Fully homomorphic encryption
Let’s suppose Alice is a client that is computationally bounded, she has an input X, she wants to compute an arbitrary program P on her input X and get the result where P is computationally intensive, she wants to delegate her computation to a powerful server (e.g. cloud provider) while preserving the privacy of her input (untrusted cloud). The way to do this is to encrypt the input, do the computation on the cipher text, and output the encryption of the result. A fully homomorphic encryption (FHE) is an encryption scheme that achieves that. It is currently still impractical in its full form because the algorithms take exponential time, but it is generating a lot of research in both academia and the industry, and they are bringing variants that make it practical.
CryptDB is a practical database server that allows SQL queries on encrypted data using SQL-aware encryption schemes (e.g. deterministic encryption for joins, order-preserving encryption for comparison predicates, homomorphic encryption for sums). The threat model for CryptDB is to ensure the privacy of the data in the face of a compromise of the database server.
Proof of concept
I made a proof of concept of the Grid running on CryptDB. I have not followed the guidelines to optimize the encryption schemes for the Grid; I just used the default CryptDB with the goal to spark interest in homomorphic encryption. The ideal would be to apply homomorphic encryption to M3.
Install Ubuntu 12.04 (as required by CryptDB), Ruby, Git, and JDK 7 (minimum requirement for the Grid):
sudo apt-get install ruby git openjdk-7-jdk
2. Install CryptDB
- Download and build CryptDB; it will take some time:
git clone -b public git://g.csail.mit.edu/cryptdb cd cryptdb/cd cryptdb/ sudo scripts/install.rb .
- It will install MySQL on default port 3306; for the root password, enter CryptDB’s default
- Start the CryptDB proxy (e.g. on default port 3307; change the EDBDIR accordingly):
export EDBDIR=/home/thibaud/cryptdb/ cd $EDBDIR bins/proxy-bin/bin/mysql-proxy \ --plugins=proxy --event-threads=4 \ --max-open-files=1024 \ --proxy-lua-script=$EDBDIR/mysqlproxy/wrapper.lua \ --proxy-address=127.0.0.1:3307 \ --proxy-backend-addresses=localhost:3306
3. Install the Grid
- Install the Grid on MySQL (see part 8), but via CryptDB (i.e. port 3307 instead of 3306):
mysql -u root -pletmein -h 127.0.0.1 -P 3307 create database InforIONGrid; use InforIONGrid; CREATE TABLE ...
- Change the Grid’s
config/jdbc.propertiesto use CryptDB instead of MySQL (i.e. port 3307 instead of 3306):
- Fix the CryptDB proxy query parser (it fails on column aliases and on the USER() function):
if string.find(query, "auto_increment_increment AS auto_increment_increment") then return -- fix for MySQL JDBC driver ConnectionImpl.loadServerVariables end if query == "SELECT USER()" then query = "SELECT CURRENT_USER()" -- fix for Grid Agent end
4. Start the Grid
Start the Grid as usual (see part 8).
The advantages are that the Grid data is encrypted which preserves its privacy in case the database server is compromised, and the Grid application did not have to be rewritten for it.
I hope this proof of concept inspires Infor Product Development to consider this type of security for their applications that run on the multi-tenant cloud, such as M3. Secure multi-party computation and homomorphic encryption are the future direction for the security of multi-tenant clouds and a potential market not yet realized.
Please like, comment, share, subscribe, and come write the next idea.