Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Dr. Juan R. Troncoso Pastoriza
troncoso@gts.uvigo.es
Secure Signal Processing in the Cloud
Enabling technologies for priva...
Cloud and Privacy
Secure Signal Processing
Practical SSP Cloud Scenarios
Measuring Privacy
Privacy metrics and Notions
Get...
Cloud and Privacy
Cloud Computing Paradigm
Benefits (Ubiquitous Access, scalability, multi-tenancy,…)
Multimedia Clouds
Amenable to distribu...
Cloud and Privacy
Stakeholders
Functionalities
Security aspects
Authentication
Storage Encryption
Encrypted communications
Privacy aspects
Geo-localization
Privacy legis...
Secure Signal
Processing
8
Privacy in Signal Processing
Signal Processing deals with representation, analysis,
transmission and restoration of sign...
Examples of services and outsourced processes with private or sensitive
signals
eHealth: semi-automated diagnosis or decis...
Secure Signal Processing (SSP) or Signal Processing in the
Encrypted Domain (SPED)
Marriage of Cryptography and Signal Pro...
Practical SSP Cloud
Scenarios
Outsourced Biometric Recognition
SSP Privacy-aware scenarios
Biometric Features
(Private)
Biometric Access
Control
Recogni...
Outsourced e-Health
SSP Privacy-aware scenarios
Untrusted Cloud
Health Institutions
Outsourced Medical
Database (Private)
...
Adaptive filtering: Outsourced control
SSP Privacy-aware scenarios
Plant sensed signals (Private)
Plant (Private)
Control ...
SSP Cloud Scenarios
General Scenario
Set of mutually untrusted parties ܲଵ, … , ܲ௡
Private inputs ‫ݔ‬ଵ, … , ‫ݔ‬௡
Target: ev...
Measuring Privacy
Privacy Metrics and Privacy Notions
Trust and adversary models
Semi-honest adversaries
Malicious adversaries
Typicially, semi-honest with malicious extensions...
Privacy Properties:
Anonymity: hiding link between identity and action/piece of
information
Pseudonimity: use of pseudonym...
Privacy metrics
Target: given an observation by an attacker, measure its
estimation error
Dalenius, 1977: first probabilis...
ε-differential privacy
ܲ Κ ‫ܦ‬ଵ ∈ ܵ ൑ ݁ఌܲ Κ ‫ܦ‬ଶ ∈ ܵ , ܵ ⊆ Թ௡
(ε,δ)-differential privacy
ܲ Κ ‫ܦ‬ଵ ∈ ܵ ൑ ݁ఌܲ Κ ‫ܦ‬ଶ ∈ ܵ ൅ ߜ...
Obfuscation mechanisms for ε-differential privacy
Noise function of the sensitivity of f
Δ݂ ൌ ݉ܽ‫ݔ‬஽భ,஽మ
| ݂ ‫ܦ‬ଵ െ ݂ ‫ܦ‬ଶ...
Other metrics
Information theoretic
Secure information flow: seeks lack of leakage (non-interference)
Shannon-entropy (ave...
Getting Practical
Privacy Tools from SSP
Available SSP tools to produce privacy-preserving systems
SMC (Garbled Circuits)
Homomorphic Encryption (FHE, SHE)
Searcha...
Computing models
Boolean Circuits
Arithmetic Circuits
Hybrid Approximation
Primary concern: Protection of private informat...
Binary SMP Protocols
Based in Yao’s garbled circuits: Obfuscated replica of the
original circuit
Phases:
Build the circuit...
Secure Multiparty Computation
First commercial practical use
January 2008: SMC in Denmark national auction for market
pric...
Homomorphic Encryption
Fundamental idea (group homomorphisms):
ሺܲ, ൅ሻ ⟶ாೖ ሺ‫∘,ܥ‬ሻ
‫ܧ‬௞ ‫ݔ‬ ൅ ‫ݕ‬ ൌ ‫ܧ‬௞ ‫ݔ‬ሻ ∘ ‫ܧ‬௞ሺ‫ݕ‬ 	݉...
Homomorphic Encryption
Efficient Communication
Challenges
Computation overhead
Cipher expansion
Versatility (only addition...
Lattice Crypto: promise for post-quantum crypto
Security based on worst-case assumptions
Example: GGH (Goldreich, Goldwass...
Gentry’s Lattice-based SHE
Cryptosystem
Gentry’s somewhat homomorphic cryptosystem
Can execute a limited-depth circuit, bi...
Gentry’s Cryptographic Bootstrapping
• For a lattice-based cryptosystem
Bootstrapping for FHE
SHE ∑ (L)
Only valid when f ...
Bootstrapping is costly
SHE is more efficient and a perfect candidate for SSP
A practical extension [TPFPG12]:
Works with ...
Searchable Encryption
PEKS (Keyword Search)
Encrypted keywords are associated with the (regular) criptotext
It is possible...
Obfuscation mechanisms
Adding noise to get private outputs (DP)
Very low overhead
Reduced utility
In an untrusted environm...
Wrap-up
There are only limited (secure) privacy homomorphisms
known
The limitations of HE can be tackled through interacti...
Mapping complex to
real solutions
Practical limitations and challenges
Privacy ⇒ Overhead
Computational load
Communication cost (bandwidth, rounds)
Cloud Scenario Limitations
Bandwidth of custo...
Example of ubiquitous SP function: adaptive filtering
LMS filter
‫ݕ‬௞ ൌ ࢝௞
்
࢛௞, ࢝௞ାଵ ൌ ࢝௞ ൅ ߤ ൉ ࢛௞ሺ݀௞ െ ‫ݕ‬௞ሻ
௘ೖ
Privacy-...
Quantization (encryption) or noise (obfuscation) affects
accuracy and utility ⇒ privacy vs utility
Interplay between commu...
General tradeoff: privacy-utility-efficiency
Cost function per application
The privacy-preserving solution must optimize t...
Example Privacy-
Preserving SSP
Applications
Private Interference Cancellation
Private Adaptive Beamforming
Private Model-Reference Adaptive Control (MRAC)
Private Non...
CAGCTGCTTACC
Genetic disease pattern
ACGATGCTAGCTCCTGGCTCGAGATCGATCGCTAGCAGCTCGCATCCAGCTGCTTACCATCGCAGCCAGACTAGCTAGCCTACAA...
Example: Architecture for
Secure Medical Clouds
Execution of
calculations on
Encrypted Data
Interprets SSP
primitives
Mode...
Example: Architecture for
Secure Medical Clouds
Current research lines
and challenges
A Glimpse to the Future
Definition and quantification of privacy in a rich variety of
Multimedia Cloud scenarios and complex functions
DP-preservi...
Multi-client multi-key
computing
• Privacy-aware Cloud Scenarios [vDJ10]
• Private single-client computing
• Private multi...
Computing Server
CS
Clear Inputs
and Results
Trusted Cloud
Encrypted Inputs
and Results
Multi-client multi-key
computing
•...
Bootstrapping for proxy reencryption
• Idea: bootstrapping into a different key
• Needed helper data: “encryption” of sk1 ...
Further Info
SSP is not only targeted at Cloud
Any untrustworthy distributed/outsourced environment
SSP for Other Applications
Electric...
Secure Signal Processing Publications
• A. Pedrouzo-Ulloa, J.R. Troncoso-Pastoriza, and F. Pérez-González, “Multivariate L...
RIA co-funded by the EU H2020 Programme
A framework for end-to-end protection of data in untrusted and fast-evolving
ICT-b...
Dr. Juan R. Troncoso Pastoriza
troncoso@gts.uvigo.es
http://gpsc.uvigo.es/juan-ramon-troncoso-pastoriza
Twitter: @juanrtro...
Upcoming SlideShare
Loading in …5
×

Procesamiento seguro de señales en la nube: Habilitando tecnologías para la preservación de la privacidad en la nube en el procesamiento multimedia.

576 views

Published on

Procesamiento seguro de señales en la nube: Habilitando tecnologías para la preservación de la privacidad en la nube en el procesamiento multimedia.
Juan Troncoso-Pastoriza. Universidad de Vigo.
Curso de Verano 'Innovación en ciberseguridad aplicada a la protección de la identidad digital #CIGTR2015'.
http://es.cigtr.info/2015/06/curso-de-verano-innovacion-en-seguridad.html (ES)

Safe processing of signals in the cloud: Enabling technologies for the preservation of privacy in the cloud in the multimedia processing
Juan Troncoso-Pastoriza. Universidad de Vigo.
Summer Course 'Innovation in security applied to the protection of digital identity #CIGTR2015'.
http://www.cigtr.info/2015/06/summer-course-innovation-in-security.html#.ViXv337hDb2 (EN)

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Procesamiento seguro de señales en la nube: Habilitando tecnologías para la preservación de la privacidad en la nube en el procesamiento multimedia.

  1. 1. Dr. Juan R. Troncoso Pastoriza troncoso@gts.uvigo.es Secure Signal Processing in the Cloud Enabling technologies for privacy-preserving multimedia cloud processing Innovación en ciberseguridad aplicada a la protección de la identidad digital #CIGTR2015 Del 6 al 8 de julio Madrid (Campus de Aranjuez, URJC)
  2. 2. Cloud and Privacy Secure Signal Processing Practical SSP Cloud Scenarios Measuring Privacy Privacy metrics and Notions Getting Practical: Privacy tools from SSP Lattice Crypto and Homomorphic Encryption Mapping Complex to Real Solutions Cipher Blow-up, Accuracy and Trade-offs Practical Applications Further info Outline
  3. 3. Cloud and Privacy
  4. 4. Cloud Computing Paradigm Benefits (Ubiquitous Access, scalability, multi-tenancy,…) Multimedia Clouds Amenable to distributed processing Content delivery networks Server-based computing P2P Multimedia computing Multimedia-aware Clouds Cloud-aware Multimedia Privacy risks Multimedia Clouds
  5. 5. Cloud and Privacy Stakeholders Functionalities
  6. 6. Security aspects Authentication Storage Encryption Encrypted communications Privacy aspects Geo-localization Privacy legislations in different countries Risk of losing control over outsourced data and processes Trustworthiness of the Cloud Privacy invasion (e.g., personalized ads) Cloud and Privacy Privacy ≠ Security
  7. 7. Secure Signal Processing
  8. 8. 8 Privacy in Signal Processing Signal Processing deals with representation, analysis, transmission and restoration of signals Legal framework: EU Privacy Regulations Directive 95/46/EC Article 8 of the E.C. for the Protection of Human Rights and Fundamental Freedoms Upcoming DP EU regulation (draft) Privacy in SP is a very broad and transversal subject Currently, privacy is mainly guaranteed through written consents An automated mechanism is needed to enforce privacy in two levels: Signal privacy Process privacy
  9. 9. Examples of services and outsourced processes with private or sensitive signals eHealth: semi-automated diagnosis or decision support (MRI, ECG, DNA,…) Social media / social data mining Smart metering: use of fine-grained metered data Biometrics: outsourcing of authentication/identification processes (fingerprints, faces, iris) Banking and financial information Large scale/big data processing with sensitive data (social data, personal information, business-critical processes) Current situation: Non-proportional collection or usage leads to unjustified user profiling SSP mission: enable secure services with Integration of data protection supported by core technologies (efficient homomorphic processing, SMC, searchable encryption) Versatile, flexible and efficient solutions No impairment for service providers Privacy guarantees and privacy management Secure Signal Processing
  10. 10. Secure Signal Processing (SSP) or Signal Processing in the Encrypted Domain (SPED) Marriage of Cryptography and Signal Processing Efficient Solutions for Privacy Problems in SP Traditional cryptography can protect data during communication or storage, but it cannot prevent the access to the data when they are sent to an untrustworthy party. Through advanced encryption techniques, SSP provides means to process signals while they are encrypted, without prior decryption and without the decryption key, thus enabling fully secure services like Cloud computing over encrypted data. Secure Signal Processing
  11. 11. Practical SSP Cloud Scenarios
  12. 12. Outsourced Biometric Recognition SSP Privacy-aware scenarios Biometric Features (Private) Biometric Access Control Recognition Results Outsourced Recognition Logic Outsourced Biometric Templates Database (Private) Untrusted Cloud
  13. 13. Outsourced e-Health SSP Privacy-aware scenarios Untrusted Cloud Health Institutions Outsourced Medical Database (Private) Laboratory/ Analysis Center Patient Data Results Private Query
  14. 14. Adaptive filtering: Outsourced control SSP Privacy-aware scenarios Plant sensed signals (Private) Plant (Private) Control Signals Outsourced Adaptive Control Plant input signals (Private) Reference Model (Private) Untrusted Cloud
  15. 15. SSP Cloud Scenarios General Scenario Set of mutually untrusted parties ܲଵ, … , ܲ௡ Private inputs ‫ݔ‬ଵ, … , ‫ݔ‬௡ Target: evaluate ݂ሺ‫ݔ‬ଵ, … , ‫ݔ‬௡ሻ with no trusted parties. Cloud Scenario: Cloud (Untrustworthy)
  16. 16. Measuring Privacy Privacy Metrics and Privacy Notions
  17. 17. Trust and adversary models Semi-honest adversaries Malicious adversaries Typicially, semi-honest with malicious extensions Privacy framework Means to quantify privacy and information leakage Evaluate privacy level Assess privacy requirements Privacy Metrics: Cryptography vs Signal Processing Complexity theory vs information theory Measuring Privacy
  18. 18. Privacy Properties: Anonymity: hiding link between identity and action/piece of information Pseudonimity: use of pseudonyms as IDs (one or multiple identities) Unlinkability: hiding the link between two or more actions/identities/pieces of information Unobservability: hiding user activity Plausible deniability: impossible to prove a user knows or did something Measuring Privacy
  19. 19. Privacy metrics Target: given an observation by an attacker, measure its estimation error Dalenius, 1977: first probabilistic notion of “disclosure” in order to avoid disclosures from a given database: “nothing about an individual that could not be learned without access to the database should be learnable from the database” Dwork, 2006: No useful database can fulfill 0-disclosure (Attribute) “Non-privacy”: A computationally bounded adversary can disclose (1- ε) fraction of the database entries for any ε>0 Measuring Privacy
  20. 20. ε-differential privacy ܲ Κ ‫ܦ‬ଵ ∈ ܵ ൑ ݁ఌܲ Κ ‫ܦ‬ଶ ∈ ܵ , ܵ ⊆ Թ௡ (ε,δ)-differential privacy ܲ Κ ‫ܦ‬ଵ ∈ ܵ ൑ ݁ఌܲ Κ ‫ܦ‬ଶ ∈ ܵ ൅ ߜ, ܵ ⊆ Թ௡ Differential Privacy x f(D1)f f(D2)f D1 D2 Κ ΚΚ(D1) Κ(D2)
  21. 21. Obfuscation mechanisms for ε-differential privacy Noise function of the sensitivity of f Δ݂ ൌ ݉ܽ‫ݔ‬஽భ,஽మ | ݂ ‫ܦ‬ଵ െ ݂ ‫ܦ‬ଶ |ଵ ݊~‫݌ܽܮ‬ሺ ୼௙ ఌ ሻ More sensitivity -> Higher noise level -> Reduced utility Differential Privacy x f f D1 D2 Κ ΚΚ(D1) Κ(D2) n n Κ(D1) Κ(D2)
  22. 22. Other metrics Information theoretic Secure information flow: seeks lack of leakage (non-interference) Shannon-entropy (average error) Min-entropy (worst-case error) Based on Bayes risk Anonymity-based K-anonymity, l-diversity: hide a user in a population Likelihood-based Mean square error (estimation error) No convention on the best metric: case-dependent Measuring Privacy
  23. 23. Getting Practical Privacy Tools from SSP
  24. 24. Available SSP tools to produce privacy-preserving systems SMC (Garbled Circuits) Homomorphic Encryption (FHE, SHE) Searchable Encryption and PIR Secure (approximate) interactive protocols Obfuscation mechanisms (diff. private) Privacy Tools from SSP
  25. 25. Computing models Boolean Circuits Arithmetic Circuits Hybrid Approximation Primary concern: Protection of private information Based on hard problems (traditional cryptography and secure cryptosystems and hash functions) Adversary Model (active, pasive, rational) Possibility of collusion between corrupted parties Secure Multiparty Computation (SMC)
  26. 26. Binary SMP Protocols Based in Yao’s garbled circuits: Obfuscated replica of the original circuit Phases: Build the circuit gates (garbling: hashing and permutations) Send the circuit Oblivious transfer of the inputs Evaluation: sequential pseudo-decryption Secure against passive adversaries (cut-and-choose) Efficient execution, versatile Communication Overhead
  27. 27. Secure Multiparty Computation First commercial practical use January 2008: SMC in Denmark national auction for market price of sugar beet (1200 farmers). Sell prices hidden and protected It does not require a trusted third party Protocol lasted 30 minutes (run once a year)
  28. 28. Homomorphic Encryption Fundamental idea (group homomorphisms): ሺܲ, ൅ሻ ⟶ாೖ ሺ‫∘,ܥ‬ሻ ‫ܧ‬௞ ‫ݔ‬ ൅ ‫ݕ‬ ൌ ‫ܧ‬௞ ‫ݔ‬ሻ ∘ ‫ܧ‬௞ሺ‫ݕ‬ ݉‫݊ ݀݋‬ଶ Example: RSA (multiplicative) ‫ܧ‬௞ ‫ݔ‬ ൌ ‫ݔ‬௘ ݉‫݊ ݀݋‬ ሺ‫ݔ‬ ൉ ‫ݕ‬ሻ௘ ൌ ‫ݔ‬௘ ൉ ‫ݕ‬௘ ݉‫݊ ݀݋‬ Example: Paillier (additive) ‫ܧ‬௞ ‫ݔ‬ ൌ 1 ൅ ‫ݔ‬ ൉ ݊ ൉ ‫ݎ‬௡ ݉‫݊ ݀݋‬ଶ ‫ܧ‬௞ ‫ݔ‬ ൅ ‫ݕ‬ ൌ ‫ܧ‬௞ ‫ݔ‬ሻ ൉ ‫ܧ‬௞ሺ‫ݕ‬ ݉‫݊ ݀݋‬ଶ , ‫ܧ‬௞ ‫ݔ‬ ൉ ݇ ൌ ‫ܧ‬௞ሺ‫ݔ‬ሻ௞ ݉‫݊ ݀݋‬ଶ Cryptosystems with semantic security (IND-CPA) ሺܲ, ൅ሻ ⟶ாೖ ሺ‫,ܥ‬൉ሻ ሺܲ,൉ሻ ⟶ாೖ ሺ‫,ܥ‬൉ሻ
  29. 29. Homomorphic Encryption Efficient Communication Challenges Computation overhead Cipher expansion Versatility (only additions or multiplications) Somewhat and Fully Homomorphic Cryptosystems (SHE/FHE)
  30. 30. Lattice Crypto: promise for post-quantum crypto Security based on worst-case assumptions Example: GGH (Goldreich, Goldwasser, Halevi) family Two lattice bases “Good” basis (࡮, private key) “Bad” basis (ࡴ, public key, Hermite Normal Form) Encryption of ݉: ‫܋‬ ൌ ‫ܧ‬ ݉ ൌ ࢜ ൅ ࢔ሾ݉ሿ (lattice point + noise) Decrytion: ‫ܦ‬ ࢉ : ࢜ෝ ൌ ࡮ ࡮ିଵ ࢉ Homomorphism: ࢉଵ ൅ ࢉଶ ൌ ࢜ଵ ൅ ݊ ݉ଵ ൅ ࢜ଶ ൅ ݊ ݉ଵ ൌ ࢜ଷ ൅ ݊ ݉ଵ ൅ ݉ଶ Lattice Crypto and FHE/SHE
  31. 31. Gentry’s Lattice-based SHE Cryptosystem Gentry’s somewhat homomorphic cryptosystem Can execute a limited-depth circuit, binary inputs How to get unlimited homomorphic operations? Decrypt under encryption Squash of decryption circuit to fit homomorphic capacity Fresh Encryption Noise norm grows after homomorphic operations Decryption Radius: Homomorphic “capacity” Non-fresh Encryption: after homomorphic op. Coded message + random noise
  32. 32. Gentry’s Cryptographic Bootstrapping • For a lattice-based cryptosystem Bootstrapping for FHE SHE ∑ (L) Only valid when f is of depth < L If Dec (squashed) has depth < L FHE ∑
  33. 33. Bootstrapping is costly SHE is more efficient and a perfect candidate for SSP A practical extension [TPFPG12]: Works with non-binary plaintexts (increases fresh encryption norm) Trades off full homomorphism for homomorphic capacity Keeps key generation procedure Negligible impact on decryption performance SHE or FHE
  34. 34. Searchable Encryption PEKS (Keyword Search) Encrypted keywords are associated with the (regular) criptotext It is possible to match encrypted keywords and search efficiently Private Information Retrieval (PIR) Alice asks for an element ‫ݔ‬௜ from Bob’s database Bob sends ‫ݔ‬௜ without knowing ݅ Simple example with HE Searchable Encryption and PIR ൈ ൌ‫ܧ‬௞ሺ ሻ ‫ܧ‬௞ሺ ሻ ‫ܧ‬௞ሺ ሻ ‫ܧ‬௞ሺ ሻ
  35. 35. Obfuscation mechanisms Adding noise to get private outputs (DP) Very low overhead Reduced utility In an untrusted environment, they must be combined with encryption
  36. 36. Wrap-up There are only limited (secure) privacy homomorphisms known The limitations of HE can be tackled through interaction (non-colluding parties) Solutions for complex operations Specific interactive protocols Hybrid protocols homomorphic/garbled circuits Full Homomorphisms (allowing any function) are not practical…yet Hot research topic
  37. 37. Mapping complex to real solutions Practical limitations and challenges
  38. 38. Privacy ⇒ Overhead Computational load Communication cost (bandwidth, rounds) Cloud Scenario Limitations Bandwidth of customer-cloud link Computational overhead on the client Multi-user settings Main challenge Efficient specific combination of techniques HE + cipher blow-up Practical limitations
  39. 39. Example of ubiquitous SP function: adaptive filtering LMS filter ‫ݕ‬௞ ൌ ࢝௞ ் ࢛௞, ࢝௞ାଵ ൌ ࢝௞ ൅ ߤ ൉ ࢛௞ሺ݀௞ െ ‫ݕ‬௞ሻ ௘ೖ Privacy-preserving implementation only with additive HE Inputs must be quantized before encryption (factor Δ) After ݇ iterations ⇒ factor Δ௞ାଶ For inputs in െ1,1 The cipher blows in k ൌ ୪୭୥ ௡ ୪୭୥ ୼ െ 2 iterations HE is not enough to cope with ciper blow-up Practical limitations: LMS
  40. 40. Quantization (encryption) or noise (obfuscation) affects accuracy and utility ⇒ privacy vs utility Interplay between communication, computation and accuracy Cipher expansión (Paillier): 4096 bits / 16 bits Mitigated by SIMD packing strategies Cipher blow-up Solved through a secure rescaling primitive (interactive) Practical limitations: tradeoffs
  41. 41. General tradeoff: privacy-utility-efficiency Cost function per application The privacy-preserving solution must optimize the cost function Practical limitations: tradeoffs privacy utility efficiency
  42. 42. Example Privacy- Preserving SSP Applications
  43. 43. Private Interference Cancellation Private Adaptive Beamforming Private Model-Reference Adaptive Control (MRAC) Private Noninteractive Face Verification Example Applications 43
  44. 44. CAGCTGCTTACC Genetic disease pattern ACGATGCTAGCTCCTGGCTCGAGATCGATCGCTAGCAGCTCGCATCCAGCTGCTTACCATCGCAGCCAGACTAGCTAGCCTACAACTACGCATCGACATCGCATGACCCGCTCGAAT Patient’s genetic sequence Example of secure DNA Query: approximate search Patient Expert System The system leaks Patient’s DNA Traditional query system Genetic disease pattern Encrypted patient’s genetic code Patient Expert System Private Query System SSP The result is obtained without disclosing patient’s DNA CAGCTGCTTACC
  45. 45. Example: Architecture for Secure Medical Clouds Execution of calculations on Encrypted Data Interprets SSP primitives Models compiled to SSP primitives Keys needed for encryption & decryption of private data Cryptographic module Communication module Server-side data encryption Data off-line pre- processing Secure Storage of encrypted data
  46. 46. Example: Architecture for Secure Medical Clouds
  47. 47. Current research lines and challenges A Glimpse to the Future
  48. 48. Definition and quantification of privacy in a rich variety of Multimedia Cloud scenarios and complex functions DP-preserving transformations Communication burden in the customer link Unattended private processing (SHE) FHE in Cloud Efficient private execution of non-polynomial functions Multi-user multi-key operation Searches in Cloud PRISM: Encrypted Map-Reduce with PIR Resource utilization and billing Current research lines and challenges in SSP for Cloud
  49. 49. Multi-client multi-key computing • Privacy-aware Cloud Scenarios [vDJ10] • Private single-client computing • Private multi-client computing • Stateful private multi-client computing • Not solvable with FHE alone • Access control mechanism • Multi-key operation Solvable by FHE alone Computing Server CS Encrypted Inputs and Results Computing Server CS Encrypted Inputs and Results
  50. 50. Computing Server CS Clear Inputs and Results Trusted Cloud Encrypted Inputs and Results Multi-client multi-key computing • Current approaches 1. Trusted element [BNSS11] 2. Multi-Server Secure protocol [PTK13] 3. Multi-key enabled FHE [LATV12] • Leverage FHE bootstrapping as proxy-reencryption • Approach between 2. and 3. • Proxy reencryption 1. Full delegation 2. Delegation to Helper Server 3. Delegation to set of users Helper Master Cloud Encrypted Inputs and Results Computing Server CS Secure Protocol Encrypted Inputs and Results Computing Server Multi-key FHE Joint Decryption
  51. 51. Bootstrapping for proxy reencryption • Idea: bootstrapping into a different key • Needed helper data: “encryption” of sk1 under pk2 Multi-key solution through bootstrapping
  52. 52. Further Info
  53. 53. SSP is not only targeted at Cloud Any untrustworthy distributed/outsourced environment SSP for Other Applications Electricity Distribution Grid Electricity Producer 1 Electricity Producer 2 Electricity Producer n Grid Operator Data Aggregator Communication Network Consumers Consumers Consumers Smart Meters Electricity Flow Data Flow Control/Signalling
  54. 54. Secure Signal Processing Publications • A. Pedrouzo-Ulloa, J.R. Troncoso-Pastoriza, and F. Pérez-González, “Multivariate Lattices for Encrypted Image Processing”, in IEEE ICASSP 2015 • J.R. Troncoso-Pastoriza, S. Caputo, “Bootstrap-based Proxy Reencryption for Private Multi-user Computing”, IEEE WIFS 2014 • J. R. Troncoso-Pastoriza, D. González-Jiménez, and F. Pérez-González, “Fully Private Noninteractive Face Verification”, IEEE TIFS, vol. 8(7), 2013 • Z. Erkin, J.R. Troncoso-Pastoriza, R. Lagendijk, and F. Pérez-González, “Privacy-Preserving Data Aggregation in Smart Metering Systems: An Overview”, IEEE SPM, vol. 30(2), 2013 • J. R. Troncoso-Pastoriza and F. Pérez-González, “Secure Signal Processing in the Cloud: enabling technologies for privacy-preserving multimedia cloud processing”, IEEE SPM, vol. 30(2), 2013 • J. R. Troncoso-Pastoriza and F. Pérez-González, “Secure Adaptive Filtering”, IEEE TIFS, vol. 6(2), 2011 • J. R. Troncoso-Pastoriza and Pérez-González, F., “Secure and Private Medical Clouds using Encrypted Processing”, in Virtual Physiological Human (VPH), Brussels, Belgium, 2010 Related Patents • US Patents No. 8433925, 8837715, 8843762, 8972742 • US Patent Pending, No. 12/876229 • EPO Patent Pending, No. EP10175467 Further info
  55. 55. RIA co-funded by the EU H2020 Programme A framework for end-to-end protection of data in untrusted and fast-evolving ICT-based environments, esp. Cloud Instantiated and validated in two application scenarios with demanding privacy requirements to protect sensitive data Genomic processing Financial calculations More info: http://witdom.eu Ongoing related EU projects empoWering prIvacy and securiTy in non-trusteD envirOnMents
  56. 56. Dr. Juan R. Troncoso Pastoriza troncoso@gts.uvigo.es http://gpsc.uvigo.es/juan-ramon-troncoso-pastoriza Twitter: @juanrtroncoso Secure Signal Processing in the Cloud Enabling technologies for privacy-preserving multimedia cloud processing Innovación en ciberseguridad aplicada a la protección de la identidad digital #CIGTR2015 Del 6 al 8 de julio Madrid (Campus de Aranjuez, URJC)

×