Reaction attack on outsourced computing with fully homomorphic encryption schemes

Outsourced computations enable more efficient solutions towards practical problems that require major computations. Nevertheless, users’ privacy remains as a major challenge, as the service provider can access users’ data freely. It has been shown that fully homomorphic encryption schemes might be the perfect solution, as it allows one party to process users’ data homomorphically, without the necessity of knowing the corresponding secret keys. In this paper, we show a reaction attack against full homomorphic schemes, when they are used for securing outsourced computation. Essentially, our attack is based on the users’ reaction towards the output generated by the cloud. Our attack enables us to retrieve the associated secret key of the system. This secret key attack takes O(λlogλ) time for both Gentry’s original scheme and the fully homomorphic encryption scheme over integers, and O(λ) for the implementation of Gentry’s fully homomorphic encryption scheme.