2

I was reading How is CipherCloud doing homomorphic encryption? and was wondering:

Is there a technically feasible way for companies like CipherCloud to use homomorphic encryption (HE) while preserving full functionality in a third party SaaS app (e.g. Salesforce)? Furthermore, can it be done without requiring that the third party SaaS app be modified?

I believe is not completely possible because of the use of “Top n” functions (e.g. customer charts) and the common use of the SQL distinct keyword.

For example, suppose the application uses the top 10 customers (global sales) this month. For the DB query it would imply something like select top 10 customerField from sales order by orderTotalField desc. Issue here is that 2+ different customerFields can be the same customer if we use HE, and that would result in incorrect values, maybe not even 10 different customers.

Let me elaborate a little more: HE Database has a table with 3 fields customerName, dailySales and date. John is the customer with most sales but has, say, 8 HE equivalent values. The application ask for the top ten sales, by customer, by year. The query is then, Select cutomerName, sum(dailySales), Year(date) from datatable group by customerName, Year(date) order by Sum(dailySales) descending. As you see, the database needs to group in this case depending on sales for each customerName, and will fail for this example. Hope I'm clear here to establish the problem with HE in first instance.

What do you think, do they have a choice? If so, please elaborate :)

Community
  • 1
RoyD
  • 23
  • 4
  • 1
    Not being super familiar with SQL and salesforce.com (I know it is only an example, but still) I'm having a hard time understanding the question. Do you think you could give a simple example? You could start with a simple DB table and an example of something you don't think could be run using HE. – mikeazo Aug 12 '13 at 16:11
  • One sample could be the top 10 customers (global sales) this month. For the DB query it would imply something like select top 10 customerField from sales order by orderTotalField desc. Issue here is that 2+ different customerFields can be the same customer if we use HE, and that would result in incorrect values, maybe not even 10 different customers. – RoyD Aug 12 '13 at 21:27
  • Just to clarify, CipherCloud does (or at least claims to do, didn't read the linked question) HE on a client's documents, not the clients account name in its own database. Am I wrong in this? – rath Aug 14 '13 at 14:14
  • The most pressing obstacle to Salesforce FHE integration is (will be) ciphertext size. Salesforce objects are stored in highly optimized databases whose fields are limited in size. FHE ciphertexts increase in size polynomially in the security parameter, so a 10-digit plaintext could have a 150-digit ciphertext under current schemes. Even if cryptographers get it down to a constant multiple it might still be impossible to fit ciphertexts into fixed-width database fields. – pg1989 Aug 14 '13 at 20:00
  • @pg1989 Constant multiple, i.e. 4 times seem to me that could be a reasonable option for strings, yet as you say, decreasing the max length to 1/4 in this case; a trade off that can leave the app unusable. Numeric data is another matter, I don't see how a proxy can decrypt the square root or the average of HE numbers in an unmodified SaaS App. – RoyD Aug 15 '13 at 17:02
  • It can decrypt anything computed using FHE. I'm confused, why wouldn't an FHE proxy be able to decrypt those things? – pg1989 Aug 15 '13 at 18:03
  • Simplistic example, you have 1 number sent with FHE to the SaaS App; SaaS App needs to do the square root of that number to preserve full functionally. How would FHE decrypt that or more complex operations only with a proxy and without modifying the App code? – RoyD Aug 15 '13 at 18:41
  • Are you asking about the architecture of the app, like where will the encryption take place? Or are you asking whether FHE can compute the square root of a number? – pg1989 Aug 15 '13 at 23:07
  • pg1989, I'm asking here if HE can be proxy injected in a SaaS app as is, without modifying its code/architecture while this app keeps doing sqrt, Top n, grouping and other standard Line-of-business internal SQL functions (not only simple addition/multiplication) and then for the proxy to decrypt everything returned and show the correct stuff in the browser. My personal belief is that this plain impossible to do right and in a semantically secure way (avoiding frequency analysis insecure 1:1 encryption). Would you agree with me? – RoyD Aug 16 '13 at 06:53

1 Answers1

3

Is there a technically feasible way for companies like CipherCloud to use homomorphic encryption (HE) while preserving full functionality in a third party SaaS app (e.g. Salesforce)?

Fully homomorphic encryption can theoretically1 compute any function. Therefore, if a computer can perform a task on plaintexts, then fully homomorphic encryption could theoretically be used to perform that exact same task on ciphertexts.

It seems like your doubt stems from an equality check. From your example, you seem to believe that because there are say two rows in the database that belong to the same user, that FHE would not be able to combine the sales amounts of those two rows. In other words, how would FHE know that the two encrypted customerName values are the same?

The answer is, the FHE computation wouldn't need to know that the two customerName values are the same. Instead, it would compute an encrypted bit. If they are the same, the encrypted bit encrypts 1, else it encrypts 0. This is a very feasible computation with FHE. Once it knows that bit, it would sum in the bit times the dailySales value. Thus, if the bit is 1, the dailySales value is added in. If the bit is 0, the dailySales value is not added in (since 0 times anything is 0).

Thus, given your table, say you want to know the top 1 customer. Presumably you have a table of encrypted customerName values. For each encrypted customerName value, you'd step through every entry in the sales table, computing the bit for that row, then adding in the bit times the dailySales value for that row. You'd save the result along with the customerName value. Once you've done that for every possible customerName, you'd use FHE to find the one with the largest encrypted sum, and return that to the user. The user could then decrypt the values and learn who was the top customer.

This is a good example of how, yes, FHE allows you to compute any function, but the method of doing it sometimes requires some tricks.

Furthermore, can it be done without requiring that the third party SaaS app be modified?

In general I would expect that the answer is no, w/o modification it could not be done. There are maybe a few corner/special cases where it could possibly.

For example, if dailySales value in the database is an int32, then an encrypted version will definitely not fit in the int32 slot. In which case the DB would have to be modified. If, however, the DB had originally been setup to store everything as, say, an unlimited size string, then FHE encrypted values could be encoded as a string (pick your favorite method) then stored that way.

The client software would either have to do the encryption itself, or a proxy could be used. So in that sense, the client would likely have to be modified (at least to point to the proxy). Let's assume you use a proxy. The client sends the entry to the proxy, the proxy encrypts it and submits it to the SaaS app.

The proxy would also have to be smart enough to translate queries. For example a query for the top customer would not be able to be run directly on the SaaS app. Instead the proxy would have to translate it into a query for the entire table, then run the process I described previously.

The proxy would only know the customer's public key, so the proxy couldn't return the plaintext answer. The customer would receive an encrypted answer to the query which it would have to decrypt.

I imagine this would be the process that would have to be done.

Note, the client doesn't really have to send FHE encrypted values to the proxy. The client could encrypt the values with AES, then send the AES key encrypted with the FHE public key. The proxy uses that encrypted key to homomorphically decrypt the values. The output is the user's values encrypted with FHE. Using this technique, the client would have to do very little FHE encrypting.

1. I say theoretically as FHE is still not practical today.

mikeazo
  • 38,563
  • 8
  • 112
  • 180
  • Yes, FHE could be used in this way. It's worth repeating, though, that we are at least 15 years away from a commercially viable FHE implementation. EDIT: @mikeazo I know you know this, but people reading your response might not. – pg1989 Aug 13 '13 at 17:50
  • This adds to what @pg1989 stated. I should say that I don't work for any CC competitor company, in fact, the same goes to every company like them. Consider the question as a cryptography related thesis, happy to hear options that state other views or answers to what is technically asked here. – RoyD Aug 14 '13 at 04:45
  • They use a custom application built on top of Salesforce, at least as far as I know. – pg1989 Aug 14 '13 at 06:57
  • cleaned up old comments – mikeazo Aug 15 '13 at 12:41
  • @mikeazo, you say "a query for the top customer would not be able to be run directly on the SaaS app", I believe that take us to the answer. HE cannot be used on unmodified SaaS Apps in general (or for the described scenario) and expect to work as is, preserving full functionality. – RoyD Aug 15 '13 at 19:26
  • @RoyD, In general I would expect that the answer is no, w/o modification it could not be done. There are maybe a few corner/special cases where it could possibly. – mikeazo Aug 15 '13 at 19:41
  • @mikeazo, I agree here, not technically realistic to make it in hours, without SaaS code modification while preserving full functionality for all standard business App scenarios, like the one in question. – RoyD Aug 16 '13 at 06:14