TY - GEN
T1 - On securing untrusted clouds with cryptography
AU - Chen, Yao
AU - Sion, Radu
PY - 2010/10/4
Y1 - 2010/10/4
N2 - In a recent interview, Whitfield Diffie argued that "the whole point of cloud computing is economy" and while it is possible in principle for "computation to be done on encrypted data, [...] current techniques would more than undo the economy gained by the outsourcing and show little sign of becoming practical". Here we explore whether this is truly the case and quantify just how expensive it is to secure computing in untrusted, potentially curious clouds. We start by looking at the economics of computing in general and clouds in particular. Specifically, we derive the end-to-end cost of a CPU cycle in various environments and show that its cost lies between 0.5 picocents in efficient clouds and nearly 27 picocents for small enterprises (1 picocent = $1 × 10-14), values validated against current pricing. We then explore the cost of common cryptography primitives as well as the viability of their deployment for cloud security purposes. We conclude that Diffie was correct. Securing outsourced data and computation against untrusted clouds is indeed costlier than the associated savings, with outsourcing mechanisms up to several orders of magnitudes costlier than their non-outsourced locally run alternatives.
AB - In a recent interview, Whitfield Diffie argued that "the whole point of cloud computing is economy" and while it is possible in principle for "computation to be done on encrypted data, [...] current techniques would more than undo the economy gained by the outsourcing and show little sign of becoming practical". Here we explore whether this is truly the case and quantify just how expensive it is to secure computing in untrusted, potentially curious clouds. We start by looking at the economics of computing in general and clouds in particular. Specifically, we derive the end-to-end cost of a CPU cycle in various environments and show that its cost lies between 0.5 picocents in efficient clouds and nearly 27 picocents for small enterprises (1 picocent = $1 × 10-14), values validated against current pricing. We then explore the cost of common cryptography primitives as well as the viability of their deployment for cloud security purposes. We conclude that Diffie was correct. Securing outsourced data and computation against untrusted clouds is indeed costlier than the associated savings, with outsourcing mechanisms up to several orders of magnitudes costlier than their non-outsourced locally run alternatives.
KW - cloud computing
KW - economics
KW - security
UR - https://www.scopus.com/pages/publications/78650219479
U2 - 10.1145/1866919.1866935
DO - 10.1145/1866919.1866935
M3 - Conference contribution
AN - SCOPUS:78650219479
SN - 9781450300964
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 109
EP - 114
BT - Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES '10, Co-located with CCS'10
PB - Association for Computing Machinery
T2 - 9th Annual ACM Workshop on Privacy in the Electronic Society, WPES 2010, Co-located with CCS 2010
Y2 - 4 October 2010 through 4 October 2010
ER -