We investigate whether the logarithmic overhead can be reduced to incur optimal efficiency for a large class of applications. Oblivious RAM is a cryptographic primitive that hides leakage via data access patterns with at best logarithmic overhead in the general case i.e., arbitrary read / write accesses. We present an intractability result which states that blocking leakage from length and timing channels incurs an exponential overhead in certain real-world applications.įurther, we observe that there are randomized approaches, such as Oblivious RAM that can hide data access patterns without incurring a worst-case overhead. We demonstrate that hiding all the channels is a must as blocking a single channel often shifts the leakage to another. We study existing defenses that hide leakage via these side- channels and understand their limits in practice. Even with encrypted computation enabled, side-channels such as data access patterns, timing and length can reveal private information while computing on encrypted data. Further, we build a compiler to automate the process of converting existing C programs to autocrypted programs. This allows us to implement the capabilities of fully homomorphic encryption schemes while maintaining an acceptable performance overhead. To ensure secure conversion between these schemes, AutoCrypt depends on a small trusted software-base that can be realized using any trusted hardware primitive (such as TPM, Intel SGX). We propose efficient privacy-preserving solutions that use a novel combination of cryptographic techniques and trusted hardware primitives.įirst, we present AutoCrypt' a switchable homomorphic engine that converts between 3 partially-homomorphic encryption schemes that support encrypted search, addition and multiplication. In this thesis, we investigate the challenges in securely computing on encrypted data while addressing side-channel leakages. In practice, many believe that encrypting data and secure cryptographic key management is a panacea for these breaches. Abstract: Cloud applications offer various services ranging from storage to highly complex computation on large-scale user data, thus exposing users' data to several privacy and security breaches.
0 kommentar(er)
