Implementing Privacy Homomorphism with Random Encoding and Computation Controlled by a Remote Secure Server

IF 2.8 3区计算机科学 Q2 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

ACM Transactions on Embedded Computing Systems Pub Date : 2024-03-08 DOI:10.1145/3651617

Kevin Hutto, Vincent Mooney

{"title":"Implementing Privacy Homomorphism with Random Encoding and Computation Controlled by a Remote Secure Server","authors":"Kevin Hutto, Vincent Mooney","doi":"10.1145/3651617","DOIUrl":null,"url":null,"abstract":"<p>Remote IoT devices face significant security risks due to their inherent physical vulnerability. An adversarial actor with sufficient capability can monitor the devices or exfiltrate data to access sensitive information. Remotely deployed devices such as sensors need enhanced resilience against memory leakage if performing privileged tasks. To increase the security and trust of these devices we present a novel framework implementing a privacy homomorphism which creates sensor data directly in an encoded format. The sensor data is permuted at the time of creation in a manner which appears random to an observer. A separate secure server in communication with the device provides necessary information which allows the device to perform processing on the encoded data but does not allow decoding of the result. The device transmits the encoded results to the secure server which maintains the ability to interpret the results. In this paper we show how this framework works for an image sensor calculating differences between a stream of images, with initial results showing an overhead as low as only 266% in terms of throughput when compared to computing on standard unencoded numbers such as two’s complement. We further show 5,000x speedup over a recent homomorphic encryption ASIC.</p>","PeriodicalId":50914,"journal":{"name":"ACM Transactions on Embedded Computing Systems","volume":"22 1","pages":""},"PeriodicalIF":2.8000,"publicationDate":"2024-03-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Embedded Computing Systems","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3651617","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Remote IoT devices face significant security risks due to their inherent physical vulnerability. An adversarial actor with sufficient capability can monitor the devices or exfiltrate data to access sensitive information. Remotely deployed devices such as sensors need enhanced resilience against memory leakage if performing privileged tasks. To increase the security and trust of these devices we present a novel framework implementing a privacy homomorphism which creates sensor data directly in an encoded format. The sensor data is permuted at the time of creation in a manner which appears random to an observer. A separate secure server in communication with the device provides necessary information which allows the device to perform processing on the encoded data but does not allow decoding of the result. The device transmits the encoded results to the secure server which maintains the ability to interpret the results. In this paper we show how this framework works for an image sensor calculating differences between a stream of images, with initial results showing an overhead as low as only 266% in terms of throughput when compared to computing on standard unencoded numbers such as two’s complement. We further show 5,000x speedup over a recent homomorphic encryption ASIC.

查看原文本刊更多论文

利用远程安全服务器控制的随机编码和计算实现隐私同构

远程物联网设备因其固有的物理脆弱性而面临巨大的安全风险。拥有足够能力的敌对行为者可以监控设备或外泄数据，从而访问敏感信息。传感器等远程部署的设备在执行特权任务时，需要增强对内存泄漏的抵御能力。为了提高这些设备的安全性和信任度，我们提出了一种新颖的隐私同构框架，可直接以编码格式创建传感器数据。在创建传感器数据时，会以一种在观察者看来是随机的方式对其进行排列。与设备通信的独立安全服务器提供必要的信息，允许设备对编码数据进行处理，但不允许对结果进行解码。设备将编码结果传输到安全服务器，而服务器则保持对结果的解读能力。在本文中，我们展示了这一框架如何用于图像传感器计算图像流之间的差异，初步结果显示，与计算标准的未编码数（如二进制）相比，在吞吐量方面的开销低至 266%。我们进一步显示，与最近的同态加密 ASIC 相比，速度提高了 5000 倍。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Transactions on Embedded Computing Systems 工程技术-计算机：软件工程

CiteScore

3.70

自引率

0.00%

发文量

138

审稿时长

6 months

期刊介绍： The design of embedded computing systems, both the software and hardware, increasingly relies on sophisticated algorithms, analytical models, and methodologies. ACM Transactions on Embedded Computing Systems (TECS) aims to present the leading work relating to the analysis, design, behavior, and experience with embedded computing systems.