| 研究生: | 蔡維宸 Tsai, Wei-Chen | 
|---|---|
| 論文名稱: | 提供同態加密安全計算於對等服務雲端平台 Secure Computing through Homomorphic Encryption on A Peer-Servicing Public Cloud Computing Platform | 
| 指導教授: | 鄭憲宗 Cheng, Sheng-Tzong | 
| 學位類別: | 碩士 Master | 
| 系所名稱: | 電機資訊學院 - 資訊工程學系 Department of Computer Science and Information Engineering | 
| 論文出版年: | 2015 | 
| 畢業學年度: | 103 | 
| 語文別: | 英文 | 
| 論文頁數: | 65 | 
| 中文關鍵詞: | 雲端運算 、資訊安全 、同態加密 、MapReduce 、Hadoop | 
| 外文關鍵詞: | Cloud computing, Homomorphic Encryption, MapReduce, Hadoop, Security | 
| 相關次數: | 點閱:96 下載:0 | 
| 分享至: | 
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 | 
  隨著巨量資料時代來臨,雲端運算也趨於普及,它提供了低成本、易於管理和重新提供資源等優點進而提高利潤。但如何保證數據安全性,保持客戶端的個人訊息保密會是雲端計算上安全性的重要問題。
  應用雲端運算時,為了避免受到惡意的攻擊與資料的竊取,同態加密系統提供了一個絕佳的解決方案。而全同態加密法的架構源自於西元2009年由Gentry所提出,它讓加密後的密文執行特定的運算後,再將其解密即可得出該對應的明文運算結果。
  本研究提出一套系統,利用全同態運算將客戶的加密數據進行處理,得出正確的結果,而在整個處理過程中無需對數據進行解密,能真正解決將數據及其處理委託給第三方時的安全性問題。此外我們將此系統建立在對等服務雲端平台,以防止單一伺服器失效而造成系統無法使用的情形。然而,機密性、完整性與可用性是資訊安全的核心判斷準則,另外將全同態加密與混淆電路做結合來提供驗證計算的機制,我們以此來證明本系統資安機制的防護強度。
        With the huge amount of information era is coming, and cloud computing is more universal. The advantages of cloud computing include reduced costs, easy maintenance and re-offering the resources, thereby increasing profits. But how to ensure data security, maintain client confidentiality of personal information is an important issue on cloud computing security.
	On the cloud computing applications, in order to avoid malicious attacks and data theft, homomorphic encryption system provides an excellent solution. The structure of fully homomorphic encryption originated in 2009 as proposed by Gentry, which allows a worker without the secret decryption key to compute any result of the data on one hand and still keep the data privacy on the other hand.
	This thesis proposes a system that utilizes fully homomorphic computation to process the customer's encrypted data, and get the right result without the need to decrypt the data in the whole process, there is a secure problem when data entrusted to a third party and it is able to resolve.
	In addition, we built this system on a peer-servicing public cloud computing platform and to avoid system crash caused by single user offline. However, confidentiality, integrity and availability of information security are core criterions, we combine homomorphic scheme with garbled circuits to provide a mechanism of verifiable computation, and we utilize information security mechanisms to prove the secure strength of this system.
[1]	Pascal Paillier. “Public-key cryptosystems based on composite degree residuosity classes”. In 18th Annual Eurocrypt Conference (EUROCRYPT'99), Prague, Czech Republic , volume 1592, 1999.
[2]	Julien Bringe and al. “An Application of the Goldwasser-Micali Cryptosystem to Biometric Authentication”, Springer-Verlag, 2007.
[3]	R. Rivest, A. Shamir, and L. Adleman. “A method for obtaining digital signatures and public key cryptosystems”. Communications of the ACM, 21(2) :120-126, 1978. Computer Science, pages 223-238. Springer, 1999.
[4]	Taher ElGamal. “A public key cryptosystem and a signature scheme based on discrete logarithms.” IEEE Transactions on Information Theory, 469-472, 1985.
[5]	Ronald L. Rivest, Leonard Adleman, and Michael L. Dertouzos. “On Data Banks and Privacy Homomorphisms”, chapter On Data Banks and Privacy Homomorphisms, pages 169-180. Academic Press, 1978.
[6]	Dan Boneh, Eu-Jin Goh, and Kobbi Nissim. “Evaluating 2-DNF formulas on ciphertexts”. In Theory of Cryptography Conference, TCC'2005, volume 3378 of Lecture Notes in Computer Science, pages 325-341. Springer, 2005.
[7]	“Hadoop”, http://hadoop.apache.org/.
[8]	C. T. Chu, S. K. Kim, Y. A. Lin, Y. Yu, G. R. Bradski,A. Y. Ng, and K. Olukotun, “Map-reduce for machine learning on multi core,” in NIPS, B. SchÖlkopf, J. C. Platt, and T. Hoffman, Eds. MIT Press, 2006, pp. 281–288.
[9]	J. Ekanayake, S. Pallickara, and G. Fox, “Mapreduce for data intensive scientific analysis,” in eScience, 2008. eScience ’08. IEEE Fourth International Conference on, 2008, pp. 277–284.
[10]	G. Mackey, S. Sehrish, J. Lopez, J. Bent, S. Habib, and J. Wang, “Introducing mapreduce to high end computing,” in Petascale Data Storage Workshop Held in conjunction with SC08, 2008.
[11]	W. Du, J. Jia, M. Mangal, and M. Murugesan, “Uncheatable grid computing,”in ICDCS ’04: Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS’04). Washington, DC, USA:IEEE Computer Society, 2004, pp. 4–11.
[12]	S. Zhao, V. Lo, and C. Gauthier Dickey, “Result verification and trust based scheduling in peer-to-peer grids,” in P2P ’05: Proceedings of the Fifth IEEE International Conference on Peer-to-Peer Computing. Washington, DC, USA: IEEE Computer Society, 2005, pp. 31–38.
[13]	L. F. G. Sarmenta, “Sabotage-tolerance mechanisms for volunteer computing systems,” Future Generation Computer Systems, vol. 18, no. 4, pp. 561–572, 2002.
[14]	C. Ranger, R. Raghuraman, A. Penmetsa, G. Bradski, and C. Kozyrakis, “Evaluating mapreduce for multi-core and multiprocessor systems,” In HPCA ’07: Proceedings of the 2007 IEEE 13th International Symposium on High Performance Computer Architecture, pages 13–24, Washington, DC, USA, 2007. IEEE Computer Society.
[15]	Tebaa M, El Hajji S (2012) “Homomorphic encryption applied to the cloud computing security”. In: Proceedings of the World Congress on Engineering. volume 1, pp. 4–6.
[16]	Z. Brakerski, C. Gentry, and V. Vaikuntanathan, “(Leveled) fully homomorphic encryption without bootstrapping”, in ITCS, S. Goldwasser, ed., ACM, New York, 2012, pp. 309–325.
[17]	A. Dou, V. Kalogeraki, D. Gunopulos, T. Mielikainen, V. H. Tuulos. “Misco: A MapReduce framework for mobile systems”. 3rd Int. Conference on Pervasive Technologies Related to Assistive Environments (PETRA'10), New York, USA, 2010.
[18]	“Google MapReduce”, http://research.google.com/archive/mapreduce.html.
[19]	H. Lin, X. Ma, J. Archuleta, W.-c. Feng, M. Gardner, Z. Zhang. “MOON: MapReduce On Opportunistic eNvironments”.19th International Symposium on High Performance Distributed Computing (HPDC'10), Chicago, USA, 2010.
[20]	B. Tang, M. Moca, S. Chevalier, H. He, G. Fedak. “Towards MapReduce for Desktop Grid Computing”. 5th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC'10), Fukuoka, Japan, 2010.
[21]	A. Yao. Protocols for secure computations. In Proceedings of the IEEE Symposium on Foundations of Computer Science, 1982.
[22]	A. Yao. How to generate and exchange secrets. In Proceedings of the IEEE Symposium on Foundations of Computer Science, 1986.
[23]	Y. Lindell and B. Pinkas. A proof of Yao’s protocol for secure two-party computation. Journal of Cryptology, 22(2):161–188, 2009.
[24]	Kreuter, B., Shelat, A., Shen, C.H.: Billion-gate secure computation with malicious adversaries. pp. 14–14. Security 2012, USENIX Association (2012).
[25]	Lindell, Y., Pinkas, B.: Secure two-party computation via cut-and-choose oblivious transfer. pp. 329–346. TCC 2011, Springer-Verlag (2011).
[26]	Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure two-party computation is practical. pp. 250–267. ASIACRYPT 2009, Springer-Verlag (2009).
[27]	Shelat, A., Shen, C.H.: Two-output secure computation with malicious adversaries. pp. 386–405. EUROCRYPT 2011, Springer-Verlag (2011).
[28]	Gómez, J.M., Cajigas, G., Puertas Sanz, E., Carrero García, F. Content Based SMS Spam Filtering, Proceedings of the 2006 ACM Symposium on Document Engineering, Amsterdam, The Netherlands, ACM Press. Oct., 2006.
[29]	Daemen, Joan; Rijmen, Vincent (March 9, 2003). "AES Proposal: Rijndael" (PDF). National Institute of Standards and Technology. p. 1. Retrieved 21 February 2013.
[30]	John Schwartz (October 3, 2000). "U.S. Selects a New Encryption Technique". New York Times.
[31]	National Institute of Standards and Technology (NIST), “Advanced Encryption Standard,“ Federal Information Processing Standards Publication 197, November 2001.
[32]	Gennaro, R., Gentry, C., Parno, B.: Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 465–482. Springer, Heidelberg (2010).
[33]	Stallings, William (2014). Cryptography and Network Security (6th ed.). Upper Saddle River, N.J.: Prentic Hall. pp. 67–68. ISBN 978-0133354690.
[34]	Brakerski Z, Vaikuntanathan V (2011) Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Advances in Cryptology-CRYPTO 2011. Springer Berlin, Heidelberg. pp 505-524.
[35]	Craig Gentry and Shai Halevi. Fully homomorphic encryption without squashing using depth-3 arithmetic circuits. Manuscript, to appear in FOCS 2011, available at http://eprint.iacr.org/2011/279.
[36]	Oded Regev, “On lattices, learning with errors, random linear codes, and cryptography,” in Proceedings of the thirty-seventh annual ACM symposium on Theory of computing (Baltimore, MD, USA: ACM, 2005), 84-93.
[37]	Chris Peikert, “Public-key cryptosystems from the worst-case shortest vector problem: extended abstract,” in Proceedings of the 41st annual ACM symposium on Theory of computing (Bethesda, MD, USA: ACM, 2009), 333-342.
[38]	Peikert, Chris (2014-10-01). Mosca, Michele, ed. “Lattice Cryptography for the Internet”. Lecture Notes in Computer Science. Springer International Publishing. pp. 197–219. ISBN 978-3-319-11658-7.
[39]	Marozzo F, Talia D, Trunfio P. P2P-MapReduce: parallel data processing in dynamic cloud environments. J. Comput. System Sci. 2012;78(5):1382–402.
[40]	P. Rogaway. Evaluation of some blockcipher modes of operation. Technical report, Cryptography Research and Evaluation Committees (CRYPTREC) for the Government of Japan, Feb.2011.
 校內:2020-08-03公開
                                        校內:2020-08-03公開