Master of Science in Computer Science February 2017 Homomorphic Encryption: Working and Analytical Assessment DGHV, HElib, Paillier, FHEW and HE in cloud security Srinivas Divya Papisetty Faculty of Computing Blekinge Institute of Technology SE-371 79 Karlskrona Sweden This thesis is submitted to the Faculty of Computing at Blekinge Institute of Technology in partial fulfillment of the requirements for the degree of Master of Science in Computer Science. The thesis is equivalent to 20 weeks of full time studies. Contact Information: Author(s): Srinivas Divya Papisetty E-mail: [email protected] University advisor: Dr. Emiliano Casalicchio Dept. of Computer Science & Engineering Faculty of Computing Internet : www.bth.se Blekinge Institute of Technology Phone : +46 455 38 50 00 SE-371 79 Karlskrona, Sweden Fax : +46 455 38 50 57 i i ABSTRACT Context. Secrecy has kept researchers spanning over centuries engaged in the creation of data protection techniques. With the growing rate of data breach and intervention of adversaries in confidential data storage and communication, efficient data protection has found to be a challenge. Homomorphic encryption is one such data protection technique in the cryptographic domain which can perform arbitrary computations on the enciphered data without disclosing the original plaintext or message. The first working fully homomorphic encryption scheme was proposed in the year 2009 and since then there has been a tremendous increase in the development of homomorphic encryption schemes such that they can be applied to a wide range of data services that demand security. All homomorphic encryption schemes can be categorized as partially homomorphic (PHE), somewhat homomorphic (SHE), leveled homomorphic (LHE), and fully homomorphic encryption (FHE). Each encryption algorithm has its own importance and usage in different realms of security. DHGV, Paillier, HElib, and FHEW are the algorithms chosen in this study considering their wide usage and scope for further advancement in this subject area. A public-key algorithm named RSA is also chosen for comparison of the impact of HE and PKE (Public-key encryption) algorithm on the CPU and Memory. The utilization of various homomorphic schemes and concepts in the trending cloud storage systems is a prevailing field of research and can be expanded further by knowing the current state-of-the-art of homomorphic encryption. Hence, the necessity of comprehending the knowledge of homomorphic encryption schemes and their aspect in cloud security becomes vital. Objectives. The objective of this study is to analytically assess homomorphic encryption and various homomorphic encryption schemes. A comprehensive investigation on working and performance of the selected HE schemes is another objective of this research. Also, an experiment to run publicly available libraries of DGHV, Paillier, HElib, and FHEW is one of the main objectives. In addition to these, comprehending the impact of HE and PKE on CPU and Memory is also among the objectives of the study. The role and practice of homomorphic encryption in the cloud storage system are among the secondary objectives of this research in terms of securing confidential data. These objectives are set based on the research gap identified by conducting an exhaustive literature review. Methods. The objectives of this study are achieved by adopting the methods exhaustive literature review and experiment. Scientific databases such as IEEE Xplore, ACM Digital Library, Inspec, Springer Link etc. are used and literature is accordingly selected based on the relevance to the research topic. An exhaustive literature review is conducted and extensive bibliographic research is done to accomplish the objective of comprehending the working, applications, significance of homomorphic encryption. Apart from literature review, bibliographic research, an experiment is also conducted to run the publicly available homomorphic encryption libraries to evaluate, compare, and analyze the performance of DGHV, Paillier, HElib, and FHEW schemes. Experiment to run publicly available PKE algorithm is also conducted. Finally, the conclusion and outcome by adopting these research methods for accomplishing the objectives are theoretically presented in detail. Results. By conducting an exhaustive literature review, the importance, working, application of homomorphic encryption and its schemes is discerned. And by conducting an experiment, the impact of HE and PKE is also discerned. Apart from this, the limitations of HE and selected HE schemes along with the distinction between public and private key cryptography is understood by finding and mapping in connection with each other. From the experiment conducted, it is examined that despite the encryption libraries being publicly available for use, the possibility of running and employing few libraries successfully is remarkably low inferring that there is much improvement needed in this cryptographic discipline. Conclusions. From this research, it can be concluded that homomorphic encryption has a wide scope of extending towards efficiency and application in various fields concerned with data protection. It can also me concluded that the experimental assessment of state of the art of few HE schemes libraries that are available online are remarkably impractical for real-time practice. By analyzing the selected i schemes, it can be concluded few HE schemes do not support any other operations on encrypted data other than addition and multiplication due to which chances of increasing noise for each encryption is relatively high. From the experiment conducted for Paillier encryption (HE) and RSA (PKE) encryption, it is concluded that both the schemes increase linearly with an increase in the input size when CPU and Memory utilization is measured. Apart from these conclusions, it can also be inferred that not all the homomorphic encryption algorithms are IND-CCA1 and IND-CCA2 secure. From this study, it can be deduced that more empirical validation and analysis of HE algorithms is required in terms of their performance and security. In order to address these problems, much research and improvement are required as it inferred from the results of this research that Homomorphic encryption is still in its early stage of development and enormous utility can be anticipated when enhanced correctly. Keywords: Homomorphic encryption, Homomorphic Encryption Schemes, Cloud security, Cryptography ii ACKNOWLEDGEMENTS It gives me an immense pleasure in expressing my wholehearted sense of gratitude towards my beloved guide & Professor Dr. Emiliano Casalicchio, Associate professor, Dept. of Computer Science and Engineering under whose able guidance, I could develop an interest in research & complete this study. I would like to express my heartfelt gratitude to my parents, Mr. P. Srinivasulu and Mrs. P. Nirmala, my beloved grandmother Mrs. Jayalakshmi, my beloved sister Dr. P. S. Bhagya Shri and my Brother-in-law Dr. K. Sanath, for their eternal love, kind support, and well wishes in all the stages of my master thesis. I would also like to express my deepest thanks to my friends Prerika Arora, Alex Bramah Lawani, Afrin Mahaboob, Harshini Sangewar, Susmitha Rao, Usha Das, Dharmvir Singh, Rahul Deekonda, Biswajeet Mohanty, and Karthik Madhavan who have helped and encouraged me to successfully accomplish my master thesis. Finally, I am extremely thankful to all my dear relatives and friends who motivated and supported me all through the journey of my master thesis. Above all, I thank the divine existence whose presence is always with us. Srinivas Divya Papisetty iii CONTENTS Abstract ................................................................................................................ i Acknowledgements ............................................................................................. iii Contents ............................................................................................................. iv List of Figures ...................................................................................................... vi List of Tables ...................................................................................................... vii 1 Introduction .................................................................................................. 8 1.1.1 What is Encryption? .......................................................................................... 8 1.1.2 Traditional encryption ...................................................................................... 8 1.1.3 Symmetric and Asymmetric encryption ........................................................... 8 1.1.4 Homomorphic Encryption................................................................................. 9 1.2 State of the art .............................................................................................. 10 1.3 Scope ............................................................................................................ 11 1.4 Problem statement and Motivation ............................................................... 11 1.5 Research aim and Objectives ......................................................................... 12 1.6 Research questions ........................................................................................ 12 1.7 Contribution and expected outcomes............................................................. 13 1.8 Outline of the thesis .....................................................................................