homomorphic encryption: a giant in the clouds

Cloud computing makes it necessary to send data to the cloud provider. If this is a storage service, the data can be encrypted prior to sending. In this case, data confidentiality is protected, and the provider can neither use nor analyze the data.

However, in the case of a cloud computing service like Software as a Service (SaaS) or even Infrastructure as a Service (IaaS), data can be encrypted during the transfer phase but must be unencrypted in the cloud. In fact, if you want your Virtual Machine (VM) to work, you have to make sure that its code can be executed.

For the moment, companies using cloud computing services have to have faith in the service provider they choose. Techniques for encrypting a VM and disk volumes are available, but they are only partial solutions: for at least a moment, as short as it may be, the data is unencrypted. This can be problematic – or at least slow the turn to cloud services – for the most sensitive data.

moving toward a solution

Homomorphic encryption addresses this need to "encrypt everything all the time”, both during data transfer to the cloud and data use in the cloud. It’s the holy grail of data confidentiality in the cloud.

On 8 August 2011, Microsoft’s research laboratory for cloud cryptography announced a significant advance toward this holy grail in the MIT Technology Review: "A Cloud that Can't Leak". Don’t get too excited yet, though, since this new method of data encryption is still in its beginnings. We’re still far from being able to execute VMs in a cloud using homomorphic encryption. Maybe the first applications will be more for SaaS or Platform as a Service (PaaS), or for handling specific data types.

For those who are into technical details, the published papers are available. The most interesting (or the most understandable for amateurs in the crypto field like me) is this one: "Can Homomorphic Encryption Be Practical?"

operating principle

Homomorphic encryption works like this: the customer sends encrypted data to the cloud. The encrypted data then undergoes processing (a calculation, for example), which yields a result. The result itself is also encrypted, so the cloud service provider cannot read it. Finally, the cloud service provider relays the result to the customer, who then decrypts it to obtain the end result.

With homomorphic encryption, the final result of the processing is the same as when the data is not encrypted, and data is never unencrypted during transmission or treatment. 

it’s coming along, but it won’t be ready tomorrow

While waiting for research to advance, we can look at some solutions that currently offer an initial response to the need for confidential cloud-stored data. For VMs, file systems can be encrypted using application programming interfaces (APIs) integrated into operating systems (BitLocker, dm-crypt, etc) or to use solutions like SafeNet ProtectV or FreeOTFE.

The main shortcoming of all these solutions is that they require the decryption key to be transmitted at a given moment (typically when booting up the VM). The storage and transmission of encryption/decryption keys is a lengthy subject: it’s the field of Virtual Trusted Platform Module (TPM).

These are solutions that are practical but perfectible. They offer us a temporary response while we wait for something better. Homomorphic encryption is a hot topic that we will follow in the years to come. In the meantime, we’ll have to make due with what’s out there! 

Jean-François Audenard

Au sein de la direction sécurité du Groupe Orange, je suis en charge de la veille sécurité et de la sensibilisation à la sécurité. Franchise, optimisme et bonne-humeur sont mes moteurs quotidiens