Computing on encrypted data and its applicability to a coalition operations environment

Abstract

Coalition operations often invoke the sharing of information and IT infrastructure amongst partners. Whilst there may be a coalition 'need to share'data this is often tempered by a 'need to know'principle that often prevents valuable information from being exchanged, particularly with classified data. Ideally, coalition partners would wish to share data that can be used to compute specific results that are only relevant to a given operation, without revealing all of the shared information. In this paper we will present the concept of a secure coalition cloud architecture that is capable of storing encrypted data and of performing arbitrary computations on the encrypted data on behalf of users, without at any stage having to decrypt it. To do this we make use of a fully homomorphic encryption scheme using a novel approach for managing encryption and decryption keys in a public key infrastructure (PKI) setting.