangladesh Network DesignCse 318 Project Report on Goethe Institut Bangladesh Network Design
Cse 318 Project Report on Goethe Institut Bangladesh Network Design
 
Internet of Things (IoT) - in the cloud or rather on-premises?
Internet of Things (IoT) - in the cloud or rather on-premises?Internet of Things (IoT) - in the cloud or rather on-premises?
Internet of Things (IoT) - in the cloud or rather on-premises?
 
Census Hub Project
Census Hub ProjectCensus Hub Project
Census Hub Project
 
Hybrid encryption ppt
Hybrid encryption pptHybrid encryption ppt
Hybrid encryption ppt
 

Mehr von Johann Höchtl

Smart Cities, Smart Regions and the Role of Open Data
Smart Cities, Smart Regions and the Role of Open DataSmart Cities, Smart Regions and the Role of Open Data
Smart Cities, Smart Regions and the Role of Open Data
Johann Höchtl
 

Mehr von Johann Höchtl (20)

Performance-indicator based policy-making in Austria
Performance-indicator based policy-making in AustriaPerformance-indicator based policy-making in Austria
Performance-indicator based policy-making in Austria
 
Datenqualität auf Offenen Datenportalen
Datenqualität auf Offenen DatenportalenDatenqualität auf Offenen Datenportalen
Datenqualität auf Offenen Datenportalen
 
ADV FIWARE Workshop starring Docker and Virtualisation
ADV FIWARE Workshop starring Docker and VirtualisationADV FIWARE Workshop starring Docker and Virtualisation
ADV FIWARE Workshop starring Docker and Virtualisation
 
Projektbeschreibung ADEQUATe
Projektbeschreibung ADEQUATeProjektbeschreibung ADEQUATe
Projektbeschreibung ADEQUATe
 
Institutionalising open data quality - Processes Standards, Tools
Institutionalising open data quality - Processes Standards, ToolsInstitutionalising open data quality - Processes Standards, Tools
Institutionalising open data quality - Processes Standards, Tools
 
Yound Coders Festival
Yound Coders FestivalYound Coders Festival
Yound Coders Festival
 
Sind wir schon da?!
Sind wir schon da?!Sind wir schon da?!
Sind wir schon da?!
 
Offener Haushalt – Transparenz in öffentlichen Haushalten
Offener Haushalt – Transparenz in öffentlichen HaushaltenOffener Haushalt – Transparenz in öffentlichen Haushalten
Offener Haushalt – Transparenz in öffentlichen Haushalten
 
Datenqualität von Datenportalen
Datenqualität von DatenportalenDatenqualität von Datenportalen
Datenqualität von Datenportalen
 
Open Government Data & offene Wirtschaftsdaten - Two of a Kind?
Open Government Data & offene Wirtschaftsdaten - Two of a Kind?Open Government Data & offene Wirtschaftsdaten - Two of a Kind?
Open Government Data & offene Wirtschaftsdaten - Two of a Kind?
 
Elektronische Literaturverwaltung mit Zotero
Elektronische Literaturverwaltung mit ZoteroElektronische Literaturverwaltung mit Zotero
Elektronische Literaturverwaltung mit Zotero
 
The Case of opendataportal.at
The Case of opendataportal.atThe Case of opendataportal.at
The Case of opendataportal.at
 
From E-Government to Open Government
From E-Government to Open GovernmentFrom E-Government to Open Government
From E-Government to Open Government
 
Smart Cities and Smart ICT
Smart Cities and Smart ICTSmart Cities and Smart ICT
Smart Cities and Smart ICT
 
Evaluation of Open Government Data Implementation of City of Vienna
Evaluation of Open Government Data Implementation of City of ViennaEvaluation of Open Government Data Implementation of City of Vienna
Evaluation of Open Government Data Implementation of City of Vienna
 
Costs of Closed Science
Costs of Closed ScienceCosts of Closed Science
Costs of Closed Science
 
Smart Cities, Smart Regions and the Role of Open Data
Smart Cities, Smart Regions and the Role of Open DataSmart Cities, Smart Regions and the Role of Open Data
Smart Cities, Smart Regions and the Role of Open Data
 
OGD for Culture and Art
OGD for Culture and ArtOGD for Culture and Art
OGD for Culture and Art
 
Evaluierung der Open Government Data Umsetzung der Stadt Wien - Auszug
Evaluierung der Open Government Data Umsetzung der Stadt Wien - AuszugEvaluierung der Open Government Data Umsetzung der Stadt Wien - Auszug
Evaluierung der Open Government Data Umsetzung der Stadt Wien - Auszug
 
Open Government Data DCAT Application Profile
Open Government Data DCAT Application ProfileOpen Government Data DCAT Application Profile
Open Government Data DCAT Application Profile
 

Kürzlich hochgeladen

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 

Kürzlich hochgeladen (20)

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Homomorphic encryption on Blockchain Principles

  • 1. Homomorphic encryption Secure Multiparty Computation on the Blockchain?
  • 2. Homomorphic encryption The “holy grail” of cryptography Its cryptographic magic Voodoo
  • 3. Process data without “seeing” it Image processor in the darkroom 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 4. Homomorphism? • H1 and H2 have a different “shape” • They are not easily comparable • Yet they share the same expressive power r p q s t rp q s t H1 H2 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 5. Homomorphic encryption Form of encryption which allows specific types of computations to be carried out on ciphertext and obtain an encrypted result, which decrypted, matches the result of operations performed on the plaintext 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 6. Homomorphic encryption Discovered as a “by-product” of RSA-Encryption: has the property: Partially homomorphic as only defined for multiplication 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 7. Fully homomorphic encryption Supports a minimal set of mathematical operations upon all other operations can be derived Proof: Addition ⊕ and Multiplication ⊙ are sufficient to construct arbitrary “circuits” (in mod2 mathematics that’s XOR and AND) 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 8. Real-world Analogy 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 9. Example of a FHE Scheme: Craig Gentie’s Integer scheme 2. To Encrypt a bit b: – pick a random “large” multiple of p, say q·p – pick a random “small” even number 2·r – Ciphertext c = q·p+2·r+b introduce “noise” otherwise same input would result in same encrypted output with adversary giving the possibility to learn from patterns 1. KeyGen Secret key: an n2-bit odd number p 3. To Decrypt a ciphertext c: – c (mod p) = 2·r+b (mod p) = 2·r+b 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 10. Integer addition example • 4+4 (4=bitwise 100) – CT(100): • CT(1) = 1 + 2*3 + 5*3 = 22 • CT(0) = 0 + 2*3 + 5*3 = 21 • CT(0) = 0 + 2*3 + 5*3 = 21 – D(44 42 42): • D(44) = 44 mod 3 = 2 • D(42) = 42 mod 3 = 0 • D(42) = 42 mod 3 = 0 22 21 21 +22 21 21 44 42 42 1000 = 8 = 4+4 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 11. Real-world Analogy Eval [KeyGen, Enc, Dec] 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 12. Symptoms of FHE Problem with noise • Accumulates with every operation • Eventually makes result indecipherable  EVAL: Limited amount of operations allowed until decryption becomes impossible due to accumulated error. Solution: De-crypt intermediary results using an intermediary key 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 13. Re-fresh Keys 1. Operate on problem, until error accumulates preventing decryption 2. Put partly assembled solution into another “box” 3. Use the key within the box#2 to open box#1 4. Continue working on the solution 5. Re-iterate until problem is solved 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 14. Parallelizing Eval Why? 1. FHC is computationally heavy 2. Secret Sharing increases security How • Split analysis problem into sub-problems and distribute computation onto (many) nodes • Problem: Detect whether the participating nodes behave correct and honest 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 15. Secure Multiparty Computations (sMPC) Divide a Secret into slices, requiring n parties to assemble the secret eg. SSS – Shamir Secret Sharing In case you want to protect your login password with a set of ten shares in such a way that any three of them can reconstruct the password, you simply run the command ssss-split -t 3 -n 10 -w passwd http://point-at-infinity.org/ssss/ 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 16. SPDZ (speedz) an sMPC Protocol including bytecode specification and VM supports distributed computation • addition (linear) • multiplication requiring input data pre-processing and inter-node communication using MAC-based approach to guarantee integrity 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 17. SPDZ Architecture Overview Compiler Bytecode Program VM (online) Inputs Prep Output optim. http://www.cs.bris.ac.uk/Research/CryptographySecurity/TPMPC/Slides2017/SPDZ.pdf 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 18. sMPC Challenges Branching? a = if b != 0: c else d Impossible to decide as value of ‘b’ is only visible to data owner Solution: Rewrite conditionals to eagerly evaluate each branch a = (b & c) | ((!b) & d) Cond. Loops? while a < 5: b *= 2 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 19. Blockchain coordinated sMPC • Data sharing among participating parties? • nodes performing computations (addition, multiplication) on encrypted, secretly shared data • Guaranteeing correctness through public ledger consensus 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 20. Downsides of the classical Blockchain approach • Data sharing? Blockchain bad as a database not designed for transaction speed • Distributed computing? Blockchain is a bad execution environment  every node performs every computation • by default not privacy-preserving 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 21. Enigma concept 1. A data owner O off-loads data analytics tasks to the Enigma network. He sets up / obtains an Enigma script which analytically describes the computation and 2. Uploads input data to the DHT. This is done seamlessly by splitting input data into shares that are distributed to the network. 3. The Engima interpreter distributes computational work to Enigma nodes and uses the public ledger (blockchain) to announce computations and pointers to encrypted data. 4. Node A is selected to perform the computation and 5. generates a result which he 6. stores on the public ledger. 7. The data owner can read out the encrypted intermediary results and distribute them to other nodes or assemble the final result. 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 22. Enigma concept Complexity reduction and optimization input [x1] input [x2] sub [x2], [x1]open openy1 y2 mul y1, y2 input [x1] input [x2] sub [x2], [x1] open y1 y2 mul y1, y2 I Input #1 Input #2 Input #3 Input #4 Input #5 Output Addition layer1 Mult. layer1 Addition layer2 Mult. layer2 Output layer Parameter Analysis and result re-useProgram layout analysis and load distribution 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 23. Enigma concept - Incentives General Blockchain network Enigma network • Operations on the Enigma network are still computing-intense and require coordination. • Nodes are encouraged to participate by receiving Bitcoins/any other cryptocurrency for performed operations. • In order to participate as an Enigma node, currency has to be deposited, which in case of other nodes detecting malicious operations such as correctness breaches, will be withdrawn and shared among the benign nodes. 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 24. sMPC roles I … Input Party, R … Result Party, C … Computing Party I C R SMC Millionaires Problem: Who of two millionaires is richer? I R SMC C Outsourcing computation to the cloud I SMC R C Statistics office wants to get aggregated results from personal data coming from different ministries 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 25. MPC use cases • Secure cloud computing • Joining distributed containing personnel data sets • Identify patterns in genetic databases • Identify colliding survey-satelites 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 26. ShareMind – a working implementation • Used in Estonia to analyze personal data from Ministry of Finance and Ministry of Education • Generally available, free for personal/education purpose https://sharemind.cyber.ee/privacy-preserving-policy-decisions/25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 27. Enigma • In development at MIT since 2015 • Blockchain- supported • Not generally available 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 28. Applications in Austria? https://datamarket.at/25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 29. Reading • Enigma Design Paper http://www.enigma.co/enigma_full.pdf • SPDZ Design and Implementation – https://bristolcrypto.blogspot.co.at/2016/10/what-is-spdz-part-1-mpc-circuit.html – https://eprint.iacr.org/2012/642.pdf – https://www.youtube.com/watch?v=N80DV3Brds0 – http://www.cs.bris.ac.uk/Research/CryptographySecurity/TPMPC/Slides2017/SPDZ.pdf • Craig Gentry: FHE Integer Scheme https://cs.au.dk/~stm/local-cache/gentry-thesis.pdf • Cohen, Gil, et al. ”Efficient multiparty protocols via log-depth threshold formulae.” Advances in CryptologyCRYPTO 2013. Springer Berlin Heidelberg, 2013. 185-202. • A Math Primer for Gentry's Fully Homomorphic Encryption https://community.embarcadero.com/blogs/entry/a-math-primer-for-gentrys-fully- homomorphic-encryption-38577 • Kamm, Liina. ‘Privacy-Preserving Statistical Analysis Using Secure Multi-Party Computation’. Tartu, 2015. Google Scholar. Web. 25 Apr. 2017. https://cyber.ee/uploads/2013/04/kamm_liina_PhD.pdf 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems
  • 30. 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems http://www.slideshare.net/jhoechtl/ http://at.linkedin.com/in/johannhoechtl/ Dr. Johann Höchtl johann.hoechtl@donau-uni.ac.at https://twitter.com/myprivate42
  • 31. Real World Analogy Theme taken from the original slides of Craig Gentry http://www.di.ens.fr/~pnguyen/LCD/LCD_Gentry.pdf 25.04.2017 Johann Höchtl, Centre for E-Governance Danube University Krems