Upload
neel-chakraborty
View
152
Download
1
Tags:
Embed Size (px)
Citation preview
Advanced Cryptographic Techniques for Secured Cloud Computing
By—
Nilotpal Chakraborty*
Dr. G K Patra#
*SPARK Student, CSIR 4PI, Bangalore/ M.Tech Student, Devi Ahilya University, Indore#Principal Scientist, CSIR 4PI, Council of Scientific & Industrial Research, Bangalore
Outline
• Cloud Computing
• Cloud Security essentials
• Cloud Cryptography
• Fully Homomorphic Encryption
• Functional Encryption
• Conclusion
2ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Cloud Computing
• NIST definition—“It is a model for enabling ubiquitous, convenient, on-demand, network access to a shared pool ofconfigurable computing resources that can berapidly provisioned and released with minimalmanagement effort or service providerinteraction”.
• Service Models—– Software-as-a-service– Platform-as-a-service– Infrastructure-as-a-service
3ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Security Attacks on Cloud Infrastructure
• “..Syrian Electronic Army hacks TrueCaller. 1million India’s data at risk”— July, 2013. (Source: TOI)
• “..Adobe gets hacked. Over 2.9 millions of userdata stolen..” – October, 2013. (Source: TOI)
• “..Syrian Electronic Army hacks Twitter..”—October, 2013 (Source: TOI)
• “..2 million usernames and passwords fromFacebook, Gmail, Twitter, Yahoo and other arestolen..”—November, 2013. (Source: NDTV)
• “..Syrian Electronic Army hacks Skype..”—January, 2014. (Source: BBC)
• “..TurkGuvenligi hacked Syrian Electronic Army’shomepage..”—January, 2014. (Source: ITProPortal)
4ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Security Issues and Challenges
– “..Will my data stored in the cloud besecure?”
– “..Will cloud not manipulate my data?”
– “..Is the cloud is secure itself?”
– “..Can I trust what CSP says?”
– “..Will my data not be disowned?”
5ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Security Issues and Challenges
• Data Leakage
• Insecure Virtual Systems
• Multitenant infrastructure
• Lack in Security Assurance
• Lack in Trust among the users
• Inadequacy of the Security Compliances
6ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Cloud Cryptography
• A probable solution—“Cryptography”
• A technique to convert a plain text to a form,known as cipher text, that is meaningless to anyunknown third party.
• Most secured way of Data Communication. But—– No meaning of the cipher text without decryption.
– No Computation/ manipulation on the cipher text
– Encrypt either all or nothing.
7ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Advanced Cryptographic Techniques
• Fully Homomorphic Encryption
• Functional Encryption
8ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Fully Homomorphic Encryption
“Fully Homomorphic Encryption (FHE) isa cryptographic scheme that enables toperform certain operations to be performedon cipher texts and obtain an encryptedresult, which is when decrypted matchesthe result as if the operations wereperformed on the plain texts.”
9ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Fully Homomorphic Encryption
f
m f(m)
10ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Fully Homomorphic Encryption
f
m f(m)
Enc(m)
Encrypt Decrypt
11ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Fully Homomorphic Encryption
f
m f(m)
f
Enc(m) Enc(f(m))
Encrypt Decrypt
12ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Fully Homomorphic Encryption
f
m f(m)
f
Enc(m) Enc(f(m))
Encrypt Decrypt Encrypt Decrypt
13ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Fully Homomorphic Encryption
• Privacy homomorphism— Rivest, Adleman,Dertouzos (1978)
• Partial Homomorphic Encryption– RSA Cryptosystem (1977)
– El-Gamal Cryptosystem (1984)
– Paillier Cryptosystem (1999)
– Boneh-Goh-Nissim Cryptosystem (2005)
• Fully Homomorphic Encryption– Gentry’s Lattice Based Cryptographic scheme
(2009)
14ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Gentry’s FHE Construction
• KeyGen: Select a large prime integer p and obtain xi=pq+r. p is the secret key and xi is the public key.q and r are random integers, with r being essentially
significantly small
• Enc (xi, m): C = (m+2r+2 Σxi ) mod x0
• Dec (p, c): m= (c mod p) mod 2
• Bootstrap to make it fully homomorphic encryption scheme– Decrypt the cipher text with the encryption of the secret
key.
The above scheme is Somewhat Homomorphic
15ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Construction of an Efficient FHE
• Our motivation—– FHE scheme to work directly on decimal inputs.
– Efficient and faster encryption/ decryption.
– Comparatively reduced cipher text size.
– Reduced complexity in computing on encrypteddata.
– Supporting field operations (Addition,Multiplication, Subtraction, Division).
• FHE based on Learning with errors (LWE) /Ring LWE
16ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Functional Encryption
• A public key encryption scheme allows thesecret key to decrypt only some specificfunctions of the original texts, withoutrevealing any other information.
• Devised in 2010.
• Provides fine grained access control.
• Existing Specific cases—
– Identity based encryption (2001)
– Attribute based encryption (2005)
17ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Functional Encryption
18ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Functional Encryption
• Setup: Creates a public key and a mastersecret key.
• KeyGen: Use the master secret key togenerate new user specific keys.
• Encrypt: Use the public key to encrypt anymessage.
• Decrypt: use the user secret key tocalculate specific function on the ciphertexts.
19ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Implementation Details
• Programming Language: C
• Operating System: Linux (Ubuntu/ Mint/Fedora)
• Compiler: GCC
• Library: GMP Library, Openssl Library,PBC library
20ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing
Conclusion
• Cloud Computing, though very attractive with its variousbenefits, has security issues and is vulnerable to threats.
• Solution is to encrypt the data and computation onencrypted data over the cloud.
• Fully Homomorphic Encryption is a scheme that providesthe best secured computing environment for the cloud.
• FHE allows computations on encrypted data, by whichusers can carry out operations on encrypted data andobtain an encrypted result, which is decrypted to get theresult in plain text format.
• Existing schemes are inefficient. There’s a need to developefficient FHE scheme keeping the security intact.
21ICCTAC'14 || Nilotpal Chakraborty & G K Patra || Advanced Cryptographic Techniques for Secured Cloud Computing