HomeUpdateThe first side channel attacks discovered by university students.

The first side channel attacks discovered by university students.


Last Updated on 05/03/2022 by Nidhi Khandelwal

A group of academics from North Carolina State University and Dokuz Eylul University have demonstrated the “first side-channel attack” on homomorphic encryption, which may be used to leak data while the encryption process is in progress, according to the researchers.

The first side channel attacks discovered by university students. 1

“Basically, we can read the data as it is being encrypted by measuring power usage in a device that is encoding data for homomorphic encryption,” said Aydin Aysu, one of the study’s authors. “This highlights the need for side-channel protection in even next-generation encryption methods.”

Homomorphic Encryption is a type of encryption that enables certain sorts of computations to be done directly on encrypted data without the need to first decrypt it.

It’s also designed to protect privacy by allowing sensitive data to be shared with other third-party services, such as data analytics organizations, for additional processing while the underlying data remains encrypted and, as a result, inaccessible to the service provider.

To put it another way, the purpose of homomorphic encryption is to make it easier to create end-to-end encrypted data storage and computation services that don’t require the data owner to provide their secret keys with third-party services.

The first side channel attacks discovered by university students. 2

The researchers propose a data leakage attack based on a vulnerability discovered in Microsoft SEAL, the tech giant’s open-source implementation of the technology, that could be exploited in a way that allows the recovery of a piece of plaintext message that is homomorphically encrypted, effectively undoing the privacy protections.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

This is how Russia is being punished for the war

The developer of the popular "node-ipc" NPM package published a new modified version to denounce Russia's invasion of Ukraine, sparking concerns about open-source and...