Skip to Content (press Enter/Return)
preview

Ensuring Data Security Using Homomorphic Encryption in Cloud Computing

explanatory Essay
1063 words
Open Document
1063 words
  • Small
  • Normal
  • Large
  • Huge
bookmark

Homomorphic Encryption allows access to highly scalable, inexpensive, on-demand computing resources that can execute the code and store the data that are provided to them. This aspect, known as data outsourced computation is very attractive, as it alleviates most of the burden on IT services from the consumer. Nevertheless, the adoption of data outsourced computation by business has a major obstacle, since the data owner does not want to allow the un trusted cloud provider to have access to the data being outsourced. Merely encrypting the data prior to storing it on the cloud is not a viable solution, since encrypted data cannot be further manipulated. This means that if the data owner would like to search for particular information, then the data would need to be retrieved and decrypted a very costly operation, which limits the usability of the cloud to merely be used as a data storage centre. Homomorphic Encryption systems are used to perform operations on encrypted data without knowing the private key (without decryption), the client is the only holder of the secret key. When we decrypt the result of any operation, it is the same as if we had carried out the calculation on the raw data. Definition: An encryption is homomorphic, if: from Enc(a) and Enc(b) it is possible to compute Enc(f (a, b)), where f can be: +, ×, ⊕ and without using the private key. For plaintexts P1 and P2 and corresponding ciphertext C1 and C2, a homomorphic encryption scheme permits meaningful computation of P1 Θ P2 from C1 and C2 without revealing P1 or P2.The cryptosystem is additive or multiplicative homomorphic depending upon the operation Θ which can be addition or multiplication. A homomorphic encryption scheme consists of the followi... ... middle of paper ... ...S: [1] Vic (J.R.) Winkler, “Securing the Cloud, Cloud Computer Security, Techniques and Tactics”, Elsevier, 2011. [2] Pascal Paillier. Public-key cryptosystems based on composite degree residuosity classes. In 18th Annual Eurocrypt Conference (EUROCRYPT'99), Prague, Czech Republic, volume 1592, 1999 [3] Julien Bringe and al. An Application of the Goldwasser-Micali Cryptosystem to Biometric Authentication, Springer-Verlag, 2007. [4] R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public key cryptosystems. Communications of the ACM, 21(2):120-126, 1978. Computer Science, pages 223-238. Springer, 1999. [5] Taher ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 469-472, 1985. [6] Craig Gentry, A Fully Homomorphic Encryption Scheme, 2009.

In this essay, the author

  • Explains that the output-a tuple (sk, pk) consisting of the secret key and public key.
  • Explains input-a public key, circuit with inputs and a set of ciphertext.
  • Explains that a homomorphic encryption scheme consists of all algorithms and an extra one. the correctness-condition for the conventional part is identical.
  • Describes the paillier cryptosystem, which is an additive homomorphic encryption scheme based on the intractability hypothesis.
  • Explains that two large prime numbers p and q are chosen randomly and independently of each other. this property is assured if both primes are of equal length.
  • Explains that n divides the order of g by checking the existence of the following modular multiplicative inverse.
  • Explains that rsa is an algorithm for public-key cryptography based on the presumed difficulty of factoring large integers.
  • Explains that rsa involves a public and private key. the public key can be known to everyone and is used for encrypting messages.
  • Explains that the integers p and q should be chosen at random, and of similar bit-length, for security purposes.
  • Explains that n is used as the modulus for both the public and private keys. its length is the key length.
  • Explains that e and (n) are coprime integers.
  • Explains that e having a short bit-length and small hamming weight results in more efficient encryption – most commonly 216 + 1 = 65,537.
  • Explains that d is the multiplicative inverse of e (modulo (n)).
  • Describes how alice transmits her public key (n, e) to bob and keeps the private key secret. bob then wishes to send message m to alice.
  • Explains that bob transmits c to alice using the method of exponentiation by squaring.
  • Explains alice can recover m from c by using her private key exponent d via computing.
  • Explains that cloud computing security based on homomorphic encryption is a new concept of security which enables providing results of calculations on encrypted data without knowing the raw data on which the calculation was carried out.
  • Presents pascal paillier's paper on public-key cryptosystems based on composite degree residuosity classes.
  • Explains julien bringe's application of the goldwasser-micali cryptosystem to biometric authentication, springer-verlag, 2007.
  • Explains r. rivest, a. shamir, and l. adleman's method for obtaining digital signatures and public key cryptosystems.
  • Explains taher elgamal's public key cryptosystem and a signature scheme based on discrete logarithms in ieee transactions on information theory.
  • Explains that homomorphic encryption allows access to highly scalable, inexpensive, on-demand computing resources that can execute the code and store the data that are provided to them.
  • Explains that the notation a/b does not denote the modular multiplication, but rather the quotient of the largest integer value v>=0 to satisfy the relation.
Get Access
Check Writing Quality
Related
  • analytical
  • explanatory
  • social media
    analytical essay
    Fully homomorphic encryption has numerous applications. For example, it enables private queries to a search engine { the user submits an encrypted query and the search engine computes a succinct encrypted answer without ever looking at the query in the clear. It also enables searching on encrypted data { a user stores encrypted files on a remote file server and can later have the server retrieve only files that (when decrypted) satisfy some boolean constraint, even though the server cannot decrypt the les on its own. More broadly, fully homomorphic encryption improves the efficiency of secure multiparty computation.

    In this essay, the author

    • Explains that personal details like your full name, names of family members, phone number, birthday, address, and place of employment can be used by identity thieves.
    • Explains that internet fraud refers to using internet access to scam or take advantage of people.
    • Explains that inference attacks in online social networks are used to predict a user's personal, sensitive information that the user has not chosen to disclose, such as religious affiliation and sexual orientation.
    • Explains that socware entails fake and potentially damaging posts and messages from friends in online social networks.
    • Explains the growing apprehension about internet pedophiles, also referred to as online predators.
    • Explains that if the settings aren't customized properly, anyone who has a registered account in the program can view the personal information.
    • Argues that developing effective privacy protection technologies is a critical challenge for security and privacy research as the amount and variety of data collected about individuals increase exponentially.
    1039 words
    Read More
  • Encryption: Privacy versus National Security
    explanatory essay
    Abstract: The use of encryption by individuals is growing at a tremendous rate, and since 1991 cryptography issues have engulfed both the U.S. government as well as the computing industry. One of the most controversial of these issues is whether encryption should be made supremely secure to the highest-level current technology will allow, or whether a "master key" should be locked away somewhere, only to be used when absolutely justified.  Both sides of the issue have their benefits and detriments; the problem is finding the middle ground that will provide the greatest benefit to society.

    In this essay, the author

    • Explains that encryption is growing at a tremendous rate, and cryptography issues have engulfed both the u.s. government and the computing industry since 1991.
    • Explains that advances in cryptography have brought attention to encryption policies in the united states from three large groups: the government, the computing industry, and researchers. the issue is trying to find a new standard that will be accepted by both groups.
    • Explains that before the 1990s, the encryption issue was straightforward; government, computing industry, and researchers were satisfied with the worldwide data encryption standard.
    • Explains that the government is concerned about the implications of securely encrypted communications, and the computing public is losing faith in des.
    • Explains that the government proposed the escrowed encryption standard in 1993, which encrypted messages in two stages.
    • Opines that although the computing industry has been hostile towards key escrow and key recovery systems, such standards do not provide some benefits. the government needs to be able to continue to protect this country from domestic and foreign enemies.
    • Opines that the world will be safer if criminals cannot take advantage of a ubiquitous, standardized encryption infrastructure that is immune from any conceivable law enforcement wiretap.
    • Explains that illegal wiretapping by a rogue prosecutor or police officer is impossible. the use of encryption by criminals is increasing greatly.
    • Explains that the fbi laboratory division's computer analysis and response team has seen the number of cases utilizing encryption and/or password protection increase from two percent to approximately twenty percent over the past four years.
    • Explains that the new operating system will allow users to employ an encrypted file system which will provide the individual computerusers with easy to use "point and click" encryption thereby enabling criminals and terrorists to easily encrypt all of the files stored on their computer.
    • Explains that key escrow systems have been rejected by the computing industry because they add a substantial security risk.
    • Explains that key recovery systems are less secure, more costly, and difficult to use than similar systems without a recovery feature. massive deployment of key-recovery-based infrastructures will require significant sacrifices insecurity and convenience and substantially increase costs to all users of encryption.
    • Opines that the scale and complexity that would be required for such ascheme is beyond the experience and current competency of the field and may introduce ultimately unacceptable risks and costs.
    • Explains that the computing industry and researchers are moving towards new algorithms that provide "everlasting security".
    • Opines that dr. rubin's algorithm provides ultimate privacy to every individual. every law-abiding person should have the right to keep their private conversations private, forever.
    • Explains that they conferred, as against the government, the right to be let alone. every unjustifiable intrusion bythe government upon the privacy of the individual, whatever themeans employed, must be deemed a violation.
    • Opines that a new encryption system would be risky, since criminals could communicate without the fear of ever incriminating themselves. schneier argues that security companies are blinded by shiny new cryptography.
    • Opines that the aes proposal suggests a compromise that will provide the greatest utility to all.
    • Cites bowyer, kevin, h. abelson, and schwartz, john. the risks of key recovery, key escrow and trusted third party encryption.
    • Cites baker, stewart, rivest, ronald l., kolata, gina and olmstead v. u.s.
    2486 words
    Read More
  • encryption
    explanatory essay
    Traditional cryptography is based on the sender and receiver of a message knowing and using the same secret key: the sender uses the secret key to encrypt the message, and the receiver uses the same secret key to decrypt the message. This method is known as secret-key cryptography. The main problem is getting the sender and receiver to agree on the secret key without anyone else finding out. If they are in separate physical locations, they must trust a courier, or a phone system, or some other transmission system to not disclose the secret key being communicated. Anyone who overhears or intercepts the key in transit can later read all messages encrypted using that key. The generation, transmission and storage of keys is called key management; all cryptosystems must deal with key management issues. Secret-key cryptography often has difficulty providing secure key management.

    In this essay, the author

    • Explains that traditional cryptography is based on the sender and receiver of a message knowing and using the same secret key.
    • Explains that public-key cryptography was invented in 1976 by whitfield diffie and martin hellman to solve the key management problem.
    • Explains how alice sends a message to bob using bob's public key, then uses his private key to decrypt the message and read it.
    • Explains how alice, to sign a message, does computations involving both her private key and the message itself; the output is called the digital signature and is attached to it. if the results hold in mathematical relation, the signature is verified as genuine.
    • Explains the primary advantage of public-key cryptography is increased security: the private keys do not need to be transmitted or revealed to anyone.
    • Explains that public-key systems can provide a method for digital signatures. authentication via secret key systems requires the sharing of some secret and sometimes requires trust.
    • Explains that digitally signed messages can be proved authentic to a third party, such as judge, thus allowing such messages to be legally binding. secret-key authentication systems like kerberos were designed to authenticate access to network resources.
    • Explains the disadvantages of using public-key cryptography for encryption, such as speed, and the burden of encryption.
    • Explains that the best solution for encryption is to combine public- and secret-key systems to get both the security and speed advantages of both.
    870 words
    Read More
  • Encryption Algorithms: Encryption And Encryption Process
    explanatory essay
    ENCYRPTION ALGORITHMS There are two kinds of encryption methods namely symmetric key encryption and asymmetric key encryption based on the key used for the encryption process. 3.1 Symmetric Key Encryption In the symmetric key encryption, same key is used for both encryption and decryption process.

    In this essay, the author

    • Explains that there are two kinds of encryption methods, namely symmetric key encryption and asymmetric keys based on the key used for encryption.
    • Explains that symmetric key encryption uses the same key for both encryption and decryption. the sender and receiver must share the algorithm and the key.
    • Explains symmetric key encryption, wherein one set of rules is used for encryption and decryption with a couple of keys. one secret key is public and one private key.
    • Explains the symmetric key encryption techniques, substitution and transposition encryption, which are widely used.
    • Explains the substitution technique, in which the letters of the plaintext are systematically replaced by other letters or symbols.
    • Explains that encryption is one of the simplest encryption techniques invented by julius caesar. each letter is replaced by a fixed number of positions down the alphabet.
    • Explains p is plaintext, k is key, and c is cipher text.
    • Explains that in the monoalphabetic cipher each plaintext alphabet is mapped onto a crypt text alphabet.
    • Explains that the vigenère cipher is probably the fine-recognized instance of a polyalphabetic
    • Explains how the playfair cipher turned into the primary sensible digraph substitution crypt. the algorithm encrypts pairs of letters (digraphs) in place of single letters.
    • Explains that the hill cipher is a polygraphic substitution cipher using linear algebra. each letter corresponds to one unique number, from 0 to 25.
    • Explains that transposition ciphers alternate the location (or the series) of characters or bits of the enter blocks. they keep the frequency distribution of single letters.
    • Illustrates how the plaintext is written as a sequence of diagonals and studied off as rows. the depth of the rail fence forms the key that desires to be exchanged among the communicating events.
    • Explains that the columnar transposition cipher is a rearrangement of characters of the plaintext into columns. the order of columns becomes the important thing to the algorithm.
    • Explains that if the digraph includes the identical letter two times, insert the letter "x" among identical letters, after which hold with the relaxation of the steps.
    960 words
    Read More
  • Privacy and Security in Cloud Computing
    explanatory essay
    Cloud Confidentiality The confidentiality of the cloud, or a system, can be guaranteed only under the condition that it is able to prevent unauthorized access. Zhifeng et al. (2013) states that within cloud environments, confidentiality implies that a customer’s data and computation tasks are to be kept confidential from both the cloud provider and other customers. Confidentiality remains as one of the greatest concerns with regard to cloud computing.

    In this essay, the author

    • Explains that the confidentiality of the cloud, or a system, can be guaranteed only under the condition that it is able to prevent unauthorized access.
    • Explains that cross-vm attack via side channels exploits one of the common techniques used by cloud providers, virtualization, and gives rise to multi-tenancy.
    • Explains the process of placing a malicious vm on the same physical machine as its intended target.
    • Explains the various ways an adversary can use virtualization resources to gain actionable information, such as estimating traffic received by the target, keystroke timing attacks, etc.
    • Explains that the previous threat is based on how one customer may violate the confidentiality of another cloud customer, but it is not the only type of threat.
    • Explains that the first step of a cross-vm attack is to locate the target(s) and map the cloud provider to confirm co-residency.
    • Opines that to eliminate the threat of cross-vm attacks, the only absolute solution would be to stop co-residency completely.
    • Explains that nohype proposes an increase in isolation between vm’s residing on the same physical machine by removing the hypervisor which is effectively the virtualization layer, but still retaining the key benefits provided by it.
    • Explains that cross-vm attack and malicious system administrator are both threats which stem from the cloud environment by taking advantage of its usage of virtualization and co-residence.
    • Describes the requirements of a system to guarantee data integrity, including that any data, message, or piece of information cannot be tampered with by unauthorized parties, and that in the event of compromise, it must be detected.
    • Explains that the cloud environment's ability for data storage increased the probability of data loss and malicious or accidental modification. problems may be a result of cloud providers, administration errors, or peer-to-peer storage systems
    • Explains the threat of dishonest computation in remote servers due to the evolution of the cloud environment to allow for not only data storage, but computation on the servers.
    • Explains the process of provable data possession (pdp) to address the issue of whether or not a cloud provider is still in possession of the data in pristine form.
    • Explains that dynamic pdp (dpdp) was developed to correct the problem of the original model and allow for full dynamic operations.
    • Explains that a third-party auditor (tpa) is able to provide the customer with an evaluation of potential safety risks within the cloud service.
    • Describes the strategies used to combat dishonest computing, such as re-computation, replication, auditing, and trusted computing.
    • Explains that data loss/manipulation and dishonest computation are two issues that plague the idea of integrity within the cloud environment.
    • Explains that availability is a constant concern regardless of data location. when data is moved off-site, or into the cloud, it becomes an even greater concern.
    • Explains that denial of service attacks are a mostly targeted attack with the possibility of downstream liability, but there are also indirect attacks.
    • Explains that a fraudulent resource consumption (frc) attack uses the same principles as dos attacks, but to maximize the resource consumption of its target. pricing becomes lower than doing all aspects locally and gives the advantage of scalability.
    • Describes ip failover as a strategic implemented at ibm smartcloud to provide the concept of 'high availability' by providing each vm with its own static ip address and dynamically assigning it at runtime.
    • Explains that data dispersion suggests the application of raid technology, but across cloud providers rather than disks.
    • Explains that frc is an unusual form of attack that comes about as a result of the utility computing model and to analyze this risk, the primary objectives of dealing with attacks are prevention, detection, attribution and mitigation.
    • Explains that the issue of availability within cloud computing is affected by problems that were present before the move to the cloud, as well as generated its own risks.
    2996 words
    Read More
  • Digital Cash Can Never Work
    analytical essay
    [FN 2] David Chaum, Achieving Electronic Privacy, Sci. Am., Aug. 1992, at 96. On the Internet at: http://ganges.cs.tcd.ie/mepeirce/Project/Chaum/sciam.html

    In this essay, the author

    • Opines that the push for digital cash is already underway, regardless of which of these payment systems succeeds.
    • Argues that the major concern of those opposed to non-anonymous digital cash is a loss of privacy.
    • Opines that a digital payment system should resemble the current system as closely as possible, making allowances for the actual but not the perceived differences.
    • Opines that counterfeiting will become widespread and consumer confidence will decline. the criminal legal system punishes wrongdoers for many reasons, including retribution and deterrence.
    • Argues that the current methods proposed for blinded digital cash are supposed to be cracker-proof. however, if the reward is large enough, some members of society will find a way around whatever security system is in place.
    • Argues that anonymous digital cash is an unreasonable replacement to our current payment system. a pseudo-anonymous system would allow law enforcement to catch individuals who counterfeit digital currency.
    • Explains the technical underpinnings of tomorrow's legal tender, citing udo flohr and michael froomkin.
    1190 words
    Read More
  • RSA-based Undeniable Signature for a Group
    explanatory essay
    In this paper, a new RSA-based undeniable signatures approach for a group is proposed. A group member can sign a document on behalf of the group without revealing the identity of the actual signer. The group secret key is split into two parts by Group Manager, one part is provided, as his group membership secret, to the group member; and the other part is provided to a trusted security mediator, SM. In our scheme, it is ensured that the group public key size and the group signature length are independent of the group size and, therefore, remain constant. The group signature is realized by the collaboration of the group member and the SM. Neither of the two can produce a valid signature alone without other’s help, i.e., both the SM and the group member are mandatory to participate in the generation of the valid group signature. The verifier would interact with the SM for the verification of the valid signature of any member of the group.

    In this essay, the author

    • Explains how to verify the legal signature of the members of a group by interacting with the verifier.
    • Explains that x1 + x2 +...+ d for any positive integer k.
    • Explains that the group signature on message m is generated by the collaboration between ui and sm.
    • Explains how sm checks that ui's membership has not been revoked and computes a = md (mod n) and partial group signature.
    • Describes how the verifier chooses two secret random integers a, b r z*n and computes u = sa yb(mod n).
    • Explains that the verifier chooses two secret random integers i, j r z*nand computes t = si yj (mod n).
    • Explains that in case of disputes, gm can easily open the given signature and identify the actual signer with the help of sm.
    • Proposes an rsa-based undeniable signatures approach for a group. the group secret key is split into two parts by the group manager and the trusted security mediator, sm.
    • Explains how a simple and efficient scheme for signature generation and verification is described. the use of common modulus for multiple users in rsa is discouraged.
    • Explains that gm generates two large random prime numbers, p & q, and then computes n = p q and d, e and z*n.
    • Explains that gm chooses a random number xi r z*n and computes yi= (d– xi) and (yi), ui is sent to sm.
    • Explains that xi is the secret key of the member ui and yi is sm's secret.
    826 words
    Read More
  • towards privacy preserving
    explanatory essay
    Cloud computing is a virtual storage which is used to store the data and information in secure manner. This project which gives a trustworthy to the cloud user from Admin

    In this essay, the author

    • Explains that cloud computing is a virtual storage which is used to store the data and information in secure manner.
    • Explains that the goal of the project is to give security to the central cloud, which is maintaining all the clouds information.
    • Explains that the physical resources of a cloud infrastructure to cloud the central part of the schedule for the allocation of resources is realistic.
    • Explains that a trustworthy scheduling system is implemented to take care of the customer infrastructure and its properties.
    998 words
    Read More
  • Cloud Computing
    explanatory essay
    user. Here in our paper the TPA audits the requested user’s data without reading the actual content of the data of the requested user so that preserving more privacy and auditing in a effective way so that the client gets the required results so that he user can take his further steps in improving their data security.

    In this essay, the author

    • Explains that the tpa audits the requested user's data without reading the actual content of the data so that preserving more privacy and auditing in a effective way.
    • Explains that cloud computing has many threats that are disturbing gigantic acceptance of cloud. major threats affect data integrity and privacy in cloud storage.
    • Explains that there are various auditing schemes available to ensure integrity of the client data, but there is a leakage of information from the verifier or the auditor side.
    • Explains how wang c, wang q proposed a verification scheme for public verifiability and data dynamic operations and enhanced the por model for block tag authentication.
    • Explains the proposed security protocols for data storage in the cloud with the aforementioned research goals with aim to give security.
    • Explains the secure data verifiability of the user data who stores their data in the cloud in this paper using secure encryption methods along with block-wise verification to maintain the local copy of data.
    • Explains the architecture to provide data integrity verification of the client data in the cloud storage system, which has three main roles: a- user, b- cloud server, and c- tpa.
    • Explains that to implement our design, it is necessary to achieve goals in our model by allowing the tpa to verify the correctness of the requested client outsourced data in the cloud.
    • Explains the flow between the client and the third party auditor in the proposed model.
    • Explains how the tpa checks for clients' requests for verification. the main aim of the scheme is to ensure that the data integrity in the cloud storage system is efficient.
    2069 words
    Read More
  • Cloud Computing Security
    explanatory essay
    Cloud computing facilitates sharing of computing and storage resources with the aim of reducing computing expenses in organizations. Moreover, cloud computing facilitates information sharing among individuals within a cloud. Despite being advantageous, data stored in a cloud is usually prone to hacking and other security issues. This paper addresses the various mitigation measures that organizations are using to ensure that data stored in the cloud is secure.

    In this essay, the author

    • Explains that cloud computing facilitates sharing of computing and storage resources with the aim of reducing computing expenses in organizations. however, data stored in a cloud is usually prone to hacking and other security issues.
    • Explains that encryption is one of the mitigation measures used to ensure security in cloud computing. however, encrypted data is difficult to search or perform calculations on.
    • Explains that google uses data encryption as a method of ensuring that data stored in its cloud is secured and confidential.
    • Explains that amazon employs the principle of data encryption to ensure data security in its cloud.
    • Explains that physical security at data storage centers is important to ensure that data stored in the cloud is secure and available even in cases of a data center breakdown.
    • Explains that phishing is one of the security issues commonly affecting cloud computing. google has been able to cope with the problem through using fishing detection tools.
    • Explains that google maintains a blacklist of phishing urls to curb attacks in its cloud, especially the firefox search engine.
    • Explains that cloud providers must establish and maintain good risk management procedures and practices. microsoft identifies and reports various vulnerabilities to clients to ensure security for the clients.
    • Explains that microsoft has established remedies for dealing with fraudulent e-mails used for phishing activities. microsoft outlook is equipped with same definition files as those found in vista and windows 7.
    • Explains that microsoft ensures that phishing detection tools are always updated and availed to its clients.
    • Explains that apple's cloud is the most secure because of its vertical nature and closed space. apple advises its clients on appropriate measures against data loss and unintended retrieval.
    • Explains that cloud computing, despite its great achievements, has been limited by security concerns associated with the data stored in the cloud.
    • Explains that cloud computing pioneers are using various mitigation measures against cloud security issues, such as data encryption, phishing detection tools, and security maintenance in storage centers.
    • Cites bradley, t, provos, n, chew, m, & rubin, d. google apps project delays highlight cloud security concerns.
    • Cites acm.ibtimes, measurement of phishing attacks and google assures customers on cloud security practices
    • Cites krutz, r, and vines, d. cloud security: a comprehensive guide to secure cloudcomputing.
    1601 words
    Read More
Get Access