Today, Cloud Computing, although increasingly popular and used, is still seen as "storage space". Yet the power and potential of this technology is endless!
Henry Michel Ronzenblum, General Delegate of Eurcloud organizes Thursday April 09, 2020 a webinar with Gerard Peliks (member of ARCI and professor in Cybersecurity).
Taking the example of homomorphic encryption, 2 key points will be addressed:
- How can you reassure your customers so that they are convinced (at all levels) that it is also a great tool for innovating (for example, via ultra-secure data processing)?
- How to properly use the exhaustiveness of the financial systems available to advance research work and Cloud innovation projects, while respecting new legal developments?
In parallel with the webinar, Gérard Peliks explains how this technology applies to cloud security? What is its state of the art?
Gérard Peliks has worked for more than 20 years in digital security, including 16 years at AIRBUS Cybersecurity as a security expert.
Today, he is an active member of ARCSI (Association of Reservists for Figures and Information Security), he gives courses on cybercrime / cybersecurity in masters and MBAs of engineering schools and leads the “Cybersecurity Mondays”.
The data availability and their perimeter protection.
The public cloud is a wonderful solution for storing data.
For a controlled cost of services, companies have the possibility of having all the space they need, without having to invest in additional servers and disks, when a need for more storage space appears.
As security is not, in most cases, the business of companies using cloud services, they can ensure, by contract, that their data is secure in the cloud of their provider. When companies are not in control of the security and safety of their digital data, they face multiple threats and few companies are able to effectively counter them. Cloud providers, on the other hand, are supposed to have a good command of cybersecurity and supposed to have the skills in this area.
What about the confidentiality and theintegrity data entrusted to an external cloud?
Remember that the confidentiality of information is the assurance that it can only be read by persons authorized to take cognizance of it, while integrity is the assurance that it can only be written or modified by persons also authorized to do so.
One solution would be to only use the space of a public cloud to host non-sensitive data. But then we deprive ourselves of the advantage of the almost infinite space offered by the cloud to host them. Encrypting sensitive data and placing it in a public cloud is also a solution, but who manages the keys? The ideal is of course, for companies that entrust their data in a public cloud, to manage the encryption keys themselves. Entrusting the management of the encryption keys to its cloud provider finds its limits in the trust that client companies place in their provider. Managing encryption keys internally in the company is a complex task for which digital data security is not the job. Entrusting the management of the keys to another service provider other than the one hosting the encrypted data seems to be a better solution. The confidentiality and integrity of sensitive data are thus guaranteed.
If the data is stored unencrypted with the service provider, then the customer can have it available for processing, but they are accessible to any malicious person with privileged access to the service provider. If the data is stored encrypted, then it is difficult to have it available for processing.
The problem : " how to perform processing on encrypted data? "
It is quite obvious that, for example for an addition between two numbers which are encrypted, the sum of the two encrypted numbers does not give, during decryption, the expected result. It is of course possible to repatriate internally the data to be processed, decrypt them to perform the processing, encrypt the results and possibly put them back in the Cloud. This solution is obviously not really playable.
So is the Cloud doomed to remain only storage space, without allowing computing space? Couldn't the data to be handled remain in the Cloud, encrypted, and the processing carried out on the encrypted data giving the right result when decrypted by the user?
There is a very elegant solution already operational for certain treatments, and which is advancing in research centers to take into account all the possible treatments, it is the homomorphic encryption.
With this type of encryption, the Cloud is no longer just a secure storage space but also becomes a secure computing and consultation space. It will really be used, not only to host sensitive information, but also to use it… without leaving the Cloud. Only the results after treatment will be released to be deciphered and used.
Has the Cloud also become a space for calculations and processing?
At least that's what we would like to expect, but today homomorphic encryption only works for certain operations. It does not allow, for example, to consult an encrypted database to obtain the desired result in clear. If an encryption says " fully homomorphic »Existed today, if any processing could be carried out on the encrypted data entrusted to a public cloud, their confidentiality and their integrity would be guaranteed. But we're not there yet, and operations that may already work pose some performance issues, but research is well underway to offer this invaluable power.
Note, without going too far into the technique, and while simplifying, that the encryption algorithm used by the RSA, which is the basis of public key encryption, is, by nature, homomorphic for the multiplication. Indeed, the product of two numerical numbers is equal to the numerical product of the two numbers. This result, once deciphered, is the same as if we multiply the two numbers in the clear. A homomorphic cipher that would work for addition AND for multiplication is called "doubly homomorphic cipher". We are approaching it today, but with problems of the width of the encrypted elements and digital noise generated by the processing. The difficulty of homomorphic encryption is to keep the “digital noise”, which operations generate, below a reasonable threshold. otherwise the algorithms diverge and everything becomes indecipherable. We will not study these complex problems here, but we can hope that mathematicians will find an elegant solution to the problems posed by doubly homomorphic encryption.
Searchable encryption
Homomorphic encryption should not be confused with searchable encryption which makes it possible to specify a decryption procedure to a computation result in the encrypted domain. This last type of encryption offers a solution to consult an encrypted database, to obtain a result which, decrypted, gives the expected result.
Practical application: Internet voting
As a practical application, let's see how homomorphic encryption provides a solution to Internet voting. We are not talking about electronic voting machines here, but the voter who votes from their browser.
With the use of El Gamal algorithms, the homomorphic product of the encrypted ballots is equal to the homomorphic sum of the ballots. Voters' choices are never deciphered. At the close of the ballot, a homomorphic multiplication of all the ballots is carried out. We get the encrypted sum and we decrypt it. This sum is therefore the result of the votes which is obtained immediately. Yes, the homomorphic encryption of El Gamal (among other cryptologists who have advanced this technology) allows this.
The ballots are encrypted by the public key of the ballot box, the decryption of the sum of the ballots is done by the private key of the ballot box. This private key can be divided into several pieces held by the president of the polling station and his assessors. At the opening of the ballot, the president and his assessors reconstitute the decryption key and obtain the expected result almost immediately.
That the homomorphic product of the encrypted ballots is equal to the homomorphic sum of the ballots is a nice application of this type of encryption. This method is elegant in its ease of use. The ballots in the ballot box are never deciphered yet we know the result of the sum of the votes, which is also the only information that is interesting and not confidential after the close of the poll.
This method has already been used for the elections of representatives of French people living abroad. It can also be used for the elections of staff representatives or in company boards. But for presidential, senatorial or legislative elections, it is not authorized in France. We are only talking here about the cryptological foundation of a practical application of a working homomorphic cipher. Internet voting, which does not require you to go through a voting booth, and which does not require the Republican vote counting ceremony, is it to be recommended?
It is an interesting debate but one in which we will not take sides here.