can secure computing solve issues of data security in the ... · personal data of 77 was stolen -...
TRANSCRIPT
![Page 1: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/1.jpg)
DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Can Secure Computing Solve Issues ofData Security in the Cloud?
ALLDATA 2020
Dr. Mamadou Hassimiou. Diallo, Scientist
Naval Information Warfare Center (NIWC) Pacific
San Diego, CA
U.S. Department of Defense
![Page 2: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/2.jpg)
202/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Naval Information Warfare Center (NIWC)Pacific - Mission
Information Dominance through research, development, delivery,and support of integrated C4ISR, cyber, and space systems
across all warfighting domains
![Page 3: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/3.jpg)
302/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
NIWC Focus Areas
Application of Cryogenic Coolingto Signals Exploitation
Solid State Crowbar
C4ISR for Unmanned Vehicles
In-Service Support
Restoration and Repair
Microbial Fuel Cells: Free Power from the Mud!
Mission Ready
Conduct MIOConduct MIO
Tasks
Overall ReadySensorsNETOPS
Unit
Mission Ready
Conduct MIO
Tasks
Overall ReadySensorsNETOPS
Unit
Integrated Cyber Operations
Consolidated Afloat NetworksEnterprise Services (CANES)
Production, Installation and In-Service Support
Maritime Tactical C2 (MTC2) with C2 RapidPrototyping Continuum (C2RPC) Capability
Ballistic Missile Defense System(BMDS)
Mobile User Objective System(MUOS)
Google Glass
Basic and AppliedResearch
Engineering,Development, Test and
Evaluation
Installation andSupport
Future Tomorrow Today
![Page 4: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/4.jpg)
402/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
NIWC Global Presence
Everett
San Diego
Hawaii
Wash. DCNorfolk
Charleston
GermanyItaly
Bahrain
Japan
GuamNew Orleans
Antarctic
EUCOMAFRICOM
PACOM NORTHCOMSTRATCOM
JS J7SOCOMSOUTHCOMCENTCOM
$9.869B Budget
7,569 Gov + Mil with approx 4,000 supporting contractors worldwide.
![Page 5: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/5.jpg)
502/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Can Secure Computing Solve the Issue ofData Security in the Cloud?
Untrusted EnvironmentTrusted Environment
Name Address SSN Salary
xxxx xxxxx xxxxx xxxx
xxxxx xxxxx xxxx xxxxx
Name Address SSN Salary
Alice First Street, 123-45-6789 100K
Bob Main Street 987-76-4321 200K
Secure Computing?
f[Enc(D)]
Example: Data outsourcing
f(D)
Enc(D)D
Enc(D)
Homomorphic Encryption (HE) andMulti Party Computation (MPC)Homomorphic Encryption (HE) andMulti Party Computation (MPC)
![Page 6: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/6.jpg)
602/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Personal and Organizational Data Outsourcing
6
CalendarsDocumentsEmails
Pictures
HealthcareFinance
Videos
TweetsMessages
![Page 7: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/7.jpg)
702/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Data Created on the Internet Each Day
Company Data Volume
Google Over 300,000 Billion searches conducted worldwide daily.
Facebook Over 4.3 Billion messages posted daily.
Twitter Over 474,000 Tweets PER MINUTE. 682 million tweets daily.
YouTube Over 300 hours of video are uploaded every minute.Over 4 million hours daily,
Emails Over 293 billion emails are sent daily.
Instagram Over 100 million photos and videos uploaded daily.Over 67,305,600 posts uploaded daily.
SMS and in-appmessages
Over 100 million messages are sent every minute.
Internet Users:2014: 2.4 billion , 2016: 3.4 billion, 2017: 3.7 billion, June 2019: 4.4 billion
Micro Focus Blog: https://blog.microfocus.com/how-much-data-is-created-on-the-internet-each-day/As the amount of data is growing so do the cyber attacks on the data.As the amount of data is growing so do the cyber attacks on the data.
![Page 8: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/8.jpg)
802/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Data Security and Privacy Issues
2.9 million accountswas stolen - 2013Personal data of 77
million users wasleaked - 2011
Data from 110 millioncustomers washijacked - 2013
data leak exposes 123million households
143 million American,Canadian and Britishcustomers - 2017
US Office of PersonalManagementRecords for more than 21.5million people were stolen
WannaCry ransomware attack in May 2017- Microsoft Windows OS- Affected more than 200,000 computers across 150 countries
Why hackers are succeeding in stealing our data?Why hackers are succeeding in stealing our data?
![Page 9: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/9.jpg)
902/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Data Lifecycle
DataCreation
DataProcessing
Data Storage
DataPermanent
Delete
Data Archive Data Sharing
DataAnalysis
Public Data User-Owned Data Third-Party Data
Public Data User-Owned Data Third-Party Data
![Page 10: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/10.jpg)
1002/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Data Lifecycle - States
Data InProcessing
Data StorageAt Rest
Shared DataTransit
Data VisualizationIn Use
Tran
sit
Transit
Tran
sit
Data in Transit Data at Rest Data in Processing
Data in Transit Data at Rest Data in Processing
Generated DataWith the Owner
Untrusted EnvironmentTrusted Environment
![Page 11: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/11.jpg)
1102/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Data Lifecycle – Data Security Risks
Data InProcessing
Shared DataTransit
Data VisualizationIn Use
Transit
Tran
sit
Data in Transit Data at Rest Data in Processing
Data in Transit Data at Rest Data in Processing
Generated DataWith the Owner
Data in Transit Man-in-the-middle attack Etc.
Data in Processing Memory attack Cross-site scripting Etc.
Data at Rest SQL injection attack Credentials reuse Insider attack Etc.
Untrusted Environment
Data StorageAt Rest
Tran
sit
Trusted Environment
![Page 12: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/12.jpg)
1202/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Data Security Techniques
Deterministic Encryption
Encryption 1: pSDfCAjthEsEUlPdS5fn7Xwert
Encryption 2: eRTyuMmmZxnNn45nyhnbYuN
Encryption 1: pSDfCAjthEsEUlPdSfn7Xw==
Encryption 2: pSDfCAjthEsEUlPdSfn7Xw==
Data Security
RSA with padding, Advanced EncryptionStandard (AES), Blowfish, Serpent
RSA (No padding), Cryptographic HashAlgorithms: MD5, SHA-3, DSA
Probabilistic Encryption
Supports computation, but lesssecure
Doesn’t support computation, but verysecure
Not semantically secure Semantically secure
![Page 13: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/13.jpg)
1302/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Searchable Symmetric Encryption
Name Address SSN
Alice First Street, 123-45-6789
Bob Main Street 987-76-4321
Name Address SSN
H(Alice) H(First) H(Street) H(123-45-6789)
H(Bob) H(Main Street) H(987-76-4321)
Index Name Address SSN
H(Alice), H(First),H(Street)
Enc(Alice) Enc(First Street) Enc(123-45-6789)
H(Bob), H(Main),H(Street)
Enc(Bob) Enc(MainStreet)
Enc(987-76-4321)
DeterministicEncryption Only
Combination ofDeterministic andProbabilistic Encryptions
Name Efficiency Security
Deterministic More Less
Combination Less More
Leakages known ciphertexts – statistical analysis of
messages
![Page 14: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/14.jpg)
1402/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
CloudProtect: Data Protection
No changes to the third-party server legacy implementations
Users continue to have full access to all functionalities offered by cloud
applications.
Minimal impact on user-experience by automatically adjusting what is
encrypted
Empower users to encrypt (sensitive) data within cloudapplications in a transparent manner
High-Level Architecture
![Page 15: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/15.jpg)
1502/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Computing Functions over EncryptedRepresentation
Functionality
Client-Side Server-Side
CRUD Sharing Search Others
client-side functions notaffected by encryptionsince data available inplaintext to scriptsrunning in browser, e.g.,java script.
✔
✔ ✔✔
✗✗
Decryption/re-encryptionrequired before/after CRUDoperations
Requires aseparate securechannel to sharekeys
Depends on thekind of encryptionused. May needauxiliaryinformation to bestored (details inpaper
E.g., translatedocument inGoogle Doc.
![Page 16: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/16.jpg)
1602/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Optimal Tradeoff Problem
Goal: Reduce interruptions and/or costs while minimizing privacy reduction
Min Re lax W ,P,O( ) = ArgMinP* Pr iv Red P,P*,O,W( )( )
int- ohavg W ,P*,O( ) £ a
cos t - ohavg W ,P*,O( ) £ b
Such that
Objects (O)
Original Policy(P)
RelaxedPolicy (P*)
MinRelax
Workload (W)
OverheadThresholds (α, β)
NP-hard by reduction from Budgeted Max. Coverage
![Page 17: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/17.jpg)
1702/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Modern Secure Computing
Secure Computing
Homomorphic Encryption Secure Multi Party Computing
General approach that enablescomputation to be performed onencrypted data
Security model depends oncryptographic keys
Function over their inputs whilekeeping those inputs private
Security model depends on havinga network of non-colludingcomputers
Main Issue: Computation andstorage Costs
Main Issue: Communication costand non-collusion requirement
![Page 18: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/18.jpg)
1802/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Homomorphic Encryption (HE)
4
5 e4da3b7fbbce2345d7772b0674a318d5
a87ff679a2f3e71d9181a67b7542122c
20 98f13708210194c475687be6106a3b84
X
=
Encrypt
Encrypt
Decrypt
Types of HE Schemes Partially Homomorphic Encryption (PHE) – one type of gates Somewhat Homomorphic Encryption (SHE) - two types of gates Leveled Fully Homomorphic Encryption (LFHE) – arbitrary circuits of bounded depth Fully Homomorphic Encryption (FHE) - arbitrary circuits of unbounded depth
Partially Homomorphic Encryption RSA: unbounded number of modular multiplications ElGamal: unbounded number of modular multiplications Goldwasser-Micali: unbounded number of exclusive OR operations
![Page 19: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/19.jpg)
1902/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Fully Homomorphic Encryption (FHE)
Proposed by Rivest, Adleman, and Dertouzos in 1978 First construction of FHE proposed in 2009 by Graig Gentry
Lattice-based cryptography Computations are represented as either Boolean or arithmetic circuits with gates Noisy ciphertext that grows
Enccm
pk
Encmc
sk
Decsk(Evalf(ek,c1,c2)=f(m1,m2)Evalf
c3C1=Encpk(m1)
c2=Encpk(m2) ek
![Page 20: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/20.jpg)
2002/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
FHE Encryption Scheme
“Homomorphic”: a (secret) mapping from plaintext space to ciphertext
space that preserves arithmetic operations.
Mathematical Hardness: (Ring) Learning with Errors Assumption; every
image (ciphertext) of this mapping looks uniformly random in range
(ciphertext space).
“Security Level”: hardness of inverting this mapping without the secret key.
Example: 128 bits → 2128 operations to break
Plaintext: elements and operations of polynomial ring (mod xn+1, mod p)
Example: 6x5 + 2x4 + 3x3 + ...
Ciphertext: elements and operations of polynomial ring (mod xn+1, mod q)
Example: 7862x5 + 5652x4 + ...
![Page 21: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/21.jpg)
2102/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
BGV Homomorphic Encryption Scheme
The Ring Learning with Errors (LWE) Problem
For security parameter λ, let f(x) = xd + 1 where d = d(λ) is a power of 2.
Let q = q(λ) ≥ 2 be an integer.
Let R = Z[x]/(f(x)) and let Rq = R/qR.
Let χ = χ(λ) be a distribution over R.
The RLWEd,q,χ problem is to distinguish the following two distributions:
In the first distribution, one samples (ai, bi) uniformly from R2q.
In the second distribution, one first draws s Rq uniformly and then samples (ai, bi)
in R2q by sampling aiRq uniformly, ei χ, and setting
bi = ai . s + ei
The RLWEd,q,χassumption is that the RLWEd,q,χproblem is infeasible.
![Page 22: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/22.jpg)
2202/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
BGV Homomorphic Encryption Scheme
Preliminarieso Polynomial rings: A = Z[X]/Φm(X),
where m is parameter and Φm(X) m’th cyclotomic polynomial
o Native plaintext space: Ring: A2 = A/2A, binary polynomials modulo Φm(X)
o Ciphertext space: vectors over Aq = A/qA, q an odd modulo
o Chain of modulus: q0 < q1 < --- < qL
o Level-i ciphertexts: c = (c0, c1) (Aqi)2, 2-element vectors over Rqi
Definitiono Secret keys: s A, and s = (1, s), with small coefficients
o Level-i cipher c = (c0, c1) encrypts a plaintext polynomial m A2,with respect to s = (1, s) if we have the equality over A,[<c, s>]qi = [c0 + s.c1]qi m (mod 2)
o Noise: [c0+s.c1]qi, is small
![Page 23: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/23.jpg)
2302/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
FHE Schemes and Libraries
Scheme Year Security
Brakerski-Gentry-Vaikuntanathan (BGV) 2011 Ring Learning With Errors (RLWE) problem
NTRU-based scheme by Lopez-Alt,Tromer, and Vaikuntanathan (LTV)
2012 Variant of the NTRU computational problem
Brakerski/Fan-Vercauteren (BFV) 2012 Ring Learning With Errors (RLWE) problem
NTRU-based scheme by Bos, Lauter,Loftus, and Naehrig (BLLN)
2013 Variant of the NTRU computational problem
Craig Gentry, Amit Sahai, and BrentWaters (GSW)
2013 Ring Learning With Errors (RLWE) problem
FHEW 2014 Ring Learning With Errors (RLWE) problem
TFHE 2016 Ring Learning With Errors (RLWE) problem
The Cheon-Kim-Kim-Song (CKKS) 2016 Ring Learning With Errors (RLWE) problem
![Page 24: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/24.jpg)
2402/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
FHE Schemes and Libraries
![Page 25: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/25.jpg)
2502/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
CallForFire
A Call For Indirect Fire Support is a protocol for destroying enemytargets
Players
o Forward Observer (FO): locates High Value Target
o Fire Direction Center (FDC): command & control
o Firing Unit (FU): shoots enemy target
o High Value Target (HVT): enemy target
o Observer-Target (OT): distance between the observer and the target
Mission-critical system which requires high security & privacy
o Forward Observer is at risk
o Insider threat
![Page 26: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/26.jpg)
2602/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
CallForFire
Storing Locationo Location attributes stored as key/value pairs
<hash(idlocation+label), Enc(Value)>
o Sine and Cosine shifted to get integers
o Easting and Northing also shifted
Longitude/LatitudeCoordinate System
UTM CoordinateSystem
MGRS CoordinateSystem
Longitude = -116.1Latitude = 34.2
x = 582919y = 3784700
MGRS =11SNT82918469
Hash(id+label) Enc(Value)
Hash(101+id) Enc(101)
Hash(101+Easting) Enc(829100)
Hash(101+Northing) Enc(846900)
Hash(101+distance) Enc(2000)
Hash(101+Sine) Enc(87)
Hash(101+Cosine) Enc(50)
… …
![Page 27: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/27.jpg)
2702/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
CallForFire
Computing HVT Location
o Inputs: FO easting and FO northing, OT (distance between FO and HVT)Θ (angle of HVT relative to due North)
o Outputs: HVT easting, HVT northing
)cos(OTFOHVT
)sin(OTFOHVT
distancenorthingnorthing
distanceeastingeasting
2
northingnorthing2
eastingeasting2
HVT-FU )FU()FU(Dist HVTHVT
Computing Distance FU to HVT
o Inputs: FU and HVT eastings and northings
o Inputs: Dist2 (distance between FU and HVT)
![Page 28: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/28.jpg)
2802/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
CallForFire - GPGPU
GPGPU board has1,000’s of cores
Massive parallelism canbe exploited
GPU used for parallelizingHElib
Profiling decision basedon the following formula:
NVIDIA CUDA libraryused for implementation
deallocmemallocmemGPUCPU
GPUCPUruntimeGPUinitGPU
GPUCPU
TTT
TTT
TT
__
__
![Page 29: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/29.jpg)
2902/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
CallForFire - GPGPU
TAU Parallel Performance System used togather timing information
FHE Setup is costly
GPU implementation is faster
Parallelized Algorithm: Bluestein’s FastFourier Transform (FFT)
FFT computes Discrete FT
![Page 30: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/30.jpg)
3002/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
CallForFire Implementation
![Page 31: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/31.jpg)
3102/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
CallForFire Experiments
Number of FOs: 10Number of FUs: 10Location Computation: 1 HVT for each FODistance Computation: pairwise between FU and HVT
![Page 32: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/32.jpg)
3202/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Distributed Framework for Secure Computationin the Cloud (DFSCC)
ClientData Decryption
Data Visualization
ClientData GenerationData Encryption
Data Processing Nodes(Machine Learning, Data Mining)
Trusted Client Untrusted Cloud Environment
Data processedwhile encrypted
DFSCC: leverages HE to enable analytic tools to process encrypted data in alarge-scale distributed system in the cloud.
![Page 33: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/33.jpg)
3302/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Distributed Framework for Secure Computationin the Cloud (DFSCC)
Inputs Time (sec.) Time (sec.)
Matrix Vector Encrypt Compute(cipher)
Decrypt Compute(plaintext)
8 x 2048 8 0.4938 0.1050 0.0497 0.00027
16 x 2048 16 0.9001 0.1282 0.0503 0.00030
32 x 2048 32 1.8193 0.1981 0.0503 0.00037
64 x 2048 64 3.6415 0.3233 0.0500 0.00065
Running SVM locally under different matrix sizes
Cloud Infrastructure as a Service: Deployed using the open source Xen hypervisor
Distributed System: Apache SPARK
Homomorphic Encryption Library: PALISADE
Machine Learning Algorithm: Support Vector Machine (SVM) for classifying data
![Page 34: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/34.jpg)
3402/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
TIPPERS (Testing of Testbed for IOT-BasedPrivacy Preserving Pervasive Spaces)
Funded by the DARPA Brandeis Program9 Performers
![Page 35: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/35.jpg)
3502/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
TIPPERS – Trident Warrior 2019
![Page 36: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/36.jpg)
3602/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
TIPPERS RIMPAC/Trident Warrior 2020
![Page 37: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/37.jpg)
3702/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Homomorphic Encryption Standardization
GoalHomomorphicEncryption.org is an open consortium of industry, government andacademia to standardize homomorphic encryption.
Current Participants Industry: Microsoft, Samsung SDS, Intel, Duality Technologies, IBM, Inpher,
Google SAP, Intuit, General Dynamics, Mastercard, CryptoExperts, Algorand,Foundation, Mercedes Benz, Alibaba Group, LinkedIn, IXUP, Intertrust
Government: NIH, NIST, NSF, NIWC, SLAC National Accelerator Lab, UnitedNations / ITU
Academia: Boston University, Brown, CEA LIST, Columbia, EPFL, MIT, NJIT, NYU,Royal Holloway University, RIT, UCSD, Univ. of Cincinnati, Univ. of Hannover, Univ.of Michigan, Univ. Texas Austin, Univ. of Toronto, UC Irvine, Univ. of Waterloo,Sabanci University, Seoul National University, WPI
![Page 38: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/38.jpg)
3802/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Summary
Can Secure Computing Solve Issues of Data Security in the Cloud?YES
However It requires more patriations from academia, industry, government More investment is needed May require combination of hardware and software approaches
U.S. Department of Defense programs focusing on secure computing DARPA PROCEED DARPA Brandeis DARPA DRIVE IARPA HECTOR
![Page 39: Can Secure Computing Solve Issues of Data Security in the ... · Personal data of 77 was stolen - 2013 million users was leaked - 2011 Data from 110 million customers was hijacked](https://reader033.vdocument.in/reader033/viewer/2022052002/601466191f46810f1c47d8ba/html5/thumbnails/39.jpg)
3902/24/2020 DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.
Questions?
Dr. Mamadou H. Diallo, Scientist
Naval Information Warfare Center (NIWC) Pacific
U.S. Department of Defense