E. Pagnin, C. Brunetta, P. Picazo-Sanchez In CANS 2018, Naples (Italy), September 2018 Full Text

Abstract

We consider the problem of privacy-preserving processing of outsourced data in the context of user-customised services. Clients store their data on a server. In order to provide user-dependent services, service providers may ask the server to compute functions on the users’ data. We propose a new solution to this problem that guarantees data privacy (i.e., an honest-but-curious server cannot access plaintexts), as well as that service providers can correctly decrypt only –functions on– the data the user gave them access to (i.e., service providers learn nothing more than the result of user-selected computations). Our solution has as base point a new secure labelled homomorphic encryption scheme (LEEG). LEEG supports additional algorithms (FEET) that enhance the scheme’s functionalities with extra privacy-oriented features. Equipped with LEEG and FEET, we define HIKE: a lightweight protocol for private and secure storage, computation and disclosure of users’ data. Finally, we implement HIKE and benchmark its performances demonstrating its succinctness and efficiency.

Keywords: Labeled Homomorphic Encryption, GDPR, Privacy-preserving computation.