A team of researchers from the Swiss Federal Institute of Technology in Lausanne has demonstrated successful attacks against the homomorphic encryption method proposed by MIT specialists Hongchao Zhou and Gregory Wornell. This type of encryption allows computer operations to be carried in an encrypted form. The homomorphic method gives service the ability to operate without exposing data in an unencrypted form.
The MIT Homomorphic Encryption Scheme Is No Longer Secure
The research team consisting of Sonia Bogos, John Gaspoz and Serge Vaudenay note that “It is essential to analyze and filter those schemes whose security is questionable.” Three types of attacks have been demonstrated – a broadcast encryption, a chosen cipher text attack and a related chosen plain text attack against the MIT scheme.
The broadcast encryption attempt is successful, the researchers have discovered that a malicious user can get enough information to create a solution to the encrypted solution by eavesdropping. An example scenario is one where a service provider uses activation keys to authenticate its customers. The encrypted key is the same for all customers. When it is being sent to them via the Internet, the malicious user can recover it in encrypted form. As the scheme utilizes ciphered communication it would be enough to gain entry into the system.
The cipher text attack involves accessing the Oracle that decrypts the message. The researchers note that a simple brute force attack can be used to recover the encryption key.
The chosen cipher attack employs successful brute force attacks against the encryption scheme.
All of the above attacks have tested in test scenarios and implemented in a Matlab environment. Given the successful results the MIT scheme was rendered insecure.
Homomorphic encryption is used to create secure systems such as voting systems and private access technologies. A number of cloud services also employ this type of encryption as a security measure alongside other defensive measures.
You can access the research paper titled “Cryptanalysis of a Homomorphic Encryption Scheme” from IACR.