Swiss Cryptologists Cracked the MIT Homomorphic Encryption Scheme

A team of researchers from the Swiss Federal Institute of Technology in Lausanne has demonstrated successful attacks against the homomorphic encryption method proposed by MIT specialists Hongchao Zhou and Gregory Wornell. This type of encryption allows computer operations to be carried in an encrypted form. The homomorphic method gives service the ability to operate without exposing data in an unencrypted form.

The MIT Homomorphic Encryption Scheme Is No Longer Secure

The research team consisting of Sonia Bogos, John Gaspoz and Serge Vaudenay note that “It is essential to analyze and filter those schemes whose security is questionable.” Three types of attacks have been demonstrated – a broadcast encryption, a chosen cipher text attack and a related chosen plain text attack against the MIT scheme.
The broadcast encryption attempt is successful, the researchers have discovered that a malicious user can get enough information to create a solution to the encrypted solution by eavesdropping. An example scenario is one where a service provider uses activation keys to authenticate its customers. The encrypted key is the same for all customers. When it is being sent to them via the Internet, the malicious user can recover it in encrypted form. As the scheme utilizes ciphered communication it would be enough to gain entry into the system.
The cipher text attack involves accessing the Oracle that decrypts the message. The researchers note that a simple brute force attack can be used to recover the encryption key.
The chosen cipher attack employs successful brute force attacks against the encryption scheme.
All of the above attacks have tested in test scenarios and implemented in a Matlab environment. Given the successful results the MIT scheme was rendered insecure.
Homomorphic encryption is used to create secure systems such as voting systems and private access technologies. A number of cloud services also employ this type of encryption as a security measure alongside other defensive measures.
You can access the research paper titled “Cryptanalysis of a Homomorphic Encryption Scheme” from IACR.

How disturbing is this problem?

Avatar

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.


Related Posts

Comments

  • Hi sir ,

    Please help me , am a student from India & downloaded a movie from torrent, which infected my laptop with cerber2 virus. my all
    Projects , personal data & multiple
    Series are encrypted & 500$ has been asked to be paid for decryption technique . Kindly tell me the way to crack this thing as k want to study myself to break this code. Kindly help me.

    • Hello Akshat,

      You have been infected with the new variant of Cerber ransomware – Cerber2. You could find more information and manual removal guide in the following article:

      http://bestsecuritysearch.com/remove-cerber2-ransomware/

      Probably you will be able to restore some of your recent .doc files from the records stored in the %Temp% folder of your computer. We could further advice you to consider the help of any reliable data recovery software.

      Don’t forget to back up your data. It is a sure way to protect it against corruption or loss. For this purpose, you could use a decent backup program or cloud backup services. Another way is to back up files manually by exporting the data to an external hard drive like CD, DVD or thumb drive. In case you choose to do manual backups remember to update regularly your backups.

  • Leave a Reply

    Your email address will not be published. Required fields are marked *