On the impossibility of cryptography alone for privacy-preserving cloud computing

M. van Dijk, A. Juels

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

© HotSec 2010 - 5th USENIX Workshop on Hot Topics in Security. All rights reserved.Cloud computing denotes an architectural shift toward thin clients and conveniently centralized provision of computing resources. Clients' lack of direct resource control in the cloud prompts concern about the potential for data privacy violations, particularly abuse or leakage of sensitive information by service providers. Cryptography is an oft-touted remedy. Among its most powerful primitives is fully homomorphic encryption (FHE), dubbed by some the field's “Holy Grail,” and recently realized as a fully functional construct with seeming promise for cloud privacy. We argue that cryptography alone can't enforce the privacy demanded by common cloud computing services, even with such powerful tools as FHE. We formally define a hierarchy of natural classes of private cloud applications, and show that no cryptographic protocol can implement those classes where data is shared among clients. We posit that users of cloud services will also need to rely on other forms of privacy enforcement, such as tamperproof hardware, distributed computing, and complex trust ecosystems.
Original languageEnglish
Title of host publicationHotSec 2010 - 5th USENIX Workshop on Hot Topics in Security
PublisherUSENIX Association
Publication statusPublished - 2010
Externally publishedYes
Event5th USENIX Workshop on Hot Topics in Security, HotSec 2010 - Washington, United States
Duration: 10 Aug 2010 → …

Conference

Conference5th USENIX Workshop on Hot Topics in Security, HotSec 2010
Country/TerritoryUnited States
CityWashington
Period10/08/10 → …

Fingerprint

Dive into the research topics of 'On the impossibility of cryptography alone for privacy-preserving cloud computing'. Together they form a unique fingerprint.

Cite this