<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 17/04/14 20:28, David Solomonoff
wrote:<br>
</div>
<blockquote cite="mid:53501D33.10000@gmail.com" type="cite">
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
This blog post was inspired by a recent breakthrough in
homomorphic encryption at MIT:<br>
<br>
<blockquote type="cite"> In 2010 I asked Professor <a
moz-do-not-send="true"
href="https://en.wikipedia.org/wiki/Eben_Moglen">Eben Moglen</a>
to speak to the <a moz-do-not-send="true"
href="http://isoc-ny.org">Internet Society of New York</a>
about software freedom, privacy and security in the context of
cloud computing and social media. In his <a
moz-do-not-send="true" href="http://isoc-ny.org/?p=1338%20">Freedom
in the Cloud</a> talk, he proposed the <a
moz-do-not-send="true" href="https://freedomboxfoundation.org">FreedomBox</a>
as a solution ....<br>
<br>
[Now] data can be encrypted at every point until it is accessed
by its legitimate owner, combining privacy and security with the
flexibility and scalability of cloud computing.<br>
<br>
No longer confined behind a locked down private data center or
hidden under the end user’s bed, a virtual FreedomBox can
finally escape to the clouds.</blockquote>
<br>
Full article:<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://www.davrola.com/2014/04/17/secure-cloud-computing-virtualizing-the-freedombox/">http://www.davrola.com/2014/04/17/secure-cloud-computing-virtualizing-the-freedombox/</a>
<br>
</blockquote>
<br>
(I am not a cryptographer, but disillusioned former FHE-enthusiast,
until I realized was irrelevant to real Cloud policy)<br>
<br>
Fully homomorphic encryption uses techniques utterly different to
conventional encryption and is a ~trillion times slower. Even the
integer version ~million times slower<br>
<br>
Apropos the blog, Mylar is cool, but doesn't use FHE. It sends the
Cloud conventionally encrypted blobs to and fro - and the Client
does all the work (thus neutralizing main vaunted benefit of Cloud,
elastic and parallel CPU power). It also uses an encrypted search
technique for indexing (which is also cool)<br>
<br>
TAHOE is also cool, but doesn't claim to provide confidentiality. A
TAHOE service provider would have no choice but to round-up/backdoor
the necessary keys under existing US (FISA/PATRIOT) or UK (RIPA
Pt.3) legislation [or Indian IT Acts etc. etc.]<br>
<br>
There are partial homomorphic solutions coming along useful to
specific scenarios, but using them will be <a
href="research.microsoft.com/pubs/148825/ccs2011_submission_412.pdf">state-of-the-art
crypto engineering</a> for foreseeable future<br>
<br>
FHE cannot rescue confidentiality in the Cloud.<br>
<br>
Caspar Bowden<br>
</body>
</html>