1University of Human Development, College of Science and Technology, Department of Computer Science, Sulaymaniyah, Kurdistan Region of Iraq, Iraq, 2University of Sulaimani, College of Science, Computer Department, Sulaymaniyah, Kurdistan Region of Iraq, Iraq
ABSTRACT
Fully homomorphic encryption (FHE) reaped the importance and amazement of most researchers and followers in data encryption issues, as programs are allowed to perform arithmetic operations on encrypted data without decrypting it and obtain results similar to the effects of arithmetic operations on unencrypted data. The first (FHE) model was introduced by Craig Gentry in 2009, and it was just theoretical research, but later significant progress was made on it, this research offers FHE system based on directly of factoring big prime numbers which consider open problem now, The proposed scheme offers a fully homomorphic system for data encryption and stores it in encrypted form on the cloud based on a new algorithm that has been tried on a local cloud and compared with two previous encryption systems (RSA and Paillier) and shows us that this algorithm reduces the time of encryption and decryption by 5 times compared to other systems.
Index Terms: Cloud Computing Security, Encryption, Decryption, Cloud Storage, Homomorphic Encryption
Computing technology is seeing significant progress and significant interest, especially when the computation outsourcing has been outsourced to a third party as the cloud is the most frequently used form [1]. That is why many companies no longer trust to store their sensitive data in the cloud, which uses traditional unsecured encryption systems [2]. From this, the need to use homomorphic encryption for banking data is coming, which is a new approach that can help banks to increase data security and management [3]. There are two types of homomorphic cryptosystems: Partially homomorphic systems and fully homomorphic systems [4]. Partially homomorphic schemes support one of the additions or multiplication operations, these systems are divided into two parts according to the process that supports like the RSA, where it only supports the multiplication process and does not support the addition process, for example, if we have two numbers M1, M2 and they are encrypted by the RSA, then its value becomes C1, C2 and on obtaining the product of multiplying the two encrypted values C1 * C2 = C3 and then we decrypt the encrypted output C3, we will get a result similar to M1 * M2 = M3, but if we add the two values C1 + C2 = C4 and when decrypting the result C4 we do not get a result similar to M1 + M2 = M4. On the contrary, when the two values are encrypted using Paillier, we find that only the result of C1+C2=C5 is similar to M1+M2=M3 and C1*C2=C6 do not equal to M1+M2=M4. Therefore, we say that the two algorithms (RSA and Paillier) are not a fully homomorphic systems [5], [6]. The first FHE was given in 2009 by Craig Gentry [7]. Researchers first researched a (FHE) system in the late last century, specifically at the end of the seventies, and soon after, in 1987, RSA was published, the RSA algorithm became a leading approach by many researchers because at that time there was no idea of the public key cipher that was presented during the RSA scheme for the first time [5]. Because this kind of encryption allows the key to decrypt the encrypted data, and thus one can read and know all the data, and for this reason, if one does not have the secret key, the data become useless. Therefore, a question and an issue were asked: Can mathematical operations apply to encrypted data without decrypting it, and from this, the idea of using fully homomorphic systems (FHE) was raised. After that, several attempts were made to develop these systems, but most of the research did not succeed as they received partially homomorphic schemes such as RSA and Goldwasser-Micali [8]. The algorithm that achieves the addition and multiplication properties can be considered as FHE, as it is regarded as a special algorithm that contains the feature of performing mathematical operations (addition and multiplication) on data without decrypting it and obtaining correct results [9]. FHE is an encryption technology that allows calculations to be performed on encrypted data without decrypting it, and this results in an encrypted result where when this result is decrypted we get a result similar to the result of the calculations on the data without encrypting it [9]. The world of computing is in constant progress, and the main challenge is to create a guarantee and trust among customers when storing their sensitive data on the cloud to ensure and respect their privacy. This is a new approach that cloud providers follow to encrypt users’ data, upload it to the cloud, and perform operations on it without decrypting it to ensure the integrity of customer data [10]. This paper presents a fully homomorphic system (the correct numbers and texts) based on a new algorithm that will be explained later in this paper as this scheme relies on data encryption and operations performed on it without decrypting and reducing computational complications and the time used to encrypt and decrypt data and reduce energy consumption. Most of the previous research in this field deals with data when encrypting after converting it to the binary system and this means more time. As for our current research, data operations are encrypted without the need to convert them to binary representation and this reduces mathematical operations and there is a reduction in the time of encryption and encryption solution, as well as a mathematical model has been suggested that deals with the inverse calculation and the process of raising to the exponential and increases the complexity of attacking the new system.
C. Gentry et al. (2012), this paper introduces contrast/ orientation techniques to transfer the elements of plain text across these vectors very efficiently so that they are able to perform general calculations in a batch way without the need to decrypt the text and also make some improvements that can accelerate the normal homomorphic, where you can make homogeneous evaluation of arithmetic operations using multi-arithmetic head only [11].
J. Fan et al. (2012), this paper concludes two copies of the redefinition that lead to a quick calculation of homogeneous processes using the parameter transformation trick, as this paper conveys Brakerski’s fully homomorphic scheme based on the learning with errors (LWE) problem to the ring-LWE [12].
Z. Brakerski et al. (2012), this paper introduces squash and bootstrapping techniques to convert a somewhat symmetric encryption scheme into an integrated symmetric encryption scheme [13].
X. Cao et al. (2014), this paper presents a completely symmetric encryption scheme using only a basic unit calculation as it relies on the technique of using multiplication and addition instead of using ideal clamps on a polynomial loop [14].
C. Xiang et al. (2014), this paper presents an entirely symmetric encryption scheme on integers, as it reduces the size of the public key using the square model encryption method in public key elements instead of using a linear model based on a stronger variant of the approximate-GCD problem [15].
M. M. Potey et al. (2016), this paper presents a completely symmetric encryption system where it focuses on storing customer data on the cloud in an encrypted form so that customer data remain safe and when any data modification is made the system loads data on the customer’s device and modifies it and then stores it again on the cloud in encrypted form [16].
K. Gai et al. (2018), this paper proposes a new solution for mixing real numbers on a novel tensor-based FHE solution that uses tensor laws to reduce the risk of unencrypted data storage [17].
S. S. Hamad et al. (2018), these heirs offer a completely symmetric encryption system, as it relies on the principle of encryption a number from the plain text with another number using a secret key without converting to binary format and then comparing the result with a DGHV and SDC system [18].
S. S. Hamad et al (2018), this paper presents a fully homomorphic encryption system based on Euler’s theory and the time complexity has been calculated and compared with other systems with an encrypt key size up to 512 bits while the size of the key in our proposed scheme reaches more than 2048 bits and the encrypting process is done through more complex and powerful mathematical equations [19].
V. Kumar et al (2018), this paper presents fully homomorphic encryption system with probabilistic encrypting and relies on Euler’s theory. The encrypting process is done through the following mathematical equation (C=Mk* M (n) +1 mod x) while in our proposed scheme a more complex and difficult mathematical algorithm is used which helps to stand more against hacker attacks and deter them [20].
R. F. Hassan et al. (2019), this paper proposes a blueprint for building asymmetric cloud-based architecture to save user data in the form of unusual text. This pattern uses the elliptic curve to create the secret key for data encryption. This pattern is a new algorithm that reduces processing time and storage space [21].
Cloud providers provide many services, including applications and storage many companies and users do not trust the providers of these services due to security concerns. Where the user does not upload his personal data to the cloud because the cloud providers are able to read and modify every bit loaded on the cloud and use it for personal purposes, and this thing does not comply with respecting the user’s privacy. Furthermore, some cloud providers still use traditional security techniques that are not secure with low-security level to protect user privacy. Some of the cloud providers have started to use high-level technologies to protect the privacy of users and the security of their data, but there remains a problem that the provider of the cloud itself is still able to access user data, and this is not safe for users. This problem can be solved when following FHE systems when storing data on the cloud where these systems can encrypt the data and store it in the cloud in an encrypted form and thus the cloud provider or others cannot see the data and use it, so the privacy of users and the security of their data are protected.
The proposed scheme works as follows: Generating the encryption key and then encrypting the numbers and texts and storing them in encrypted form on the cloud. In our work, we use a local cloud and experiment with the proposed scheme on it. The purpose of this process is to save the data encrypted on the cloud so that no one can view the data and use it for personal purposes Therefore, when the data owner needs to perform an amendment of the encrypted data on the cloud, an encrypted request is sent to the server, and the server performs mathematical operations on the encrypted data and returns an encrypted result where this encrypted result can only be decrypted through the private encryption key which is with the owner of data only so that he can decrypt the encrypted result and see his data. In this way, we have been able to maintain the privacy and security of the data when stored in the cloud. These procedures go through three stages. Generation the encryption key stage, the encryption stage, and the decryption stage. The model of the proposed scheme is given in Fig. 1, and the flowchart of the proposed scheme is given in Fig. 2. The proposed scheme performs several random examples with multiplication and addition as follows:
Fig. 1. Model of proposed FHE scheme.
Fig. 2. Flowchart of proposed FHE scheme.
A. Key Generation:
Generate two large Prime number p and q
Compute n = p*q
Calculate L=((P-1 mod q)*p) + ((q-1 mod p)*q)
Select r: Where r is a big random integer
B. B. Messages Encryption
The conditions:
(M1&M2), (M1+M2), and (M1*M2) < n Where M1 and M are the Messages.
The schema of message encryption is:
Where μ (p) = (p-1), Euler function and C, the ciphers text.
C. Message Decryption
The schema of cipher decryption is:
M=C mod p
Where M is the number or text that will be encrypt and C is the result of the encrypted number or text we named it cipher text
D. Euler’s Theorem
All of us know that Euler’s Theorem contains two-part they are:
M μ(p) = 1(mod p), when p and m are prime to each other.
M r* μ (n) +1 = M (mod n), when r is an integer, M<n and n=p*q where q and p are two primes number.
E. A simple example of how to make an amendment to encrypted data
We have two values M1 = 3, M2 = 5. We encrypt them through a simple encryption equation that is multiplied by each value, so we get C1 = M1 * 2 and C2 = M2 * 2, so C1 = 6, C2 = 10 when we add the two values C1 + C2 = C3 so C3 = 16 We decrypt C3 so we get the result 16/2 = 8 which is the same result when we add M1 + M2 = M3 where 3 + 5 = 8 as shown in Fig. 3.
Fig. 3. A simple example of how modify encrypted data.
We choose two numbers M M2 and encrypt them to get two encrypted or (ciphers) C1 and C2, respectively, and then we combine C1 + C2 to get a new ciphered result we name it C3 then we decrypt C3 and compare the result with M3 which is the result of combine M1 + M2 we also multiply C1 * C2 to get C4 and compare it to M which is the result of M1 * M2.
A. The Prove of Additive Homomorphic
If the following condition is fulfilled, it becomes clear to us that the proposed scheme additive homomorphic:
Where dec is the decryption function and enc is the encryption function
Proof:
C1=L*(Mr μ (p) +1 mod n).
C2=L*(M2r μ (p) +1 mod n).
C1+C2= L*(M2rμ(p)+1 mod n) + L*(M2rμ(p)+1 mod n). dec (C1+C2) = (C1+C2) mod p
= [L*(M1rμ(p)+1 mod n) + L*(M2rμ(p) +1 mod n)] mod p
= [(L mod p) + ((M1rμ(p) +1 mod n) mod p) + (L mod p) + ((M2rμ (p) +1 mod n) mod p)]
= [(M1r μ (p) +1 mod p) mod n + (M2 rμ (p) +1 mod p) mod n]
We know M r μ (p) +1 mod p = M1 and M2 r μ (p) +1 mod p = M2 by Euler’s Theorem so
= (M1 mod n) + (M2 mod n)
= (M1 +M2) mod n
Because M1+M2 less than < (n)
= M1+M2
dec (C1+C2) = M1+M2 so the condition is fulfilled
B. The Prove of Multiplicative Homomorphic
If the following condition is fulfilled, it becomes clear to us that the proposed scheme multiplicative homomorphic:
Where dec is the decryption function and enc is the encryption function
Proof:
C1=L*(M1rμ(p)+1 mod n).
C2=L*M2rμ(p)+1 mod n).
C1*C2= (L*(M1 rμ(p)+1 mod n)) * (L*(M2rμ (p) +1 mod n)). dec (C1*C2) = (C1*C2) mod p
= [(L*(M1rμ (p) +1 mod n)) * (L*(M2rμ (p) +1 mod n))] mod p
= [(L mod p) * ((M1 rμ(p) +1 mod n) mod p) * (L mod p) * ((M2rμ (p) +1 mod n) mod p)]
= [(M1rμ (p) +1 mod p) mod n * (M2r μ (p) +1 mod p) mod n]
We know M1r μ (p) +1 mod p = M1 and M2r μ (p) +1 mod p = M2 by Euler’s Theorem so
= (M mod n) * (M2 mod n)
= (M1*M2 mod n
Because M1*M2 less than < (n)
= M1*M2
dec (C1*C2) = M1*M2 so the condition is fulfilled
Let us choose two different number M1= 10, M2 = 40, select two big prime numbers p=523, q=617, select random
number r=100 and compute n, L where n = p*q and L = ((P-1 mod q)*p) + ((q-1 mod p)*q), as in Fig. 1, so n = 322691 and L = 322692 now we will compute C1, C2 as shown in Fig. 4 where
Fig. 4. Verification that the proposed scheme supports multiplicative homomorphic system.
C1= L*(M1rμ (p) +1mod n)
q= 322692 * (10100*(522) +1 mod 322691)
C1= 84555952836
C = L*(M2rμ(p)+1 mod n)
C2= 322692 * (40100*(522) +1 mod 322691)
C2= 70220360736
A. Check the Additive Homomorphism
As shown in Fig. 5, Let us define C3 is the result of C1+C2
Fig. 5. Verification that the proposed scheme supports additive homomorphic system.
C3 = C1 +C2
C3= 84555952836+70220360736
C3= 154776313572
M3= C3 mod p
M3= 1534776313572 mod 523
M3= 50, which is the same of M+M = 10 + 40 =50
B.Check the Multiplication Homomorphism
As shown in Fig. 6, Let us define C4 is the result of C1*C2
Fig. 6. A real example of generating an encryption key and encrypting two different numbers.
C4= C1*C2
C4= 84555952836*70220360736
C4= 5937549510520122247296
M4=C4 mod p
M4= 5937549510520122247296 mod 523
M4= 50, which is the same of M1*M2 = 10 * 40 =400
Our proposed method has been applied in Java Language on a laptop that has these characteristics Intel (R) core (TM) i7-8550U CPU @1.80GHz 2.00GHz, 8 GB Ram, 64-bit Operating System,x64-based processor, Windows 10 and Big Integer library of java is used. We have previously seen that in section 5 our scheme achieves the two properties (addition and multiplication) on the correct numbers when encrypt in contrast to the two systems (RSA and Pailler) that produce a single property either multiplication or addition, we took as an example of 2048 bit A message containing several languages: English, Kurdish, Arabic and Chinese, to indicate that our scheme works in all languages. The message was:
The language considered at the university is English
P=16963600001744112018845147215300525136637986969 1606741862700184835051235683163815632346364513963 5084178686272336909107427580252972488626713138540 8110011485075986472668526287650474047702785552627 7139605888244856948751484971356945255025501977455 2242450237953291087748249243514503675865792656993 93729838051811451
Q=1428710476741675056983014575571840561823434645 4308656139478728164897664839386811178089812726550 5708304317799826040708010919513590630000335514123 0450272776428691918542268804417638286844165397915 2025714562637864986328594073222682892055143305181 2687655466062902039677657892147970940904308293447 443717248390239707
R=365786518636912644776042065063644900157123708 343207168729026337822168443513411848955281137920 158798190812229338500124674534784650074194884515 2271827981943
N=2423607304574691011057220168339429745775510876 8568255735015912152074767485603430716960118055838 9243234428533681091865082478949426971733704964018 7576258686356978941473841479446251805425174083399
0064335766935428553190201256143433654205627755229 6773381542471828455818813480172653876483980783338 1523057539397742755088141082360135822895062302531 9405062251415063552873019444449238666440140085803 2829153319755489679960430558612883401366594381416 5468112883656495673094721811758386521739451237520 5070768701405826931878983152614067930454176175622 2924904444160392437762620644204922911348434700560 07271825256265091103199457484857
L=24236073045746910110572201683394297457755108 7685682557350159121520747674856034307169601180 5583892432344285336810918650824789494269717337 0496401875762586863569789414738414794462518054 2517408339900643357669354285531902012561434336 5420562775522967733815424718284558188134801726 5387648398078333815230575393977427550881410823 6013582289506230253194050622514150635528730194 4444923866644014008580328291533197554896799604 3055861288340136659438141654681128836564956730 9472181175838652173945123752050707687014058269 3187898315261406793045417617562229249044441603 9243776262064420492291134843470056007271825256 265091103199457484858
The Message after encryption (Cipher Text)
541476558809409702391337896786206578891371305860 691083047075666735305343010133163455201330600329 818224876828649953919527566237735831578747495518 661815006015094327373599324058140501637682523981 366081263444402953878958225004102881404987245214 085192130463968623162036132714218988345866733882 828903027959438577677193858956252126893602243322 002345822997903630750182808060329693726890973821 429052022147058264305295245097017754099269475380 968046201854139181624798301373478600684536391994 135042539217304792283425928429438405414943114956 731879603950076538717093967938918097476473355425 283428257417215267662967218064104960563636218183 044111151212122457871341575675158274986166996526 006578968820402465601212584511978294298514268554 125554995603375526132322574633145472359908234720 133081143881121000520379674740198817341417761860 826872691325817210768306765600237104658826101240 831563114649492567258100255788974674414548062825
289283723466283906129211351747505124028302482285 703983215028876622455291720747481357534432866979 561161051794214495384555564764420022771673904608 026921423801092986234452794686905395614250428215 39788299132797410163169266322544228501653889014 41231774699848323143262753973952981234912026166 08092930905934341723828737491536602463718665109 04460259954270328428583255617601007624795283333 12842498083186883479202672771030666642010819171 03871200835323397770355533934916679402150831209 71613731326031096116661094157439907155297740345 56154583520372539433462549143084673593882815487 33624326112691124298132589125000613618859548392 80194895402855066065235834892981371608451492075 898392646836063832420875791614210127746840887222 061576759203922203224378888374677613916469740136 215937279995273878941455335546570056409881117615 612427776918414604124368172979351492484034377939 232910419697167267189883148981938503891449737345 277644170563374412805408898899652315897930433017 221778569673211415882347553987827098592640370937 720688618264473231853293964905495556724277624311 697945653171210371750503583126470426057905397533 244577146375498719004689422402622745765224202206 710655778164805330785789281954819858081405410264 417267795724923069668706099902071....etc. Due to the length of the encrypted text (Cipher Text), which reaches 67 pages, it has been truncated. Where the encrypted time was 1572 ms, and the decrypted time was 31 ms. We have also tested it on text with 8KB in its size and several different keys in terms of size, and we compared the results with the planners from. In terms of velocity, we obtained the following results: As shown in Tables
TABLE 1 Computation encryption time of various schema
TABLE 2 Computation decryption time of various schema
Fig. 7. Computation encryption time of various schema.
Fig. 8. Computation decryption time of various schema.
Our scheme relies on FHE on whole numbers, texts, and supports all languages such as English, Arabic, Kurdi, and Chinese and others. Very large prime numbers (up to 617 digits, 2048 bit) represent the strength for the attack of our scheme because the proposed system depends on the problem of factorization to the primary factors, which are considered mathematical problems under discussion at the present time when taking the time. We have come to the conclusion that our scheme is very effective in relation to the time when encrypt and decrypt numbers and texts in comparison with other techniques and approaches that are circulated and used at the present time.
[1]. L. A. Tawalbeh and G. Saldamli. “Reconsidering big data security and privacy in cloud and mobile cloud systems“. Journal of King Saud University Computer, vol. 40, pp. 1-7, 2019.
[2]. J. Domingo-Ferrer, O. Farras, J. Ribes-Gonzalez and D. Sanchez. “Privacy-preserving cloud computing on sensitive data:A survey of methods, products and challenges“. Computer and Communications, vol. 140-141, no. 2018, pp. 38-60, 2019.
[3]. S. Sakharkar, S. Karnuke, S. Doifode and V. Deshmukh. “A research homomorphic encryption scheme to secure data mining in cloud computing for banking system“. International Journal for Innovative Research in Multidisciplinary Field, vol. 4, no. 4, pp. 276-280, 2018.
[4]. J. H. Cheon, A. Kim, M. Kim and Y. Song. “Homomorphic encryption for arithmetic of approximate numbers“. In: Lecture Notes in Computer Science. Vol. 10624. Springer Science+Business Media, Berlin, Germany, pp. 409-437, 2017.
[5]. P. Sha and Z. Zhu. “The modification of RSA algorithm to adapt fully homomorphic encryption algorithm in cloud computing“. In: Proceeding 2016 4th IEEE International Conference Cloud Computing and Intelligence Systems. pp. 388-392, 2016.
[6]. L. Chen and Z. Zhang. “Bootstrapping Fully Homomorphic Encryption with Ring Plaintexts Within Polynomial Noise. Vol. 2. Conference Paper, pp. 285-304, 2017.
[7]. C. Gentry. “A FullyHomomorphic Encryption Scheme“. Dissertation, 169, 2009.
[8]. V. Kumar and N. Srivastava. “Chinese Remainder Theorem based Fully Homomorphic Encryption over Integers“. International Journal of Applied Engineering Research, vol. 14, no. 2, pp. 203208, 2019.
[9]. M. A. Mohammed and F. S. Abed. “A symmetric-based framework for securing cloud data at rest“. Turkish Journal of Electrical Engineering and Computer Sciences, vol. 1, pp. 347-361, 2019.
[10]. K. Gai, M. Qiu, Y. Li and X. Y. Liu. “Advanced fully homomorphic encryption scheme over real numbers“. In: Proceeding 4th IEEE International Conference Cyber Secur Cloud Computing CSCloud 2017 3rd IEEE International Conference Scalable Smart Cloud, SSC 2017, pp. 64-69, 2017.
[11]. C. Gentry, S. Halevi and N. P. Smart. “Fully homomorphic encryption with polylog overhead“. In: Lecture Notes in Computer Science. Vol. 7237. Springer Science+Business Media, Berlin, Germany, pp. 465-482, 2012.
[12]. J. Fan and F. Vercauteren. “Somewhat practical fully homomorphic encryption“. In: Proceeding 15th International Conference Practice Theory Public Key Cryptogr, pp. 1-16, 2012.
[13]. Z. Brakerski and V. Vaikuntanathan. “Fully homomorphic encryption from ring-LWE and security for key dependent messages“. In:Lecture Notes in Computer Science. Vol. 6841. Springer, Berlin, Germany, pp. 505-524, 2011.
[14]. X. Cao, C. Moore, M. O'Neill, N. Hanley and E. O'Sullivan. “Highspeed fully homomorphic encryption over the integers“. In: Lecture Notes in Computer Science. Vol. 8438. Springer, Berlin, Germany, pp. 169-180, 2014.
[15]. C. Xiang and C. M. Tang. “Improved fully homomorphic encryption over the integers with shorter public keys“. International Journal of Security and its Applications, vol. 8, no. 6, pp. 365-374, 2014.
[16]. M. M. Potey, C. A. Dhote and D. H. Sharma. “Homomorphic encryption for security of cloud data“. Procedia Computer Science,vol. 79, pp. 175-181, 2016.
[17]. K. Gai and M. Qiu. “Blend arithmetic operations on tensor- based fully homomorphic encryption over real numbers“. IEEE Transactions on Industrial Informatics, vol. 14, no. 8, pp. 35903598, 2018.
[18]. S. S. Hamad and A. M. Sagheer. “Design of fully homomorphic encryption by prime modular operation“. Telfor Journal, vol. 10, no. 2, pp. 118-122, 2018.
[19]. S. S. Hamad and A. M. Sagheer. “Fully homomorphic encryption based on Euler's theorem“. The International Journal oflnformationSecurity, vol. 9, no. 3, 83, 2018.
[20]. V. Kumar, R. Kumar, S. K. Pandey and M. Alam. “Fully homomorphic encryption scheme with probabilistic encryption based on euler's theorem and application in cloud computing“. In: Advances in Intelligent Systems and Computing. Vol. 654. Springer, Berlin, Germany, pp. 605-611, 2018.
[21]. R. F. Hassan and A. M. Sagheer. “A proposed secure cloud environment based on homomorphic encryption“. International Advanced Research Journal in Science, Engineering and Technology, vol. 6, no. 5, pp. 166-175, 2019.