Abstract
The outsourcing process is computationally secure if it is performed without unveiling to the other external agent or cloud, either the original data or the actual solution to the computations. Secure multiparty computation computes a certain function without revealing their private secret information.
In this paper, we presented a new secure and computationally efficient protocol utilizing multi cloud servers view. In our proposed protocol, encrypted data by different users is transformed to cloud. The protocol being non-interactive between users, gives the comparatively lesser computational and communication complexity. The analysis of our proposed protocol is also presented at the end of the paper.
Access provided by CONRICYT-eBooks. Download conference paper PDF
Similar content being viewed by others
Keywords
1 Introduction
Beside the tremendous advantages of outsourcing, client faces some challenges by outsourcing the computational task to cloud [8, 9]. These are security, input-output privacy and verification of result. Consider a scenario where some mutually distrusted members are present, and they want to compute a complex function, which involves their own private inputs [10]. This scenario may be termed as secure multi-party computation. Suppose, \(U_1, U_2, \cdots , U_m\) are m users, and each posses a private number \(n_1, n_2, \cdots , n_m\). Consider function is,
which they want to co-operatively compute, but they don’t want to expose \(n_i\) of corresponding \(U_i\) to other users \(U_j\), \(i \ne j\) & \(i, j \in (1, 2, \cdots , m)\). Also they should guarantee that \(\mathbb {FUNC}\) should not be known by any of the unauthorized user. Its observable that the computation and communication complexities are mostly dependant on the complex nature of computation function. The scenario is shown as Fig. 1.
Recently, as the development of cloud computing [25], users’ concerns about data security are the main obstacles that impedes cloud computing from wide adoption. These concerns are originated from the fact that sensitive data resides in public cloud [18], which is maintained and operated by untrusted cloud service provider (CSP) [20, 22]. The expectation of users is that the cloud should compute the function having the inputs as private parameters of users in the encrypted/transformed form.
2 Secure Outsourcing Algorithms Classification
Increasing no. of smart equipments and their growing need to execute computationally large task resulting the outsourcing of any scientific computation to the cloud server an encouraging solution. The general nomenclature is represented as Fig. 2 below:-
2.1 Related Work
While outsourcing the private data functions to the cloud, there exist many problems and challenges. In past years, much research have been carried out to come up with various solutions for secure computational outsourcing. One solution was proposed by Gentry [2], in 2009 where a joint public key is used to encrypt their private input data and accordingly the notion was termed as Homomorphic encryption, which successively used in the secure outsourcing of practical complex problems. In the work presented by [7] has given a scheme where for encryption purpose, users’ public keys are utilized, and cloud will be able to compute the function having their private inputs. A more secure outsourcing was given by Halevi et al. [13] in 2011, that was a non-interactive method for secure outsourcing [15]. [16] given a new fully homomorphic scheme, multikey FHE, which applied bootstrapping concept for secure outsourcing of computations. ABE, introduced as fuzzy identity-based encryption in [24], was firstly dealt with by Goyal et al. [1]. Two distinct and interrelated notions of ABE were determined in [1]. Accordingly, several constructions supporting for any kinds of access structures were provided [3, 4] for practical applications [5, 6]. Atallah et al. [8] offered an structure for secure outsourcing of scientific computations e.g. multiplication of matrices. Although, the solution used the disguise technique and thus leaded to leakage of private information. Atallah and Li [9] given an efficient protocol to outsource sequence comparison with two servers in secure manner. Furthermore, Benjamin and Atallah [10] addressed the problem of secure outsourcing for widely applicable linear algebraic computations. Atallah and Frikken [11] further studied this problem and gave improved protocols based on the so-called weak secret hiding assumption. Recently, Wang et al. [12] presented efficient mechanisms for secure outsourcing of linear programming computation.
In [14], a novel paradigm for outsourcing the decryption of ABE is given. Compared with our work, the two lack of the consideration on the eliminating the overhead computation at attribute authority. In 2014, Sudarshan et al. [27] proposed an Attribute-Based Encryption mechanism, applied for cloud security. Recently Lai et al. [17] given a construction with verifiable decryption, which achieves both security and verifiability without random oracles. Their task supplements a redundancy with ciphertext and uses this redundancy for correctness checking.
2.2 Motivation and Contribution
In the scenario of outsourcing private inputs or computational function to cloud, There exist hurdles in following two aspects - One is in the users’ or customers point of view, where they want to ensure the privacy of its input parameters and results. Another is to cloud servers point of view, where cloud entity is worried about feasibleness of encrypted/transformed inputs and operating on them. In computational outsourcing, users are not participating in the computational function, rather than they outsource the private problem along with parameters to the cloud, but users and cloud servers are not mutually trusted entities. Thus, users would not like to submit their private problem data inputs to the cloud. Thus, encrypting/transforming the private data prior to submission to cloud is a usual solution. Our contribution in this paper is as -
-
We have proposed protocol for secure and an efficient computational outsourcing to cloud. The protocol is completely non-interactive between users.
-
We have performed the computational security analysis for our proposed system.
2.3 Organization of the Paper
Remaining paper organized as - Preliminaries are given in Sect. 3. Secure outsourcing using FHE scheme is given in Sect. 4. Experimental results are presented in Sect. 5. Section 6 presents our proposed scheme along with correctness, security analysis and our experimental simulation results. Section 7 concludes the paper.
3 Preliminaries
This section discusses some of the significant preliminaries required for secure computational outsourcing.
3.1 Computational Verifiability
Various different solutions exist for secure computational outsourcing. Homomorphic encryption(HE) can be assumed as a better solution to secure outsourcing of scientific computations, but it is useful when the returned result can be trusted.
Lemma 1
It is infeasible to factorizing the N in polynomial time if integer factorization in large scale in infeasible.
Proof
Assume x is an adversary who is able to factorize a number N into primes p and q of probable same bit length in polynomial time. Suppose this operations probability as \(p'\). Each factor \(fact_i\) of a number N will at least posses two prime factors. So the probability \(p_r''\) that the attacker can factorize it is - almost lesser than \(p'\). Thus the resultant probability that attacker can factorize N is \(\prod _{i=1}^{m} p_r'' \le (p')^m\). Now if \(p'\) is negligible, the resultant probability is also negligible.
3.2 Lattice-Based Encryption
As we know that the computational complexity as well as the input parameters’ privacy is mostly dependant on the encryption procedure adopted by user. Lattice-Based Encryption [16, 28] is considered as secure against quantum computer attacks and much efficient as well as potent than RSA and Elliptic curve cryptosystems.
Lattice based cryptosystem, whose security is based on core lattice theory problems, was introduced by Mikls Ajtai, in 1996. In the same year, first lattice based public key encryption scheme (NTRU) was proposed. Later, much work and improvement [2] was carried out towards this direction involving some additional cryptographic primitives LWE(learning with errors).
4 Secure Outsourcing Using FHE
This section summarizes the scheme [26] for secure outsourcing of large matrix multiplication computations on cloud. The complete description and steps involved in this scheme are summarized as below:-
5 Experiment Results
This section presents our experimental analysis.
5.1 System Specifications
Our system specifications are as below:-
-
Software Specifications -
OS - Ubuntu 16.04 LTS, 64 bit
Python version - ‘Python 3.6.0’
-
Hardware Specifications -
RAM size - 4 GB
Processor - Intel core i3 4030U CPU @\(1.90GHz \times 4\)
5.2 Our Results
The graph for overall algorithm execution for various sized input parameters is given below:-
The end results of execution performance for varying key sizes is presented as Table 1 below:-
6 Proposed Scheme
In this section, we have proposed an efficient secure computational outsourcing mechanism applicable for multi-users. The system model and proposed mechanism steps are given in subsections below:-
6.1 System Model
The proposed system model is represented as diagram below (Fig. 3):-
Notations used are given in Table 2.
6.2 Protocol Steps
The proposed secure computational outsourcing protocol executes in the below phases -
\(\forall i \in (1, 2, \cdots , n)\),
\(U_i\) uses Lattice based encryption method to encrypt its own problem input \(\alpha _i\). The sub-steps involved in this are as below:-
CS1 stores all ciphertexts coming from user \(U_i (1 \le i \le n)\), then further steps are as below:-
Production of the result by cloud servers will follow as steps below:-
6.3 Analysis of Proposed Scheme
Here, we have presented the correctness and security analysis of our proposed scheme.
-
Correctness analysis -
The correctness analysis of given scheme is as follows:-
Theorem 1
Due to Homomorphic properties of the transformed ciphertexts, the given scheme is correct.
Let, P and Q are rings a function \(f: P \rightarrow Q\) will be ring homomorphism if \(\forall x_1, x_2 \in P\).
-
\(f(x_1 + x_2) = f(x_1) + f(x_2)\)
-
\(f(x_1 * x_2) = f(x_1) * f(x_2)\)
-
Security analysis -
The security analysis of proposed scheme can be analysed as below:-
Theorem 2
As long as Lattice based encryption is secure and cloud servers CS1 and CS2 are noncolluding, the given protocol is secure enough.
In proposed protocol, each user \(U_i\) encrypts its private input \(\alpha _i\) with the help of its own public key, which is being produced by triggering lattice based encryption scheme. Further, \(U_i\) sends \(RAND_i . SK_i\) to CS2. Then, CS2 reckons \(K_{CS2} . RAND_i . SK_i\) and sends back to CS1. Here, \(U_i's\) private key is \(SK_i\), which is protected by \(RAND_i\). In the entire process, the user’s private keys are not being revealed.
After transferring computed results, cloud ensures in the protocol that only authorized user set must get final result; (Assume, \(U_\mathbb {A}\), \(\mathbb {A}\) \(\in \) \((1, 2, 3, \cdots , n)\) is authorized user set to access result.)
6.4 Comparative Analysis
This section presents the comparison of our scheme with existing schemes on several factors/parameters. The representation is given in Table 3.
7 Conclusion and Future Work
When users have to compute some complex function, which involves their private inputs then to perform outsourcing is the possible scenario from user side. There exist hurdles in following two aspects - One is in the users’ or customers point of view, where they want to ensure the privacy of its input parameters and results. Another is to cloud servers point of view, where cloud entity is worried about feasibleness of encrypted/transformed inputs and operating on them.
In this paper, we have constructed a scheme for secure outsourcing based on multi cloud servers. The computational complexity and security analysis is also given for our proposed system. Finding an efficient, practical and computationally secure outsourcing solution for various specific scientific problems will be our further research work.
References
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of 13th ACM Conference on Computer and Communications Security, pp. 89–98 (2006)
Gentry, C.: A fully homomorphic encryption scheme [Doctoral dissertation], Stanford University (2009)
Cheung, L., Newport, C.: Provably secure ciphertext policy ABE. In: Proceedings of 14th ACM Conference on CCS, pp. 456–465 (2007)
Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 111–129. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68914-0_7
Han, F., Qin, J., Zhao, H., Hu, J.: A general transformation from KP-ABE to searchable encryption. Future Gen. Comput. Syst. 30, 107–115 (2014)
Zhao, H., Qin, J., Hu, J.: Energy efficient key management scheme for body sensor networks. IEEE Trans. Parallel Distrib. Syst. 24(11), 2202–2210 (2013)
Asharov, G., Jain, A., López-Alt, A., Tromer, E., Vaikuntanathan, V., Wichs, D.: Multiparty computation with low communication, computation and interaction via threshold FHE. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 483–501. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_29
Atallah, M.J., Pantazopoulos, K., Rice, J.R., Spafford, E.E.: Secure outsourcing of scientific computations. In: Zelkowitz, M.V. (ed.) Trends in Software Engineering, vol. 54, pp. 215–272. Elsevier, Amsterdam (2002)
Atallah, M.J., Li, J.: Secure outsourcing of sequence comparisons. Intl. J. Inf. Secur. 4(4), 277–287 (2005)
Benjamin, D., Atallah, M.J.: Private and cheating-free outsourcing of algebraic computations. In: Proceedings of 6th Annual Conference on PST, pp. 240–245 (2008)
Atallah, M.J., Frikken, K.B.: Securely outsourcing linear algebra computations. In: Proceedings of 5th ACM Symposium on ASIACCS, pp. 48–59 (2010)
Wang, C., Ren, K., Wang, J.: Secure and practical outsourcing of linear programming in Cloud Computing. In: Proceedings of IEEE INFOCOM, pp. 820–828 (2011)
Halevi, S., Lindell, Y., Pinkas, B.: Secure computation on the web: computing without simultaneous interaction. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 132–150. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_8
Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of ABE ciphertexts. In: Proceedings of 20th USENIX Conference on SEC, p. 34 (2011)
Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. In: Proceedings of the IEEE 52nd Annual Symposium on Foundations of Computer Science (FOCS 2011), pp. 97–106 (2011)
López-Alt, A., Tromer, E., Vaikuntanathan, V.: Cloud-assisted multiparty computation from fully homomorphic encryption. IACR Cryptology ePrint Archive, vol. 2011, Article 663 (2011)
Lai, J., Deng, R., Guan, C., Weng, J.: Attribute-based encryption with verifiable outsourced decryption. IEEE Trans. Inf. Forensics Secur. 8(8), 1343–1354 (2013)
Zhang, Y., Blanton, M.: Efficient secure and verifiable outsourcing of matrix multiplications. In: Chow, S.S.M., Camenisch, J., Hui, L.C.K., Yiu, S.M. (eds.) ISC 2014. LNCS, vol. 8783, pp. 158–178. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13257-0_10
Atallah, M.J., Frikken, K.B.: Securely outsourcing linear algebra computations. In: ASLACCS, 13–16 April 2010, Beijing, China (2010)
Lei, X., Liao, X., Huang, T., Li, H., Hu, C.: Outsourcing large matrix inversion computation to a public cloud. IEEE Trans. Cloud Comput. 1(1), 1 (2013)
Benjamin, D., Atallah, M.J.: Private and cheating-free outsourcing of algebraic computations. In: Sixth Annual Conference on Privacy, Security and Trust, PST 2008. IEEE (2008)
Xiang, C., Tang, C.: Securely verifiable outsourcing schemes of matrix calculation. Int. J. High Perform. Comput. Netw. 8(2), 93–101 (2015)
http://homepages.math.uic.edu/leon/mcs425-s08/handouts/Hadamard_codes.pdf
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Zeng, D., Guo, S., Hu, J.: Reliable bulk-data dissemination in delay tolerant networks. IEEE Trans. Parallel Distrib. Syst. doi.ieeecomputersociety.org/10.1109-TPDS.2013.221
Sudarshan, V., Satyanarayana, N.: An efficient protocol for secure outsourcing of scientific computations to an untrusted cloud. In: International Conference on Intelligent Computing and Control (I2C2), Karpagam College of Engineering, Tamilnadu (2017)
Sudarshan, V., Satyanarayana, N., Dileep Kumar, A.: Lock-in to the meta cloud with attribute based encryption without outsourced decryption. IJCST 5(4) (2014)
Brakerski, Z., Vaikuntanathan, V.: Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 505–524. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_29
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Rao, V.S., Satyanarayana, N. (2018). A Secure and Efficient Computation Outsourcing Scheme for Multi-users. In: Singh, M., Gupta, P., Tyagi, V., Flusser, J., Ören, T. (eds) Advances in Computing and Data Sciences. ICACDS 2018. Communications in Computer and Information Science, vol 905. Springer, Singapore. https://doi.org/10.1007/978-981-13-1810-8_2
Download citation
DOI: https://doi.org/10.1007/978-981-13-1810-8_2
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-1809-2
Online ISBN: 978-981-13-1810-8
eBook Packages: Computer ScienceComputer Science (R0)