Encrypted Computing

Abstract

The invention helps to ensure security and confidentiality of software and data in a remote delegation scenario by simulating the encrypted circuit representation of a computer system. The client sends an encrypted aggregate as a black box to a remote computing resource which performs the computation blindfolded and delivers the results in an encrypted form.

background

In modern remote computing, data and programs are encrypted during storage and while in transit only. This is performed by applying approved cryptographic methods.

However, in order to be processed, data and programs have to be decrypted. To achieve this, the remote resource needs to know the secret decryption key to be able to decrypt all required software for the processing step. This means that the remote resource can read all programs and data in the clear. In many situations in distributed infrastructures this is not desirable.

Innovation / Solution

The entirely encrypted program execution is achieved by homomorphically encrypting the arithmetic circuit representation of a software implementation of a RISC-like processor and storage circuits. This results in a state-machine that performs only arithmetic additions and multiplications on probabilistically encrypted integers rather than plain bit values. The integer representations of the bitwise encrypted program code and bitwise encrypted data is transferred into the appropriate memory area of the machine simulator on the remote resource. The remote resource, in turn, computes the arithmetic circuit representation over encrypted bit values, thereby cycling the state-machine which implicitly executes a contained encrypted program over encrypted data. The execution is carried out obliviously because the remote resource has to compute all of the circuit gate representations in every single iteration and thus cannot distinguish any two cycles. Consequently, it can neither see the internal state of the encrypted machine nor the processed data.

Benefits