Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Secure Cloud Computing: Virtualizing the FreedomBox

Caspar Bowden (lists) lists at casparbowden.net
Tue Apr 22 04:47:40 PDT 2014


On 17/04/14 20:29, David Solomonoff wrote:
> This blog post was inspired by a recent breakthrough in homomorphic 
> encryption at MIT:
>
>> In 2010 I asked Professor Eben Moglen 
>> <https://en.wikipedia.org/wiki/Eben_Moglen> to speak to the Internet 
>> Society of New York <http://isoc-ny.org> about software freedom, 
>> privacy and security in the context of cloud computing and social 
>> media. In his Freedom in the Cloud <http://isoc-ny.org/?p=1338%20> 
>> talk, he proposed the FreedomBox <https://freedomboxfoundation.org> 
>> as a solution ....
>>
>> [Now] data can be encrypted at every point until it is accessed by 
>> its legitimate owner, combining privacy and security with the 
>> flexibility and scalability of cloud computing.
>>
>> No longer confined behind a locked down private data center or hidden 
>> under the end user's bed, a virtual FreedomBox can finally escape to 
>> the clouds.
>
> Full article:
> http://www.davrola.com/2014/04/17/secure-cloud-computing-virtualizing-the-freedombox/ 
>

(I am not a cryptographer, but disillusioned former FHE-enthusiast, 
until I realized was irrelevant to real Cloud policy)

Fully homomorphic encryption uses techniques utterly different to 
conventional encryption and is a ~trillion times slower. Even the 
integer version ~million times slower

Apropos the blog, Mylar is cool, but doesn't use FHE. It sends the Cloud 
conventionally encrypted blobs to and fro - and the Client does all the 
work (thus neutralizing main vaunted benefit of Cloud, elastic and 
parallel CPU power). It also uses an encrypted search technique for 
indexing (which is also cool)

TAHOE is also cool, but doesn't claim to provide confidentiality. A 
TAHOE service provider would have no choice but to round-up/backdoor the 
necessary keys under existing US (FISA/PATRIOT) or UK (RIPA Pt.3) 
legislation [or Indian IT Acts etc. etc.]

There are partial homomorphic solutions coming along useful to specific 
scenarios, but using them will be state-of-the-art crypto engineering 
<research.microsoft.com/pubs/148825/ccs2011_submission_412.pdf> for 
foreseeable future

FHE cannot rescue confidentiality in the Cloud.

Caspar Bowden
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20140422/97957bc1/attachment.html>


More information about the liberationtech mailing list