Plaintext recovery attacks and their mitigation in an application-specific SHE scheme

Tikaram Sanyashi; Anasuya Acharya; Bernard Menezes

doi:10.1109/pdcat46702.2019.00024

Plaintext recovery attacks and their mitigation in an application-specific SHE scheme

Tikaram Sanyashi, Anasuya Acharya, Bernard Menezes

Indian Institute of Technology Bombay

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

In addition to storage and computing power, cloud providers ensure confidentiality of user data through the use of various encryption technologies. The need to decrypt the data before it can be operated upon exposes a possible security hole which could be exploited by untrustworthy system administrators. Homomorphic encryption allows operations on encrypted data without the need to first decrypt it making it attractive for cloud computing. However, it incurs significant overhead of storage and computation and is therefore infeasible in practice. Somewhat homomorphic schemes have been proposed to handle specific applications - one such scheme, the Zhou Wornell Scheme, operates on vectors of integers. We demonstrate that this scheme is vulnerable to plaintext recovery attacks for a range of vector sizes. We explore the trade-offs between plaintext vector length, public key size and security. Increasing vector length increases security but at the cost of greatly increased public key size. We suggest a way of reducing the size of the public key by up to 90%. Finally, we propose a variant of this scheme which is secure against plaintext recovery attacks.

Original language	English
Title of host publication	Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019
Editors	Hui Tian, Hong Shen, Wee Lum Tan
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	69-74
Number of pages	6
ISBN (Electronic)	9781728126166
DOIs	https://doi.org/10.1109/pdcat46702.2019.00024
State	Published - Dec 2019
Externally published	Yes
Event	20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019 - Gold Coast, Australia Duration: 5 Dec 2019 → 7 Dec 2019

Publication series

Name	Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019

Conference

Conference	20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019
Country/Territory	Australia
City	Gold Coast
Period	5/12/19 → 7/12/19

Bibliographical note

Publisher Copyright:
© 2019 IEEE.

Keywords

Babai's algorithm
Closest vector problem (CVP)
Cloud computing
Homomorphic encryption
Lattice reduction
Learning with errors (LWE)

Access to Document

10.1109/pdcat46702.2019.00024

Cite this

Sanyashi, T., Acharya, A., & Menezes, B. (2019). Plaintext recovery attacks and their mitigation in an application-specific SHE scheme. In H. Tian, H. Shen, & W. L. Tan (Eds.), Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019 (pp. 69-74). Article 9029091 (Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/pdcat46702.2019.00024

Sanyashi, Tikaram ; Acharya, Anasuya ; Menezes, Bernard. / Plaintext recovery attacks and their mitigation in an application-specific SHE scheme. Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019. editor / Hui Tian ; Hong Shen ; Wee Lum Tan. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 69-74 (Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019).

@inproceedings{faf6b654d38746d2833336bebee55eeb,

title = "Plaintext recovery attacks and their mitigation in an application-specific SHE scheme",

abstract = "In addition to storage and computing power, cloud providers ensure confidentiality of user data through the use of various encryption technologies. The need to decrypt the data before it can be operated upon exposes a possible security hole which could be exploited by untrustworthy system administrators. Homomorphic encryption allows operations on encrypted data without the need to first decrypt it making it attractive for cloud computing. However, it incurs significant overhead of storage and computation and is therefore infeasible in practice. Somewhat homomorphic schemes have been proposed to handle specific applications - one such scheme, the Zhou Wornell Scheme, operates on vectors of integers. We demonstrate that this scheme is vulnerable to plaintext recovery attacks for a range of vector sizes. We explore the trade-offs between plaintext vector length, public key size and security. Increasing vector length increases security but at the cost of greatly increased public key size. We suggest a way of reducing the size of the public key by up to 90%. Finally, we propose a variant of this scheme which is secure against plaintext recovery attacks.",

keywords = "Babai's algorithm, Closest vector problem (CVP), Cloud computing, Homomorphic encryption, Lattice reduction, Learning with errors (LWE)",

author = "Tikaram Sanyashi and Anasuya Acharya and Bernard Menezes",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE.; 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019 ; Conference date: 05-12-2019 Through 07-12-2019",

year = "2019",

month = dec,

doi = "10.1109/pdcat46702.2019.00024",

language = "אנגלית",

series = "Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "69--74",

editor = "Hui Tian and Hong Shen and Tan, {Wee Lum}",

booktitle = "Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019",

address = "ארצות הברית",

}

Sanyashi, T, Acharya, A & Menezes, B 2019, Plaintext recovery attacks and their mitigation in an application-specific SHE scheme. in H Tian, H Shen & WL Tan (eds), Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019., 9029091, Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019, Institute of Electrical and Electronics Engineers Inc., pp. 69-74, 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019, Gold Coast, Australia, 5/12/19. https://doi.org/10.1109/pdcat46702.2019.00024

Plaintext recovery attacks and their mitigation in an application-specific SHE scheme. / Sanyashi, Tikaram; Acharya, Anasuya; Menezes, Bernard.
Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019. ed. / Hui Tian; Hong Shen; Wee Lum Tan. Institute of Electrical and Electronics Engineers Inc., 2019. p. 69-74 9029091 (Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Plaintext recovery attacks and their mitigation in an application-specific SHE scheme

AU - Sanyashi, Tikaram

AU - Acharya, Anasuya

AU - Menezes, Bernard

PY - 2019/12

Y1 - 2019/12

N2 - In addition to storage and computing power, cloud providers ensure confidentiality of user data through the use of various encryption technologies. The need to decrypt the data before it can be operated upon exposes a possible security hole which could be exploited by untrustworthy system administrators. Homomorphic encryption allows operations on encrypted data without the need to first decrypt it making it attractive for cloud computing. However, it incurs significant overhead of storage and computation and is therefore infeasible in practice. Somewhat homomorphic schemes have been proposed to handle specific applications - one such scheme, the Zhou Wornell Scheme, operates on vectors of integers. We demonstrate that this scheme is vulnerable to plaintext recovery attacks for a range of vector sizes. We explore the trade-offs between plaintext vector length, public key size and security. Increasing vector length increases security but at the cost of greatly increased public key size. We suggest a way of reducing the size of the public key by up to 90%. Finally, we propose a variant of this scheme which is secure against plaintext recovery attacks.

AB - In addition to storage and computing power, cloud providers ensure confidentiality of user data through the use of various encryption technologies. The need to decrypt the data before it can be operated upon exposes a possible security hole which could be exploited by untrustworthy system administrators. Homomorphic encryption allows operations on encrypted data without the need to first decrypt it making it attractive for cloud computing. However, it incurs significant overhead of storage and computation and is therefore infeasible in practice. Somewhat homomorphic schemes have been proposed to handle specific applications - one such scheme, the Zhou Wornell Scheme, operates on vectors of integers. We demonstrate that this scheme is vulnerable to plaintext recovery attacks for a range of vector sizes. We explore the trade-offs between plaintext vector length, public key size and security. Increasing vector length increases security but at the cost of greatly increased public key size. We suggest a way of reducing the size of the public key by up to 90%. Finally, we propose a variant of this scheme which is secure against plaintext recovery attacks.

KW - Babai's algorithm

KW - Closest vector problem (CVP)

KW - Cloud computing

KW - Homomorphic encryption

KW - Lattice reduction

KW - Learning with errors (LWE)

UR - http://www.scopus.com/inward/record.url?scp=85083180640&partnerID=8YFLogxK

U2 - 10.1109/pdcat46702.2019.00024

DO - 10.1109/pdcat46702.2019.00024

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:85083180640

T3 - Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019

SP - 69

EP - 74

BT - Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019

A2 - Tian, Hui

A2 - Shen, Hong

A2 - Tan, Wee Lum

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019

Y2 - 5 December 2019 through 7 December 2019

ER -

Sanyashi T, Acharya A, Menezes B. Plaintext recovery attacks and their mitigation in an application-specific SHE scheme. In Tian H, Shen H, Tan WL, editors, Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 69-74. 9029091. (Proceedings - 2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2019). doi: 10.1109/pdcat46702.2019.00024

Plaintext recovery attacks and their mitigation in an application-specific SHE scheme

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this