* Posts by Nigel Smart

14 posts • joined 5 Jun 2008

Researchers crack homomorphic encryption

Nigel Smart
Holmes

Not interesting

The scheme broken here is not that interesting in the first place. Of course "The Register" should probably validate any article which appears on the IACR ePrint archive for "interestingness" before they just write an article on it. :-)

More interesting, was the break presented at CRYPTO yesterday here in Santa Barbara (https://www.iacr.org/conferences/crypto2016/) of the NTRU based FHE scheme (http://eprint.iacr.org/2016/127.pdf). This is the FHE scheme used by the Microsoft Research Labs demo applications of FHE talked about in previous Register articles.

Luckily though, even if the scheme in this article and the NTRU based FHE scheme have attacks, the main FHE scheme proposed by most researchers is the BGV one; which is the one implemented in the IBM library HELib (based on earlier code by yours truly).

In addition the break on the NTRU based FHE scheme does not apply to the "standard" NTRU scheme; which is kind of important as NTRU encryption is one of the prime contenders to replace standard schemes like RSA and ECC once a quantum computer is available.

As for the other points above. Any crypto paper worth its salt is open access in any case, as it would be published by the IACR and hence would be cross-posted to IACR ePrint. So if a crypto paper is behind a paywall; either it is rubbish or the paper can be obtained via ePrint.

1
0

How do you securely exchange encrypted-decrypted-recrypted data? Ask Microsoft

Nigel Smart

Re: Magic encryption dust

How about Wikipedia as a place to start...

https://en.wikipedia.org/wiki/Secure_multi-party_computation

And for the latest work with the current best performance there is this...

http://eprint.iacr.org/2016/768

0
0
Nigel Smart

Re: Magic encryption dust

You can decrypt without holding the key anywhere. The key is split into pieces, the pieces stored in different locations and they are never brought back together. There is no one point where you decrypt, the plaintext pops out of a decryption "protocol".

I have loads of scientific papers on this. It sounds like magic, but it is actually quite simple.

Currently record is to do about 1 million AES encryptions per second using a key which is shared and never placed in one place (paper by Lindell and others to appear at ACM CCS in late October).

Suggest you look up the products produced by the company Lindell and I founded (Dyadic Security), or maybe some of mine and others papers on this topic...

http://dblp.uni-trier.de/pers/hd/s/Smart:Nigel_P=

2
0
Nigel Smart

Re: Magic encryption dust

> If it is decrypted anywhere outside of the organisational boundaries then that

> means keys have to be sent...

Nope. Thats the point. The key is held in a split form and decryption is performed without anyone ever knowing the key.

0
0
Nigel Smart

Re: And Microsoft.

Microsoft do not have a product. Its a Microsoft Labs project. You cannot go buy it from MS

1
0
Nigel Smart

Re: Magic encryption dust

Indeed the MS protocol is pretty basic, it assumes a "semi-honest" cloud and a single cloud actor. The key to MPC to have different mutually mistrusting actors and to use protocols which are secure against "active" actors. So using multiple clouds, or a hybrid cloud, makes much more sense.

MPC also makes a lot of sense when trying to remove single points of security failure, you can take a sensitive piece of information and then distribute it around an organization; knowing you can use the data without it ever having to reside in a single place.

1
0
Nigel Smart
Holmes

There are already companies with products using Multi-Party Computation to allow computation on data without seeing the data. Examples include Cybernetica, Partisia and DyadicSecurity.

1
1

Someone has broken into your systems. Now what?

Nigel Smart
Holmes

Re: All good stuff but...

The fact that SMEs find this stuff hard, and that a lot of breaches get the hashed password file, and then just brute force it (since most humans pick dumb passwords) is one of the reasons Dyadic Security created its DSM technology (http://www.dyadicsec.com/technology/). One of the main use cases is to encrypt the entire password file using probabilistic encryption, and so render such brute force hacking impossible. Of course the DSM can be used to protect all sorts of similar applications. But the protection of the password file/DB from breaches is probably the easiest to understand, and it also protects against law enforcement asking you to reveal users passwords as well by spreading the trust over many countries.

0
0

Cameras roll on 'blockbuster' new Who series

Nigel Smart
Holmes

Re: X in SPAAAAAAAAAAAACCCCCCCEEEEEEEEE!

> eqyptians IN SPAAAACE!!!!

Old Fourth Doctor story of Pyramids of Mars. Not exactly Egyptions, but mummies galore

: Sherlock since there is no Dr Who icon

0
0

1 euro in every 7 spent on a Visa card

Nigel Smart

> Fraud moving to the internet where chip/pin can't help.

Actually they COULD roll out the CAP system used for online banking in the UK to authenticate the web based credit card transaction. This would be better than the Verified by Visa rubbish

0
0
Nigel Smart

> Fraud moving to the internet where chip/pin can't help.

They could use the CAP system which is used for online banking in the UK. After all they have this set up in most banks

0
0

HP boffin claims million-dollar maths prize

Nigel Smart

Factoring and NP

Factoring is indeed not believed to be NP complete. But it certainly lies in NP, since if I gave you a factor you could check whether my factor was correct very fast.

So if P=NP then factoring would be easy and factoring based crypto (indeed almost all practically deployed crypto) would be broken.

But if P<>NP we still have no idea whether factoring is easy or hard.

1
0

Confusion over 'secret code' in US military Cyberforce crest

Nigel Smart
Alert

But MD5 is broken...

They are still using MD5! I suspect there is another text which collides and that finding this is the real challenge

1
0

Bletchley Park rattles tin for urgent repairs

Nigel Smart
Linux

Online Donations

If you want to donate online to the Computing Museum part then go to....

http://www.tnmoc.co.uk/Donations.htm

Would also recommend the place for a visit, it also quite a good place

to hold meetings etc

0
0

Forums