Homomorphic Encryption in Mobile Multi Cloud

Computing
Maya Louk Hyotaek Lim
Department of Ubiquitous IT, Graduate School, Dongseo Division of Computer and Engineering, Dongseo
University University
Sasang-Gu, Busan 617-716, Korea Sasang-Gu, Busan 617-716, Korea
[email protected] [email protected]

Abstract—Multi cloud computing has become a new trend for data and applications in a public cloud is the simultaneous
complementing existing cloud computing today. Multi cloud usage of multiple clouds. In this paper will discuss about
computing is considered safer and more efficient in maintaining Mobile Multi Cloud Computing and its security and the
data regulation of user(s). The paper discusses the security of main values that must be concern for mobile user
mobile multi cloud computing (MMC) and the advantages for advantages. There is an evaluation in homomorphic
mobile user(s), beside that for the data security itself cover with
homomorphic encryption which predictable by many researchers
encryption scheme in mobile device provides in this paper
as the optimum method for cloud computing environment. The and the analysis of the scheme based on the mobile multi
implementation and evaluation of homomorphic encryption in cloud computing environment.
mobile cloud computing are discussed in this paper.
Keywords—Homomorphic Encryption, Mobile, Multi II. RELATED WORK
Cloud Computing, Security. There has been lot of effort and research to obtain
efficiently, effectively, securely for Cloud Computing usage
I. INTRODUCTION for Cloud Providers or Cloud Users. Cloud Computing
Cloud Computing is not a very new concept in IT, in fact itself moves to Multi Cloud based on the security aspects.
Cloud Computing is a more advanced version of the Data Mohammed A. Alzain, et al in Cloud Computing Security:
Processing Service Bureaus that we had 40 years ago. From Single to Multi-Clouds [3] contribute to give a logical
Nevertheless, the best known companies in the IT field offer explanation why we have to move from single cloud to
or will shortly offer Cloud Computing services to a range of multi-clouds, especially the main reason is security aspects.
customers from organizations of all sizes to individuals. The Multi-clouds has a lot of benefits for user data security in
paradigm of Cloud Computing can be described in simple the cloud computing. The security aspects of cloud
terms as offering particular IT services that are hosted on computing introduced by Frederick Carlson [2] and Jenas
the internet, the most common ones being Platform as a Matthias Bohli, et al [1] which contribute about security and
Service (PaaS), Infrastructure as a Service (IaaS) and privacy enhancing multicloud architectures. Those papers
Software as a service (SaaS). Cloud Computing is often give contribution for multi-clouds architectures for a better
marketed as an efficient and cheap solution that will replace cloud computing scheme for user data security. However,
the client-server paradigm. The paradigm shift the user data security needs an encryption scheme. Craig
involves/results in the loss of control over data as well as Gentry [7] for a fully Homomorphic Scheme for his
new security and privacy issues. For this reason caution is dissertation book contributes to give an encryption method
advised when deploying and using Cloud Computing in which known as the optimum method for cloud computing
enterprises. After all, the first big issue in data protection in usage. Kristin Lauter, et al [9] in Can Homomorphic
Europe arose at the end of the 1960’s, when a Swedish Encryption be Practical explain the possibilities to
company decided to have its data processing done by a implement and give some result for homomorphic
service bureau in Germany and the data protection encryption in the real system.
legislations in both countries were not alike. With Cloud
Computing rapidly gaining popularity, it is important to III. MOBILE MULTI CLOUD COMPUTING
highlight the resulting risks. As security and privacy issues Mobile Cloud Computing is a new distributed computing
are most important, they should be addressed before Cloud paradigm for mobile applications whereby the storage and
Computing establishes an important market share. the data processing are migrated from the mobiles to
In public clouds, all of the three common cloud service resources rich and powerful centralized computing data
layers (IaaS, Paas, SaaS) share the commonality that the centers in computational clouds. In mobile cloud computing,
end-users’ digital assets are taken from an intra these are transferred to cloud: intensive computing, data
organizational to an inter organizational context. This storage, information processing. Although cloud service
creates a number of issues, among which security aspects providers can offer benefits to users, security risks play a
are regarded as the most critical factors when considering major role in the cloud computing environment [21]. Users
cloud computing adoption. One idea on reducing the risk for of online data sharing or network facilities are aware of the

978-1-4799-8342-1/15/$31.00 ©2015 IEEE 493 ICOIN 2015

potential loss of privacy [12]. According to a recent IDC
survey [16], the top challenge for 74% of CIOs in relation to
cloud computing is security. Protecting private and
important information such as credit card details or patients’
medical records from attackers or malicious insiders is of
critical importance [22]. Moving databases to a large data
centre involves many security challenges [23] such as
virtualization vulnerability, accessibility vulnerability,
privacy and control issues related to data accessed from a
third party, integrity, confidentiality, and data loss or theft.
Subashini and Kavitha [15] present some fundamental
security challenges, which are data storage security, Fig. 1. Unsecured Data Scheme in Cloud Computing
application security, data transmission security, and B. Reason to move in Multicloud
security related to third-party resources. The term “multi-
· Data does not always flow across international
clouds” is similar to the terms “interclouds” or “cloud-of-
clouds” that were introduced by Vukolic [24]. These terms boundaries. If IaaS supplier is in the United States may
suggest that cloud computing should not end with a single need a second service in another country where we
cloud. Using their illustration, a cloudy sky incorporates want to operate.
different colors and shapes of clouds which lead to different · If a small company that wants to get big fast, will have
implementations and administrative domains. Recent to plan a major data center and staff it before it get too
research has focused on the multi-cloud environment big. Otherwise, develop a successful service that's ready
[3],[8],[10],[11] which control several clouds and avoids
dependency on any one individual cloud. to take off and miss serving demand as it materializes.
Or we can rely on the cloud until we know what data
A. Security Issues in Mobile Cloud Computing center that we really need.
Data Ownership · If a small company that doesn't ever want to run a big
Mobile Multi-Cloud Computing provides the facility to
data center, but we want to be able to meet frequent
store personal data and other data (purchases) beside that
user need to be aware of different rights on purchases of spikes in demand, you'll need a way to shift traffic to
their own data in the cloud. reserve capacity somewhere. The cloud is a logical
Privacy supplier.
Until today, Privacy is one of the biggest challenges. Some · If we want the flexibility of presenting your service in
apps store user’s data remotely, which may be sold to others either a public cloud setting or a private infrastructure
(agencies, etc) without the permissions of user. (Like operation for a special customer, you'll need a way to
updates about location)
quickly establish a private cloud without diverting all
Data Security
· Mobiles are famous for malicious code, gives possibility your engineering effort to do so.
of loss. · If we want to operate our own data center, but know
· Data loss from lost/stolen devices some public-facing workloads can be run more
· Info stealing by malicious malware efficiently in an automated scaling and load-balanced
· Data leakage due to poorly written third party app environment, then a hybrid cloud operation will let your
· Not assured network access, unreliable APs IT concentrate on the things that yield unique business
· Insecure Market Places value.
· Near Field Communication and Proximity based hacking
· If none of these seem to fit your case, think about the
Data Segregation
Data in the cloud is typically in a shared environment value of showing independence and avoiding vendor
alongside data from other customers. Encryption is effective lock-in by always maintaining a relationship with two
but isn't a cure-all. The cloud provider should provide or more vendors. Each supplier has different strengths.
evidence that encryption schemes were designed and tested Try to take advantage of the fit that matches. [10]
by experienced specialists. "Encryption accidents can make
data totally unusable, and even normal encryption can C. Homomorphic Encryption
complicate availability," Homomorphic encryption is the conversion of data into
ciphertext that can be analyzed and worked with as if it were
still in its original form. Homomorphic encryptions allow
complex mathematical operations to be performed on
encrypted data without compromising the encryption. In
mathematics, homomorphic describes the transformation of

494
one data set into another while preserving relationships Homomorphic property
between elements in both sets. The term is derived from the Encrypt (m) x encrypt (n) = encrypt(m x n)
Greek words for "same structure." Because the data in a RSA allows only multiplication: other operations on
homomorphic encryption scheme retains the same structure, ciphertext (e.g +) break decryption
identical mathematical operations whether they are
performed on encrypted or decrypted data will yield Other scheme allow different operations (e.g. + and -)
equivalent results. Homomorphic encryption is expected to Algebra homomorphism allows x and +: much more
play an important part in cloud computing, allowing powerful but need to select appropriate homomorphic
companies to store encrypted data in a public cloud and take encryption scheme for application.
advantage of the cloud provider’s analytic services.
Homomorphic encryption is about encryption schemes IV. RESULT AND ANALYSIS
which allow computing with encrypted value without This implementation is going to be executed on android OS
decrypting them. For instance, given E(a) and E(b) (the platform using Samsung Galaxy S3, android version 4. This
encryption of a and b), you can compute E(a+b) without
knowing a, b nor the decryption key. Homomorphic Table 1. The Time Consumption result for homomorphic Encryption in
encryption schemes are very useful in voting schemes, with Mobile Multi-Clouds
the following structure: voters encrypt their votes, the file size Encryption Decryption
homomorphic property is used to add all votes together, and ± (kb) time (ms) time (ms)
the result is decrypted (with group decryption by a set of
authorities who need to gather together, in a very public way, 20 5 4
to perform a decryption). There are several homomorphic 50 12 10
encryption schemes, some have been known for decades
(e.g. El Gamal). They are efficient, and secure (as secure as
100 20 17
asymmetric encryption can be). Note that homomorphic 200 35 30
encryption solves the question of anonymous tallying, but 500 90 75
that's only a small part of a proper voting scheme.
Homomorphic encryption can also be used in digital cash 1000 196 180
systems, there again in order to ensure anonymity or some 2000 420 400
other properties. Fully homomorphic encryption is a term 5000 1500 1350
which was coined when were first found encryption
schemes which preserved two algebraic operations in a ring In this implementation, we are focusing on the
structure: namely, given E(a) and E(b), you can homomorphic encryption in user side for data security
compute E(a+b) and E(ab). It turns out that with those two which put in the multi-cloud, our research is focusing on the
operations, you can compute just about everything. This is time consumption while do the encryption locally in the
where the "cloud" gets into the picture: the cloud is environment. Otherwise, the result of this experiment till
powerful, but not trustworthy; hence, you could encrypt improving, but from this result, we can admit that
your data, send it to the cloud which performs the homomorphic encryption has a fast encryption method for
computation you want to do, and then decrypt the result. cloud computing and also has strong method for secure the
Homomorphism Scheme: data itself compare to other scheme (explained in
Here is the simple explanation and its example: Homomorphic scheme).
Groups (,⊕) and (,⊗) relation  ∶  → 
F is a group homomorphism in P and C, if: ∀ ,  ∈ Table 2. The Comparison Table with Existed works
: ( ⊕ ) = () ⊗ () especially ∀ ,  ∈ :  ⊕ Half Full
 =   (() ⊗ ()) System Applications
Homomorphic Homomorphic
Public key (z,y) and Data on cloud
Select p=a, q=b HE ü
computing
P X q= y= N RSA Internet
µ(N)=µ(y)=(p-1)x(q-1)=120 ü
(1978) Banking
select e with gcd (e,120)=1 BGV Integer of
e=z ü
[19] Polynomials
private key (w,y) Multi-party
calculate e x d ≡ 1 mod µ(N): computation,
e x d + K x µ (N) = 1 = gcd (e, µ(N)) AHEE
ü electronic
= z x d + K x 120 = 1 = gcd (z, 120) [20]
voting and
D = w, k = -9 mobile cipher
Encryption in RSA:
  .     −  

495
Table 2 consist of the comparison of our project with some [5] Sanaei, Zohreh, et al. "Heterogeneity in mobile cloud
related project, our project name is Homomorphic computing: taxonomy and open challenges." Communications
Encryption (HE). BGV is an asymmetric encryption scheme Surveys & Tutorials, IEEE 16.1 (2014): 369-392.
which can be used for the encryption of the bits. Dealing [6] Ahmad, Azeem, Muhammad Mustafa Hassan, and Abdul
with integer vectors (whose security is dependent on the Aziz. "A Multi-token Authorization Strategy for Secure
hardness of decisional LWE (Learning with Errors) and Mobile Cloud Computing." Mobile Cloud Computing,
dealing with the integer polynomials (whose security is Services, and Engineering (MobileCloud), 2014 2nd IEEE
dependent on the hardness of the decisional R-LWE (Ring International Conference on. IEEE, 2014.
LWE). The security of the AHEE is IND-CPA which is the [7] Gentry, Craig. A fully homomorphic encryption scheme. Diss.
highest level of the security of AHEE. Additive Stanford University, 2009.
homomorphism of this algorithm refers the same k for [8] Gentry, Craig. "Fully homomorphic encryption using ideal
encryption but uses the random number of k in E1 which lattices." STOC. Vol. 9. 2009.
makes AHEE able to resist plaintext attack. In this project, [9] Naehrig, Michael, Kristin Lauter, and Vinod Vaikuntanathan.
we make a Homomorphic Encryption for mobile version "Can homomorphic encryption be practical?." Proceedings of
which connects to Multi Cloud Computing. One more the 3rd ACM workshop on Cloud computing security
important thing to complete this task is run a single
workshop. ACM, 2011.
command in cloud computing to the encrypted file without
[10] InformationWeek. (March 3 2012). 6 Reasons to Use multiple
decrypted to prove that Homomorphic Encryption could
cloud providers. Retrieved from
protect the data while it’s given some tasks.
http://www.informationweek.com/cloud/infrastructure-as-a-
V. CONCLUSION service/6-reasons-to-use-multiple-cloud-providers/d/d-
id/1103644?
Multi-clouds is one of optimal solution for data security and
efficiency and effectively than single cloud. The technology [11] GCN Technology, Tools and Tactics for Public Sector IT.
is changing over the time, mobile cloud is becoming a trend (June 13 2013). New Encryption Method Promises End-to-
among the user. This paper gives a research in mobile multi- End Cloud Security. Retrieved from
cloud computing (MMC) and the data security from user http://gcn.com/articles/2013/06/13/encryption-end-to-end-
side through homomorphic encryption. Homomorphic cloud-security.aspx?admgarea=TC_Cloud
encryption claimed by many research as an optimal [12] Khan, Abdul Nasir, et al. "Towards secure mobile cloud
encryption for cloud computing environment. This paper computing: A survey."Future Generation Computer
prove the result performance in homomorphic encryption Systems 29.5 (2013): 1278-1299.
suitable for mobile multi-cloud computing. Future works for [13] AlZain, Mohammed Abdullatif, Ben Soh, and Eric Pardede.
the researcher in this paper is improving the performance "MCDB: Using Multi-clouds to Ensure Security in Cloud
security aspects in mobile multi cloud computing and Computing." Dependable, Autonomic and Secure Computing
improve the encryption itself and research for the space or (DASC), 2011 IEEE Ninth International Conference on. IEEE,
memory consumption for mobile environment. 2011.
[14] Wang, Cong, et al. "Privacy-preserving public auditing for
ACKNOWLEDGMENT data storage security in cloud computing." INFOCOM, 2010
This research was supported by the National Research Proceedings IEEE. Ieee, 2010.
Foundation of Korea under Grant 2011-0009349. [15] Subashini, Subashini, and V. Kavitha. "A survey on security
issues in service delivery models of cloud
computing." Journal of Network and Computer
REFERENCES
Applications 34.1 (2011): 1-11.
[1] Bohli, J-M., et al. "Security and privacy-enhancing multicloud [16] Ramgovind, S., Mariki M. Eloff, and E. Smith. "The
architectures."Dependable and Secure Computing, IEEE management of security in cloud computing." Information
Transactions on 10.4 (2013): 212-224. Security for South Africa (ISSA), 2010. IEEE, 2010.
[2] Carlson, Frederick R. "Security Analysis of Cloud [17] Reddy, A. Rama Mohan. "Data Security in Cloud based on
Computing." arXiv preprint arXiv:1404.6849 (2014). Trusted Computing Environment."
[3] AlZain, Mohammed Abdullatif, et al. "Cloud computing [18] Santos, Nuno, Krishna P. Gummadi, and Rodrigo Rodrigues.
security: from single to multi-clouds." System Science "Towards trusted cloud computing." Proceedings of the 2009
(HICSS), 2012 45th Hawaii International Conference on. conference on Hot topics in cloud computing. 2009.
IEEE, 2012. [19] Fau, Simon, et al. "Towards practical program execution over
[4] Naehrig, Michael, Kristin Lauter, and Vinod Vaikuntanathan. fully homomorphic encryption schemes." P2P, Parallel, Grid,
"Can homomorphic encryption be practical?." Proceedings of Cloud and Internet Computing (3PGCIC), 2013 Eighth
the 3rd ACM workshop on Cloud computing security International Conference on. IEEE, 2013.
workshop. ACM, 2011. [20] Smid, Miles E., and Dennis K. Branstad. "Response to
comments on the NIST proposed Digital Signature Standard."

496
 Advances in Cryptology—Crypto‘92. Springer Berlin
Heidelberg, 1993.
[21] J. Viega, "Cloud computing and the common man", Computer,
42, 2009, pp. 106-108.
[22] H.Mei, J. Dawei, L. Guoliang and Z. Yuan, "Supporting
Database Applications as a Service", ICDE'09:Proc.
25thIntl.Conf. on Data Engineering, 2009, pp. 832-843.
[23] C. Wang, Q. Wang, K. Ren and W. Lou, "Ensuring data
storage security in cloud computing", ARTCOM'10: Proc. Intl.
Conf. on Advances in Recent Technologies in
Communication and Computing, 2010, pp. 1-9.
[24] M. Vukolic,"The Byzantine empire in the intercloud", ACM
SIGACT News, 41,2010, pp. 105-111.

497