同态加密在隐私计算中的应用综述

同态加密技术是一种基于数学难题的计算复杂性理论的密码学技术,支持数据以密态方式进行计算,计算结果解密后与明文计算的结果一致,在多样化复杂应用场景中具有很好的普适性,是目前隐私计算领域的一个热点研究方向。通过对同态加密技术的发展历程以及相关的技术路线进行梳理,解析了同态加密在安全求交、隐匿查询、多方联合计算、多方联合建模等典型隐私计算应用场景的技术融合应用,并对同态加密目前广泛落地应用过程中碰到的关键问题进行分析,最后对同态加密的研究发展方向进行探讨。     

同态加密

克莱格·詹特里创造了一种加密系统，以解决众多组织机构使用云计算过程中涉及的数据分析与数据挖掘的安全问题，现在使用公开的云计算服务（例如亚马逊或谷歌）访问未加密的数据，安全风险实在是太大了。     

基于安全多方计算的分布式数据处理的研究

本研究项目是以安全多方计算为核心技术,利用分布式Elgamal同态加密算法,结合谷歌的Map Reduce[1]云计算分布式框架研究一个通用的具有隐私保护功能的分布式云计算模型.即将原有的Map Reduce开源框架进行改进,将安全多方计算协议加入其中,形成一个具有保密性质的,且具有通用性(能应用到具体的现实场景中)的分布式计算模型.     

同态加密技术及其在云计算安全中的应用

文章针对云计算的安全问题,提出了一种全同态加密方案和基于此方案的数据检索算法,既保证了用户数据的安全性,又保证了服务器能够对存储的用户密文直接检索,为云系统中的信息安全和数据处理提供了良好的解决方案。     

基于全同态加密的云计算安全方案的研究简

云计算的用户在使用云计算提供的方便服务的同时也面临着数据被窃取、篡改、盗用、伪造等风险。本文将全同态加密算法应用到云计算的安全方案中，利用了全同态加密的不用解密密文，针对密文的操作与针对明文的操作效果一致的特点。解决了云计算的数据安全问题。     

基于同态加密的高效多方保密计算

多方保密计算是信息社会隐私保护的核心技术,是国际密码学界的研究热点之一.本文首先提出了一种新的对保密数据进行编码的方案,接着利用这种新的编码方案和同态加密方案,构造了一个百万富翁问题新的解决方案,并证明了方案的安全性.新的方案更简洁、更具有普遍意义,能够对可定义全序关系的任意两个对象进行比较.最后用这个新的解决方案解决了另一个新的多方保密计算问题-两个整数的互素问题,证明了方案是安全的.     

基于NTRU的多密钥同态代理重加密方案及其应用

为了提高同态加密算法在多用户云计算场景下的实用性,构造了一个基于NTRU的多密钥同态代理重加密方案.首先利用密文扩张思想提出了一种新的NTRU型多密钥同态密文形式,并基于此设计了相应的同态运算和重线性化过程,从而形成一个支持分布式解密的NTRU型多密钥同态加密方案;然后借助于密钥交换思想设计了重加密密钥和重加密过程,将...     

基于同态加密的通信信息队列加密传输技术

为了提升通信信息传输的安全性,提出一种基于同态加密的通信信息队列加密传输技术。在通信信息传输之前,首先采用Paillier密码技术加密处理通信信息,实现对通信信息的同态加密,保证通信信息的安全性;然后基于通信信息队列传输特性,通过Producer端和Broker端实现通信信息队列的加密传输,提高现有网络环境下通信信息队列加密传输数据的处理能力。实验结果表明,所提技术能够为通信信息的安全访问与隐私保护提供支持,有效保障用户信息的安全性。     

同态密码理论与应用进展

随着云计算、云存储等各类云服务的普及应用,云环境下的隐私保护问题逐渐成为业界关注的焦点,同态密码成为解决该问题的关键手段,其中,如何构造高效的全同态加密方案是近年来同态加密研究的热点之一。首先,该文介绍了同态密码的发展情况,从不同角度对同态加密方案进行了分类分析,着重描述了可验证全同态加密方案的研究进展。通过分析近年来公开的同态加密领域知识产权文献,对同态加密在理论研究和实际应用中所取得的进展进行了归纳总结。其次,对比分析了目前主流全同态加密库Helib, SEAL以及TFHE的性能。最后,梳理了同态加密技术的典型应用场景,指出了未来可能的研究与发展方向。

     

同态密码理论与应用进展

随着云计算、云存储等各类云服务的普及应用,云环境下的隐私保护问题逐渐成为业界关注的焦点,同态密码成为解决该问题的关键手段,其中,如何构造高效的全同态加密方案是近年来同态加密研究的热点之一.首先,该文介绍了同态密码的发展情况,从不同角度对同态加密方案进行了分类分析,着重描述了可验证全同态加密方案的研究进展.通过分析近年来公开的同态加密领域知识产权文献,对同态加密在理论研究和实际应用中所取得的进展进行了归纳总结.其次,对比分析了目前主流全同态加密库Helib,SEAL以及TFHE的性能.最后,梳理了同态加密技术的典型应用场景,指出了未来可能的研究与发展方向.     

Reconciling Non-malleability with Homomorphic Encryption

Homomorphic encryption schemes are useful in designing conceptually simple protocols that operate on encrypted inputs. On the other hand, non-malleable encryption schemes are vital for designing protocols with robust security against malicious parties, in a composable setting. In this paper, we address the problem of constructing public-key encryption schemes that meaningfully combine these two opposing demands. The intuitive tradeoff we desire in an encryption scheme is that anyone should be able to change encryptions of unknown messages \(m_1, \ldots , m_k\) into a (fresh) encryption of \(T(m_1, \ldots , m_k)\) for a specific set of allowed functions T, but the scheme should be otherwise “non-malleable.” That is, no adversary should be able to construct a ciphertext whose value is related to that of other ciphertexts in any other way. For the case where the allowed functions T are all unary, we formulate precise definitions that capture our intuitive requirements and show relationships among these new definitions and other more standard ones (IND-CCA, gCCA, and RCCA). We further justify these new definitions by showing their equivalence to a natural formulation of security in the framework of Universally Composable security. Next, we describe a new family of encryption schemes that satisfy our definitions for a wide variety of allowed transformations T and prove their security under the Decisional Diffie-Hellman (DDH) assumption in two groups with related sizes. Finally, we demonstrate how encryption schemes that satisfy our definitions can be used to implement conceptually simple protocols for non-trivial computation on encrypted data, which are secure against malicious adversaries in the UC framework without resorting to general-purpose multi-party computation or zero-knowledge proofs. For the case where the allowed functions T are binary, we show that a natural generalization of our definitions is unattainable if some T is a group operation. On the positive side, we show that if one of our security requirements is relaxed in a natural way, we can in fact obtain a scheme that is homomorphic with respect to (binary) group operations, and non-malleable otherwise.     

Leveled Homomorphic Encryption in Certificateless Cryptosystem

To lower communication complexity, a Certificateless homomorphic encryption (CLHE) scheme based on the Learning with errors (LWE) problem is constructed by introducing a new technique called probabilistic encoding with weakly homomorphic property. This technique can conveniently convert an intended message into two elements in a ring, which will be respectively encrypted under both public keys of a user in certificateless cryptosystem. Upon knowing both elements simultaneously, the original message can be easily recovered. It is hidden perfectly by the probabilistic property of encoding. This CLHE removes evaluation keys by using the approximate eigenvector method given by Gentry et al., which makes it into a pure CLHE. It is proven to be semantic secure in the Random oracle model (ROM). The results indicate it is able to homomorphically evaluate any functions in a class functions with given multiplicative depth L.     

Properties of SV-Style Homomorphic Encryption and Their Application

Several special properties of Smart and Vercauteren's encryption scheme are put forward.They are all based on the special parameter,which is a recommended modulus polynomial.These properties not only show that the secret key is deduced from an N-dimensional vector into its any entry,but also produce the triplet (grade-i reduced plaintext space,grade-ireduced ciphertext space,grade-i reduced secret key) for each i,where grade-i reduced secret key can decrypt grade-i reduced ciphertexts and can be efficiently computed from grade-i delegated key.At the same time,sequentially grade-(i-+ 1) delegated key can be efficiently computed from grade-idelegated key.This work also discusses a sequential computation in opposite direction,i.e.,computing grade-idelegated key from grade-(i+ 1) delegated key.But the sequential computation in the opposite direction is difficult except at most the first steps of such sequential computation.Based on the properties given,we then propose a simple hierarchical encryption scheme with relatively small key and ciphertext sizes.     

紧致优化DGHV全同态加密方案

DGHV方案是第一个基于整数的全同态加密方案,但该方案中同态操作导致密文尺寸成倍增长,必须通过同态解密算法,才能够将密文尺寸控制在一个多项式界~O（λ7）以内,而且同态解密算法的内部运算过程中,密文数据的尺寸仍在不断增加。这里给出一个紧致优化技术,控制同态乘和同态加操作中的密文,使得该方案的密文尺寸始终保持在~O（λ5）以内,消除了同态操作对密文尺寸的影响,并进一步分析了优化方案的同态运算能力。     

Message Expansion of Homomorphic Encryption Using Product Pairing

The Boneh, Goh, and Nissim (BGN) cryptosytem is the first homomorphic encryption scheme that allows additions and multiplications of plaintexts on encrypted data. BGN‐type cryptosystems permit very small plaintext sizes. The best‐known approach for the expansion of a message size by t times is one that requires t implementations of an initial scheme; however, such an approach becomes impractical when t is large. In this paper, we present a method of message expansion of BGN‐type homomorphic encryption using composite product pairing, which is practical for relatively large t. In addition, we prove that the indistinguishability under chosen plaintext attack security of our construction relies on the decisional Diffie–Hellman assumption for all subgroups of prime order of the underlying composite pairing group.     

一种基于LWE问题的无证书全同态加密体制

全同态加密在云计算等领域具有重要的应用价值,然而,现有全同态加密体制普遍存在公钥尺寸较大的缺陷,严重影响密钥管理与身份认证的效率。为解决这一问题,该文将无证书公钥加密的思想与全同态加密体制相结合,提出一种基于容错学习(LWE)问题的无证书全同态加密体制,利用前像可采样陷门单向函数建立用户身份信息与公钥之间的联系,无须使用公钥证书进行身份认证;用户私钥由用户自行选定,不存在密钥托管问题。体制的安全性在随机喻示模型下归约到判定性LWE问题难解性,并包含严格的可证安全证明。     

基于NTRU的全同态加密方案

本文提出一种基于公钥密码体制（Number Theory Research Unit,NTRU）选择明文攻击（Chosen Plaintext Attack,CPA）可证明安全的全同态加密方案.首先,对NTRU的密钥生成算法进行改进,通过格上的高斯抽象算法生成密钥对,避免了有效的格攻击,同时,没有改变密钥的分布.然后,基于改进的NTRU加密算法,利用Flattening技术,构造了一个全同态加密体制,并在标准模型下证明方案是选择明文攻击不可区分性IND-CPA安全的.