Achieving trustworthy Homomorphic Encryption by combining it with a Trusted Execution Environment

Nir Drucker^1,2 and Shay Gueron^1,2+

¹University of Haifa, Haifa, Israel

²Amazon Web Services, Seattle, WA, USA

drucker.nir@gmail.com, shay@math.haifa.ac.il

Abstract

Cloud database services become very appealing solutions. They offer performance and storage capabilities that client platforms do not have. However, in order to protect the users’ confidentiality and

to ensure the integrity of their computations, solutions often use one of three approaches: a) Encrypting the data prior to uploading it with some symmetric encryption; b) Using a Trusted Execution Environments (TEE) such as OS containers, Virtual Machines or Intel’s Software Guard Extension (SGX); c) using Homomorphic Encryption (HE) schemes. A newer approach, which we call the ”combined model” uses a TEE to guarantee the integrity and correctness of the database code and data, while the data itself is encrypted with some HE scheme. In this paper, we explain the combined model and we show how to use it in the context of modern Multi Party Computations (MPC) schemes. In addition, we demonstrate how to construct a voting system that leverages its capabilities.

Keywords: Secure Guard Extension, Homomorphic Encryption, Trusted Execution Environment, Paillier cryptosystem, Cloud database, Multi Party Computations.

+: Corresponding author: Shay Gueron,

University of Haifa, Haifa, Israel and Amazon Web Services, Seattle, WA, USA (This work was done prior to joining Amazon.)

Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA)

Vol. 9, No. 1, pp. 86-99, March 2018 [pdf]