Traffic obfuscation methods. Homomorphic encryption

Pluggable Transports And Project V. But of particular interest are schemes using FHE (fully homomorphic encryption), since this is the most advanced frontier in the development of cryptographic science.

In a nutshell, FHE allows you to perform calculations on encrypted data without their decryption. This opens up completely new possibilities. For example, you can process sensitive user data on the server without disclosing it to the server.


Homomorphic encryption – a form of encryption that allows you to perform certain mathematical operations with ciphertext and get an encrypted result that corresponds to the result of operations performed with plaintext. For example, one person could add two encrypted numbers without knowing the deciphered numbers, and then another person could decipher the encrypted sum – get the deciphered amount without having the deciphered numbers.

A fully homomorphic system (as opposed to a partial one) supports all homomorphism functions.

Fully homomorphic encryption

Fully Homomorphic Encryption (FHE) sometimes

called

The holy grail of cryptography.

It is “absolute encryption” in the sense that it provides quantum-safe computations on encrypted data by ensuring that the plaintext data and its derived computations will never be revealed and remain protected from modification and/or tampering, even in the case of a compromised infrastructure.

Most FHE schemes are based on latticeswhich resistant to quantum computing and are considered PQC (post-quantum cryptography).


Grating with different levels of Gaussian noise, source

Main characteristics of FHE:

  • Data, including computed derivatives, remains encrypted both at rest and throughout its lifecycle, and is only decrypted in a secure, trusted environment.

  • Data can be extracted into valuable insights using artificial intelligence (AI), big data and analytics, all without exposing the data, secret keys or code.

The FHE scheme is based on standard public key cryptography (PKE) and supports all asymmetric encryption features.

Application of FHE

According to experts, the commercial application of FHE is not far off. Among other things, the following options for using this scheme can be distinguished:

  • Evidence-based security models as a mandatory requirement for IT infrastructure design.

  • Rising regulations and the ubiquity of quantum computers will make post-quantum cryptography mandatory in the public and commercial sectors.

  • Aggregating sensitive data from multiple sources without making it public will open up new ways for organizations to partner, spurring the development of the information economy.

  • Valuable intellectual property will be protected from disclosure even when working on untrusted platforms (for example, someone else’s hosting or PC).

  • Ensuring data integrity throughout the sensor-processing-execution chain (additional information protection in the Internet of things).

  • New models of income from licensing confidential data without disclosure.

Now the main problem on the way to the introduction of homomorphic encryption is the high resource intensity of such schemes. Academic research is underway in this area, including for the creation of FHE hardware accelerators.

With the widespread introduction of FHE, access to data will be completely separated from its processing, which will immediately transform hosting and cloud computing services.

Private Reading of Wikipedia

In recent years, the first examples of real applications of homomorphic encryption have begun to appear. For example, service

Spiral Wiki

for private reading of Wikipedia.



Spiral Wiki

This is just a demo page for FHE. So in the future, services can be implemented to encrypt access to websites and obfuscate all traffic using Spiral technology.



Server processing of Spiral request, source

Spiral technology is described in more detail in scientific articleclient and server code published Here.

“Forgetful” server

The IETF is currently considering a new standard

Oblivious HTTP

(“Forgetful HTTP”) to redirect encrypted HTTP requests in such a way that the server cannot distinguish clients from each other, as if “forgetting” them in the moment after serving a single request.

That is, from the point of view of the server, all requests to it will look like equally “anonymous”, which can belong either to one or several clients. This is done to better protect users from surveillance.

Future of FHE

According to some experts, the widespread commercial use of FHE can be compared to the invention of computer databases, cloud computing, PKE, and artificial intelligence. It will bring about sweeping changes in the way that sensitive information is protected, handled, and exchanged, and will fundamentally change the evolution of computing at a fundamental level.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *