A new method is presented to privately outsource computation of different users. As a significant cryptographic primitive in cloud computing, homomorphic encryption (HE) can evaluate on ciphertext directly without decryption, thus avoid information leakage. However, most of the available HE schemes are single-user, which means that they could only evaluate on ciphertexts encrypted by the same public key. Adopting the idea of proxy re-encryption, and focusing on the compatibility of computation, the authors provide a pairing-based multi-user homomorphic encryption scheme. The scheme is a somewhat homomorphic one, which can do infinite additions and one multiplication operation. Security of the scheme is based on subgroup decision problem. The authors give a concrete security model and detailed security analysis.
Top1. Introduction
Aiming on storage and computation outsourcing, cloud computing is revolutionizing the entire field of information technology. Clients outsource their data to the cloud to take advantage of the unlimited virtualized storage space and the low management cost. And the mighty computation ability can greatly alleviate the user’s load. But the cloud is also posing new security and privacy challenges. Users want to gain reliability and availability for the remotely stored data, thus gives system designer a new challenge to provide security and credit, without service quality slacking.
During the past several years, since the first fully homomorphic encryption (FHE) scheme presented by Gentry (Gentry, 2009), homomorphic encryption has been a vibrant domain in cryptography. As a useful cryptographic primitive, homomorphic encryption can allow specific types of computations to be carried out on ciphertexts and obtain an encrypted result which matches the result of operations performed on the plaintext after decryption. The idea of HE first presented by Rivest, Adleman and Dertouzos (Rivest, Adleman & Dertouzos, 1978), they found that some of the classical public key cryptosystem, such as RSA and ElGamal, are multiplication homomorphic, which means we can multiply two ciphertexts, and get the ciphertext of two plaintexts’ multiplication.While RSA cannot permit addition on ciphertexts. This property is called semi-homomorphic, means only permit one operation (addition or multiplication).
BGN scheme was brought forward by Boneh, Goh and Nissim (Boneh, Goh & Nissim, 2005), it was the first semantic secure somewhat homomorphic encryption scheme that allows both addition and multiplication. This type is called somewhat homomorphic, because the time of multiplications is strictly limited, often once.If an encryption system permits unlimited additions and multiplications, then it is called fully homomorphic. During the past 30 years, the problem of constructing fully homomorphic encryption (FHE) schemes remains open. After the breakthrough work of Gentry in 2009, there has been numerous works on FHE. Some candidate schemes (Gentry, 2013, Yagisawa, 2015, Brakerski 2011) have been constructed, with security and efficiency been carefully analyzed.
However, most of the available HE or FHE schemes could only operate on ciphertexts of the same user. But in the practical world, it is often needed to operate on ciphertexts that was encrypted by different keys. In other word, we are facing such a scenario:
Suppose there are n clients that store their data in clouds. They wish to use these data as input to compute a function, with no personal information revealed. This is called secure multiparty cloud computation (SMCC), which is different from secure multiparty computation and server-aided multiparty computation in that it emphasizes that the server could not decrypt, yet the bulk computation should carry on the server.
SMCC is formulated as the following (Zheng & Zhang, 2012).
Secure Multiparty Cloud Computation (SMCC) Consider that k clients p1,…,pk, store their data x1,…,xk in clouds in an encrypted form, they wish to cooperate together in order to efficiently and securely compute the function f(x1,…,xk) by utilizing the computation capability of clouds.
This process is described in Figure 1.
Figure 1. Secure multiparty cloud computation