Towards Provably Secure Encrypted Control Using Homomorphic Encryption
Kaoru Teranishi, Kiminao Kogiso
TL;DR
This work tackles the lack of formal security proofs for encrypted control by introducing a provable-security definition tailored to encrypted control under attack, specifically a parameter-estimation threat. It formalizes an IND-PEA security notion and connects it to the standard cryptographic IND-CPA security, proving that IND-CPA security implies IND-PEA security while showing that the reverse can fail unless additional conditions hold. The key implication is that secure homomorphic encryption suffices to achieve provable security for encrypted control against parameter-estimation attacks, potentially enabling lighter-weight HE schemes in real-time cloud-controlled systems. The paper also outlines extensions to dynamical and stochastic controllers, highlighting future research directions for proving security in more complex control paradigms.
Abstract
Encrypted control is a promising method for the secure outsourcing of controller computation to a public cloud. However, a feasible method for security proofs of control has not yet been developed in the field of encrypted control systems. Additionally, cryptography does not consider certain types of attacks on encrypted control systems; therefore, the security of such a system cannot be guaranteed using a secure cryptosystem. This study proposes a novel security definition for encrypted control under attack for control systems using cryptography. It applies the concept of provable security, which is the security of cryptosystems based on mathematical proofs, to encrypted control systems. Furthermore, this study analyzes the relation between the proposed security and the conventional security of cryptosystems. The results of the analysis demonstrated that the security of an encrypted control system can be enhanced by employing secure homomorphic encryption.