Achieving trustworthy Homomorphic
Encryption by combining it with a Trusted Execution Environment Nir Drucker1,2 and Shay
Gueron1,2+ 1University of Haifa, Haifa,
Israel 2Amazon Web Services, Seattle,
WA, USA drucker.nir@gmail.com, shay@math.haifa.ac.il Abstract Cloud database services become very appealing
solutions. They offer performance and storage capabilities that client
platforms do not have. However, in order to protect the users’
confidentiality and to ensure the integrity of their computations,
solutions often use one of three approaches: a) Encrypting the data prior to
uploading it with some symmetric encryption; b) Using a Trusted Execution
Environments (TEE) such as OS containers, Virtual Machines or Intel’s Software
Guard Extension (SGX); c) using Homomorphic Encryption (HE) schemes. A newer
approach, which we call the ”combined
model” uses a TEE to guarantee the integrity and correctness of the database
code and data, while the data itself is encrypted with some HE scheme. In
this paper, we explain the combined model and we show how to use it in the
context of modern Multi Party Computations (MPC) schemes. In addition, we
demonstrate how to construct a voting system that leverages its capabilities. Keywords: Secure Guard Extension, Homomorphic Encryption, Trusted Execution Environment, Paillier cryptosystem, Cloud database, Multi Party Computations. +: Corresponding author: Shay Gueron,
University of Haifa,
Haifa, Israel and Amazon Web Services, Seattle, WA, USA (This work was done
prior to joining Amazon.) Journal
of Wireless Mobile Networks, Ubiquitous Computing, and Dependable
Applications (JoWUA) Vol. 9, No. 1, pp. 86-99, March 2018 [pdf] |