The HEAT project develops advanced cryptographic technologies to process sensitive information in encrypted form, without needing to compromise on the privacy and security of the citizens and organizations that provide the input data.
The core technology is based on homomorphic cryptography, which allows to perform computations on encrypted information without decrypting it. The main goal of HEAT is to produce a step change in the efficiency and applicability of this technology.
The HEAT project brings together Europe's leading researchers on homomorphic cryptography (KU LEUVEN, UNIVBRIS and UL), with the leading expertise on lattice based cryptanalysis (UPMC), and three industrial partners with existing interests in the field (CRX, NXP and Thales UK).
As the amount of information we store, process and share electronically continues to rise, so do the security and privacy concerns about this information. High profile cases, such as the Snowden revelations, have contributed significantly to the growing privacy awareness amongst companies and end users. Privacy concerns and corresponding legislation often result, rightfully so, in the slow adoption of new technologies or the cancellation altogether of projects that are unable to offer sufficient privacy guarantees. As such companies and users typically have to choose either privacy (by not using some service) or the extra functionalities such service provides.
The HEAT project develops technology that enables both privacy and functionality simultaneously resulting in new application areas and business models. The classical approach to securing information is simply to encrypt it. The resulting ciphertext not only is impossible to decipher (except for the legitimate key owner), but it is typically also impossible to process the underlying plaintext solely by manipulating the ciphertext. What is required for functional privacy applications are mechanisms that support computation on encrypted data. These mechanisms naturally bridge the fundamental divide between privacy restrictions on the one hand and functionalities on the other hand.
The technology used by HEAT is called Somewhat Homomorphic Encryption (SHE), which can be used to compute on encrypted data without the need to decrypt the data first. SHE is a very recent technology: for a very long time it was not even known to be possible and the first theoretical construction was only given in 2009.
The goal of HEAT is to produce a step change in the efficiency and applicability of this technology.
COSIC’s (Computer Security and Industrial Cryptography) research concentrates on
- the design, evaluation, and implementation of cryptographic algorithms and protocols
- the development of security architectures for information and communication systems
- the development of security mechanisms for embedded systems
- the design and analysis of privacy preserving systems privacy-friendly biometrics
COSIC’s theoretical work is mainly based on discrete mathematics such as number theory, finite fields, boolean algebra, but also includes statistics and optimization. Within the COSIC group, there is a strong emphasis on providing security in hardware and software for embedded processors and cryptographic coprocessors. COSIC performs security evaluations, including attacks, both in software and hardware in our Hercules funded security lab. COSIC studies the security aspects of a wide range of applications: e-commerce, medical, automotive, e-voting, micro-electronics, wireless communication, mobile phones, and many more.
The HEAT project envisages a 3 pronged research agenda to extend the range of practicality and applicability of SHE.
1) Three real world case studies, supplied by our industrial partners, and using this to create practical demonstrators of the technology. A common theme in these case studies is the evaluation and/or training of neural networks on encrypted data.
2) Extend the range of applicability by further research into SHE algorithms, focusing on efficiency and other methods to increase the size of the circuits which can be securely and practically evaluated.
3) Understand the underlying security of the resulting systems, most of which relate to hard problems for lattices. This third prong is likely to have further spin-offs in that the resulting mathematical results and tools will be able to be applied to other lattice based systems, which are the main contender for post-quantum cryptography at the present time.
All three prongs will be executed in three phases, distributed across six interlinked work packages. In the first phase requirements analysis and capture will be performed. This will be followed by a phase of mathematical analysis and the creation of test artefacts. The test artefacts will be used to validate the assumptions underlying the requirements and mathematical analysis. Finally, the test artefacts will be worked up into demonstrators and tools.
The demonstrators that will be developed are of particular interest to our industrial partners:
- Smart Grids for NXP:
By issuing directive 2009/72/EC, the European Union wants to stimulate the use of smart energy meters that are capable of bidirectional communication with the central utility system. The importance to the EC can be further illustrated by the dedicated H2020 programme on secure, clean and efficient energy. By sending consumption data to the utility multiple times per hour, smart meters enable the smart grid allowing for better grid management, energy savings and demand side management via flexible tariffs. By making the energy cost approximately proportional to the amount of (green) energy production, consumers are motivated to match their consumption patterns to the production pattern. The HEAT project focuses on non-linear billing and advanced statistics on encrypted data.
- Automated crime detection for CRX:
Europol's 2013 Organised Crime Threat Assessment (OCTA), reveals that organised crime is becoming increasingly diverse in its methods, group structures, and impact on society.
Tools supporting the systematic environmental scanning for weak signals, searching / fusing / interpreting data from different sources such as databases with personal information and public web sites exist and are increasingly being used by intelligence services. The HEAT project uses SHE to encrypt databases while enabling data aggregation in the Cloud for authorized users. The term aggregation here refers to* statistical analysis (statistical moments, correlation coefficients, etc),* extraction/detection of OC-specific events (weak OC signals).
- Shared satellite infrastructure applications for Thales UK:
The satellite industry is strategically important for Europe, and generates significant revenue as well as employing many tens of thousands of people in Europe. It is also expected to offer significant opportunities for growth, especially in the new application areas of Global Monitoring for Environment and Security (GMES), and Europe’s GNSS system, Galileo.
Technologies offering Europe a competitive advantage in these applications therefore offer the potential for significant economic impact. A particular issue facing European satellite providers is shared use and reconfigurability of infrastructure. The HEAT project focuses on how SHE can allow encryption to be used to provide the required security separation on such shared infrastructure, while still allowing essential and value-add processing of data to take place.