Securing the Cloud with Homomorphic Encryption - Securing the cloud with homomorphic encryption Research Directorate staff T he word homomorphic has

Securing the Cloud with Homomorphic Encryption - Securing...

This preview shows page 1 - 3 out of 4 pages.

The Next Wave | Vol. 20 No. 3 | 2014 1 R e s e a r c h D i r e c t o r at e s t a f f A major hurdle to the adoption of cloud-based services is security. Cloud users, particularly at the enterprise and government level, are concerned with losing control of, or just plain losing, their data once it is placed in the cloud. Th e abstractness of cloud storage makes it di ffi cult for consumers to feel comfortable that their data is well protected by cloud service providers. Encryption could allevi- ate this issue. However, if you want to manipulate your encrypted data in the cloud, the secret key to decrypt your data must be shared with the cloud provider. Th is sort of defeats the idea of a secret key. Sharing this key of course would allow the current cloud provider (or future provider if the service changes hands) access to your data. Th e answer to this problem could be homomorphic   encryption. For example, a bakery in New York that uses a cloud service provider’s infrastructure to host their e-mail wants to search through those e-mails for an order erroneously sent to Hoboken, New Jersey. If the data is plaintext, the subscriber just plugs in a search term (e.g., “cupcakes Hoboken”) and views the results. If the data is encrypted, the bakery will need to share the secret key with the cloud provider to access the information stored on the provider’s servers to query against the data. Sharing that secret key now potentially gives the provider access to the company’s data, and if there is a security breach, it may also give cybercriminals access to the data. Homomorphic encryption would allow the bakery’s owners to search the encrypted e-mails for items related to the Hoboken mishap and get results as if T he word homomorphic has roots in Greek and loosely translates as “same shape” or “same form.” In relation to cryptography, the concept is that operations can be performed on encrypted data without sharing the secret key needed to decrypt the data. Homomorphic encryption has great utility in cloud computing, particularly for those that wish to house encrypted data on cloud providers’ servers. Securing the cloud with homomorphic encryption
The Next Wave | Vol. 20 No. 3 | 2014 2 Securing the cloud with homomorphic encryption querying against the plaintext data, without sharing the   key. Th e idea of homomorphic encryption has been around for about 30 years, and thanks to a sig- ni fi cant breakthrough in 2009, the end game of a practical fully homomorphic encryption solution is in sight. Th ere are fully homomorphic encryption solutions that exist today, but because of limitations related mainly to the complexity of computations, these solutions are not considered practical for use with today’s applications. Th ese limitations are being addressed, and some say a practical solution could be achieved within a decade. If a practical, fully homomorphic solution can be created, it could be the catalyst that breaks down the security barrier to widespread cloud   adoption.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture