The advancement of cloud computing technologies has provided users and business organisations with various cloud-based options to store and access information externally, across multiple platforms and geographic locations. The cloud also has the ability to deliver scalable and high-performance computing services on demand and in a cost-effective manner while helping users to avoid the trouble of maintaining large data centres and complex computing facilities. The economies of scale increase revenue for cloud providers and lower costs for cloud users. The resulting on-demand model of computing allows providers to achieve better resource utilization through statistical multiplexing, and enables users to avoid the costs of resource over-provisioning through dynamic scaling. However, there are major security and privacy concerns when data is stored in external cloud storage systems. For example, when personal information is stored in unencrypted formats on the cloud, service providers can learn many details about the users such as their preferences, past behaviours and biometric identities. The widely distributed nature of cloud architectures means that server farms can be located in many countries or geographic locations that might be under different laws and regulations regarding user privacy. Furthermore, cloud service providers may encrypt data in-transit, but not while user data is stored on their servers, causing the reluctance of many business organisations to outsource the storage of their sensitive and valuable data, which can be major targets for attacks coming from both outside attackers and insiders. Therefore, encrypting the data when it is stored on the cloud is an important task to guarantee the confidentiality and privacy of users data. However, traditional cryptographic techniques make it difficult for processing tasks such as searching, updating or checking the integrity of encrypted data without asking clients to download and decrypt large amounts of data from the cloud. To realise the full potential of cloud computing, better cryptographic schemes are required. They should enable the cloud to perform various computing operations on encrypted data and return encrypted results to customers. Another desirable feature is how a cryptographic scheme can allow different parties to combine their encrypted data and perform some computing tasks on the cloud without compromising the confidentiality and privacy of the data of each party. Recently, homomorphic cryptography has increasingly been the focus of researchers because this technology has a great potential to provide the desirable features described above. Homomorphic encryption can be implemented either as a symmetric or a public-private asymmetric key paradigm. This technique allows many types of computing operations to be performed on ciphertext and output encrypted results which, when decrypted, are found to be identical to the results of the same operations performed on plaintext data. With a homomorphic cryptosystem, many computational circuits can now be homomorphically evaluated, producing programs that might be run on encryptions of their inputs to produce an encryption of their output. Since the inputs of such programs are encrypted, a computation task can be performed on an untrusted cloud without revealing any inputs and internal states. In this thesis, we focus the design and implementation of various application models of homomorphic cryptography so that the cloud can be used more effective and securely to store and process sensitive customer data. Our research works throughout many chapters of this thesis also provide valuable information regarding the security of homomorphic cryptography in many use case scenarios. We illustrate how homomorphic cryptography can be applied effectively with all of its flexibility, power and usefulness in many applications ranging from smart grid, e-commerce to secret sharing. In this thesis, we also propose approaches to enhance the efficiency and effectiveness of homomorphic cryptography, so that these cryptographic schemes can be applied not only in current cloud-based application, but also in larger, more mission-critical applications in the future.
展开▼
