An Efficient Framework for Privacy-Preserving Computations on Encrypted IoT Data

Abstract

There are two fundamental expectations from cloud-IoT applications using sensitive and personal data: 1) utility and 2) privacy. Due to the complex nature of cloud-IoT ecosystems, there is a growing concern about data utility at the cost of privacy. While the current state-of-the-art encryption schemes protect users’ privacy, they preclude meaningful computations on encrypted data. Thus, the question remains “how can IoT device users benefit from cloud computing without worrying about privacy and security?” Cloud service providers (CSPs) can leverage fully homomorphic encryption (FHE) schemes to build privacy-preserving services. However, there are challenges in adopting them for cloud-IoT devices. Thus, to foster real-world adoption of FHE-based solutions, we propose a framework called proxy reciphering as a service . We leverage schemes, such as distributed servers, secret sharing, FHE, and chameleon hash functions to tailor a solution that enables long-term privacy-preserving computations for encrypted IoT-device data and is secure even after a device-key compromise. We evaluate the framework by developing a testbed and measuring the latencies with real-world ECG records from TELE ECG database. We also analyze the security properties against major cyber threats. We observe that: 1) the computation and communication latencies are acceptable, and the security gains outweigh the latencies introduced; 2) the throughput of the reciphering proxy servers can be increased with preprocessing; and 3) a key-refresh scheme can limit the postcompromise attack exposure window. We infer that proxy reciphering as a service is a practical, secure, scalable and an easy-to-adopt framework for long-term privacy-preserving cloud computations for cloud-IoT applications.