Researchers develop attack to steal data during homomorphic encryption


Researchers at North Carolina State University have developed what they believe to be the first successful side-channel attack on an emerging security technology called homomorphic encryption, which allows operations to be performed on encrypted data.

The technique will be presented at the DATE22 virtual conference on March 23 and includes a way to steal data while it is still being homomorphically encrypted. The paper’s lead author is Furkan Aydin, a graduate student at NC State, and it was co-authored by three other researchers at the university.

Aydin Aysu, an assistant professor in the NC State Department of Electrical and Computer Engineering, likens the attack to lockpickers in movies listening to a safe in order to crack it. “We do the same with computer hardware,” says Aysu. “We listen to the power consumption of a device while it calculates some cryptographic operations. … This allows us to infer the actual calculations.”

Homomorphic encryption is an approach developed a few years ago to make it easier for organizations to securely store, use, and manage data in cloud environments, among other things. In contrast to typical encryption methods such as AES, homomorphic encryption allows according to An open consortium focused on developing standards around the technology.

It would allow an organization to securely store data in the cloud and perform analysis on the data without having to give the cloud operator access to the secret encryption key or without having to download the data and edit it locally. “The cloud can work directly with the encrypted data and return only the encrypted result to the owner of the data,” according to the consortium’s description of the technology. “More complex application scenarios may involve multiple parties with private data for a third party to work with and send the result back to one or more of the participants for decryption.”

“Predominantly in the research phase”

Despite the plethora of use cases for homomorphic encryption — including in areas like privacy and regulatory compliance — the technology is still a long way from widespread adoption, largely because the algorithms are still relative slow and take up a lot of memory. Homomorphic encryption is “not widely used [used] compared to conventional systems,” says Aysu. “It is usually in the research phase and is geared towards practical implementation.”

the attack technique that NC State researchers contain a vulnerability in a Microsoft implementation of fully homomorphic encryption called Microsoft Simple encrypted arithmetic library (SEAL). Microsoft SEAL is a collection of encryption libraries for performing computational operations on encrypted data. The vulnerability, which the researchers have described as a “performance-based side-channel leak,” is present in the SEAL homomorphic encryption library up to version 3.6 of the technology, according to the researchers. It allows attackers to use a single power measurement from the device performing the encryption operations to extract data in plaintext while homomorphically encrypting the data.

The vulnerability allows attackers to eavesdrop on the computer performing the encryption and deduce whether a 0-bit or a 1-bit is being processed, Aysu says. “It’s a few lines of software code that specify the data that’s running on the device,” he says. “This information allows us to use some fancy equations and figure out the secret messages that are encrypted in a homomorphic encryption scheme.”

In order to pull off the attack, an attacker would need to be able to measure the power consumption of the device. That means the attacker would either have to be in the same location or be able to remotely monitor the device’s power consumption, he says.

An attacker would not have to spend a lot of money or time to launch an attack through the vulnerability. NC State researchers, for example, needed equipment that cost less than $1,000 and took about an hour at most to carry out the attacks in practice, Aysu says. But the attacks are well beyond the capabilities of the average script kiddy, he says. “These are difficult attacks to execute [that] require “Ph.D. level” knowledge to perform them.

According to Aysu, Microsoft is aware of the issue and has claimed that newer versions of Microsoft SEAL are not affected.


About Author

Comments are closed.