Mathematical networks to ensure the security of ‘apps’ | Science

14

More and more people are using artificial intelligence services located in the cloud to receive weather forecasts, directions on how to get to a location, or suggestions from nearby restaurants. In return, the user shares their personal data – location, personal information, preferences – with the cloud service. There the data is processed, which can be used maliciously to disseminate sensitive information or invade user privacy. Recent examples are, in 2018, the case of the application Strava fitness app, which revealed the location of US army bases worldwide; and in 2019 the demand from the city of Los Angeles to the IBM weather company for the misleading use of location data. These events show the need to design specific cryptographic systems for cloud computing, based on a mathematical structure called reticle.

To ensure cloud security, a first option would be to encrypt personal information before uploading it, and for calculations to be made on this opaque information. However, it is often not possible to process encrypted data with traditional systems. This problem is solved with the so-called homomorphic encryption, which maintains the structure of the information, so that useful computations can be made. Thus, applications can work with the data, without knowing what details they contain, and also obtain encrypted results, which will only be decrypted on the user's device. This system allows to change the order of encryption and processing: the same result is obtained when it is first encrypted and then the computations are made as when done the other way around.

Homomorphic encryption uses the same mathematics as cryptography based on reticles, a mathematical structure that can be imagined as a network or mesh. For example, if we consider a plane with coordinate axis, a grid is given by points that have integer coordinates. Encryption uses mathematical problems about reticles that, unless certain extra information is available (the decryption password), are extremely difficult to solve or, what comes to be the same, that your solution requires an unbeatable computation time for the possible attacker.

The parameters of the homomorphic encryption scheme are established so that the most common attacks would require an exponential time with respect to the size of the network to break their security, which makes them safer than traditional systems. In addition, no possible quantum attacks have been found in polynomial time, indicating that they are good candidates for post-quantum cryptography.

Homomorphic encryption uses the same mathematics as the cryptography based on reticles, a mathematical structure that can be imagined as a network or mesh

The first scheme of homomorphic encryption It was proposed by Craig Gentry, a researcher at the IBM Thomas J. Watson Center, in 2009. Since then, numerous cryptographers have worked to find systems that are both practical – relatively simple to implement – and robust, that is, that involve problems very expensive mathematicians to solve, and known to the community, so that their complexity is guaranteed.

In 2011, the team I lead in Microsoft Research obtained a homomorphic encryption scheme as well as a series of practical improvements to these systems, which is currently used worldwide as the basis for developing homomorphic encryption applications. All this work is included in the “Private AI” project, which seeks to protect the privacy of user data while implementing services Machine learning to create data classification models and offer predictions based on those models.

In the last eight years we have designed text analysis applications; of classification of images of dogs and cats; of exercise, which offer statistics and follow-up to athletes; weather forecast; for predicting the risk of heart attacks based on personal health data, or flowering time based on the genome of a flower; and risk of mortality from pneumonia using intelligible models. All of them work in the cloud with encrypted data, where they make their predictions in a fraction of a second, and return encrypted results, which are decrypted locally on the user's mobile.

Because it is a new form of encryption, so that it can be used in a generalized way we must standardize the security schemes and parameters. To this end, we have launched a consortium of experts from industry, government and academia, through which we hope to ensure that homomorphic encryption is soon a commercial tool that can be implemented to protect privacy in machine learning.

Kristin Lauter She is a principal investigator and director of the cryptography and privacy research group at Microsoft Research

Agate A. Timon G Longoria He is responsible for Communication and Disclosure at ICMAT

Coffee and theorems It is a section dedicated to mathematics and the environment in which they are created, coordinated by the Institute of Mathematical Sciences (ICMAT), in which researchers and members of the center describe the latest advances in this discipline, share meeting points between mathematics and other social and cultural expressions and remember those who marked their development and knew how to transform coffee into theorems. The name evokes the definition of the Hungarian mathematician Alfred Rényi: "A mathematician is a machine that transforms coffee into theorems."

Editing and coordination: Timon Agate (ICMAT).

You can follow Matter on Facebook, Twitter, Instagram or subscribe here to our newsletter

. (tagsToTranslate) network (t) math (t) mathematic (t) guarantee (t) security (t) apps (t) cryptographic system (t) (t) call (t) homomorphic (t) encryption (t) homomorphic ( t) allow (t) protect (t) data (t) user (t) service (t) artificial intelligence (t) cloud (t)

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.