Article Preview
Top1. Introduction
In our world today, we have billions of connected devices, sensors, actuators, controllers, and applications that are communicating and interacting to form the Internet of Things (IoT). These IoTs help to improve our health, the quality of life in our homes, save time, and make our workplace more productive, thereby improving our welfare. By 2030, our world will be revolutionized by the IoT market (Griffiths & Ooi, 2018), and as projected by Gartner, IoT data will arguably become the biggest big data source, possibly overtaking enterprise, media, and entertainment data (Akbar, 2017). Despite the numerous advantages of IoT, they are unable to handle and compute the large amount of data they generate due to resource constraints and because the cost of implementing some computation of massive data on them might outweigh the benefits (Evans & Eyers, 2012). A combination of IoT, machine learning, and cloud computing technology has often been used as a solution to this large amount of data, and even more so due to the prevalence of the COVID-19 pandemic, as everyone is now soliciting for cloud services (Iezzi, 2020).
A security mechanism capable of preserving this data needs to be put in place to ensure that IoT data is not accessed by cloud companies or third parties or does not end up in the wrong hands. This mechanism is difficult to achieve with traditional encryption schemes (Song et al., 2018). For traditional encryption schemes, each time a computation needs to be performed on the encrypted data stored in the cloud, the data is first decrypted. After the decrypted data is processed, it will be re-encrypted and re-uploaded to the cloud. This process often gives the cloud service providers and the model owners’ access to the data and is very tedious and time-consuming (Maha et al., 2012). For the users, they want cloud service providers to process the data and extract the valuable information contained while keeping it unknown to other users and third-party services. In other words, there is the desire to manipulate data while ensuring data protection, privacy, and anonymization to ensure that IoT data does not get into the wrong hands..
Homomorphic encryption is capable of handling this challenge and enables computation on encrypted data without decryption. In 2009, there was a remarkable breakthrough when Gentry (Gentry, 2009) successfully demonstrated that fully homomorphic encryption (FHE) was possible, even though it had difficulties in implementation and was time-consuming. FHE refers to a specific class of encryption scheme that allows computing directly (a large number of different types of mathematical operations) on encrypted data without having to decrypt it first. The result of the ciphertext when decrypted is the same as the output of the mathematical operations on the corresponding plaintext.
Several FHE schemes and libraries have been published that allow even those who are not good at cryptography to apply FHE in various domains ranging from data science (Iezzi, 2020), healthcare (Wood et al., 2020), IoT (Song et al., 2018), (Alabdulatif et al., 2019), (Butpheng et al., 2020), (Ramesh & Govindarasu, 2020), and banking (Ren et al., 2021) to enhance data security and privacy. We will evaluate the performance of the two most successful FHE schemes: Brakerski/Fan-Vercauteren (BFV) (Fan & Vercauteren, 2012) and Cheon, Kim, Kim, and Son (CKKS) (Cheon et al., 2017), used in TenSEAL (Benaissa et al., 2021) and PyFHEl (Ibarrondo & Viand, 2021) python base libraries that we have considered in this paper. Their main feature is the use of the residue number system (RNS) for performing operations (Babenko et al., 2020). This is done by determining the execution time of the main functions (encoding, encryption, addition/multiplication operations, decryption, and decoding) in the scheme, thereby determining the most productive scheme.