Secure Rendering Process in Cloud Computing - IEEE Xplore

2013 Eleventh Annual Conference on Privacy, Security and Trust (PST)

Secure Rendering Process in Cloud Computing Mohd Rizuan Baharon

Qi Shi

David Llewellyn-Jones

Madjid Merabti

School of Computing and Mathematical Sciences Liverpool John Moores University Liverpool, United Kingdom [email protected] .uk

School of Computing and Mathematical Sciences Liverpool John Moores University Liverpool, United Kingdom [email protected]

School of Computing and Mathematical Sciences Liverpool John Moores University Liverpool, United Kingdom D.Llewellyn-Jones@ ljmu.ac.uk

School of Computing and Mathematical Sciences Liverpool John Moores University Liverpool, United Kingdom [email protected]

Abstract—Big animated film companies these days are migrating their operations to the advent technology of cloud computing. They need quick access to massive amounts of computer power from the cloud to generate a photorealistic animated film within reasonable time and cost as well. However, moving private data to untrusted third parties like clouds raises security concerns. Primitive encryption schemes seem ineffective to be used as the data need to be decrypted first. Thus, homomorphic encryption is believed to be one of the potential solutions as it allows arbitrary computation on encrypted data without decryption. There are a number of fully homomorphic encryption (FHE) schemes that have been proposed and improved upon. Nevertheless, all of them are far from practical as efficiency is still a big obstacle for their implementation. Thus, in this paper a new FHE scheme based on finite fields and support n-multilinear maps is proposed. The key contribution of this paper is to propose a FHE scheme with improved efficiency. To implement such a scheme, a new protocol is proposed. The protocol allows three or more parties to communicate with one another to process data in an encrypted form. Keywords—Cloud Computing; Data storage; 3D Rendering; Homomorphic Encryption; Elliptic Curve; and n-Multilinear Map

I.

INTRODUCTION

Nowadays, big animation companies like Pixar, DreamWorks and Warner Bros are dependent on 3D animated films that are full of photorealistic textures, colours, expression, and movement. Such film projects could be achieved by constantly pushing the capability of animation and by combining an animator’s skill and talent with massive computing power. As an example, the modern animation industry requires a lot of computing power by spending more than three hours just to render each frame of a Computer Generated CG film on a workstation. Pixar for instance took two years to completely render all 114,000 frames of the 77 minute film Toy Story using a render farm with inherent parallelism. On the other hand, such a studio needs to shoulder high cost of licenses. They must get licence for all the software they use for film production, as there is no free professional-level animation and rendering software. Therefore, all the software

must be bought and licensed for each workstation that will use the software. Furthermore, an animated film that has been created should meet the rigorous deadlines in order to satisfy quotas and seasonal schedules. Thus, they require a new approach that can decrease the amount of rendering time and the overall cost of rendering, as well as free up a lot of manpower which they can divert into other parts of the business. The above reasons make those animation companies pondering the cloud computing models. For example, DreamWorks Animation is moving to the new HP Media Cloud Solution, and Pixar uses RenderMan to produce its animated films. With the advent of cloud computing technology, the capability of dynamically scaling up and down computing resources has become accessible even to small organizations for their cost-effective operations. As a result, major companies all over the world, are migrating their operations to the cloud and finding creative new ways of incorporating the technology and services into their businesses. In order to leverage such a technology and services, clients need to outsource all of their data (e.g. 3D frames) to Cloud Service Providers (CSPs) like HP. However, outsourcing such precious data into the clouds with no physical and limited digital control by the clients raises serious security concerns to the data [1]. Furthermore, inappropriately handling such data could result in a disaster to the data owner due to data misuse, data leakage, or data stolen by other parties that use the same services. Moreover, cloud service providers do not offer proper security guarantees to the data owners [2]. Due to the scale, dynamicity, openness and resource-sharing nature of cloud computing, addressing security issues in such environments is a very challenging problem [3]. To ensure that security and integrity of the data is preserved in clouds, encryption techniques should be implemented. Primitive encryption schemes such as RSA are good for storage purposes [4]. However, such encryption techniques prevent data to be processed by cloud-based applications [5]. Thus, a scheme that allows data to be processed in an encrypted form, like a FHE scheme, is needed. Although a number of existing FHE schemes have been

This work was supported in part by Liverpool John Moores University, United Kingdom, the Ministry of Higher Education, Malaysia, and University Technical Malaysia Malacca, Malaysia.

978-1-4673-5839-2/13/$31.00 ©2013 IEEE

82

proposed and improved upon, all of them are far from practical as efficiency is still a big challenge for their implementation [6]. For instance, existing FHE schemes based on Lattices are suffering from efficiency issues due to the amount of noise introduced during the processing stage of data [7]. Additionally, a scheme based on a bilinear map allows arbitrary additions and just one multiplication on encrypted data [8]. The rendering process of 3D frames requires additions and more than one multiplication. Such limitations require an improved FHE scheme to be proposed. Thus, in this paper we propose a new FHE scheme based on a finite field that supports n-multilinear maps. The scheme is constructed based on an open problem raised by Boneh et al. in their scheme that supports a bilinear map [8]. To implement such a scheme, we also propose a new protocol that allows more than three parties to communicate with one another in order to process data in an encrypted form. Such a protocol will ensure that the security and integrity of the outsourced and processed data in the cloud environment is preserved. This paper is structured as follows. We first describe our research contributions in Section II and briefly review a rendering process that potentially can be done securely in cloud environment using our proposed scheme and protocol. We then describe some important concepts that will be used in constructing of our scheme and protocol in Section IV. In Section V, we explained our proposed scheme and protocol together with their related process involved. We then provided results of our work in Section VI. Finally, we conclude this paper in Section VII. II.

A. Rendering equation ( , , , )= ( ,

3D RENDERING

Rendering is the process of creating an image from a model by means of computer programs. In order to create a realistic computer-generated image, modelling the physical properties and interactions between light, materials and the human visual/perceptual system will be involved. This process

( , , , )

, , , ) ( ,

, , )(−

· )

(1)

Where • is a specific wavelength of light. • is time. ( , , , ) is the total amount of light of wavelength • directed outward along direction at time from a particular position . ( , , , ) is the emitted light. • •

( , , , , ) ( , , , )(− · ) is an integral over a hemisphere of the inward direction. • ( , , , , ) is the bidirectional reflectance distribution function. ( , , , ) is the light of wavelength coming • inward toward from direction at time . • (− · ) is the attenuation of inward light due incident angle. B. Mathematical properties: • The equation is linear, consisting only of additions and multiplications. • The equation is spatially homogeneous, in that it can be applied to all points in a scene regardless of their position or orientation.

OUR CONTRIBUTION

The expected key contributions of this paper are summarised in the following points: • A new FHE scheme. We propose a new FHE scheme based on a finite field that supports n-multilinear maps to achieve fully homomorphic properties. Such properties are required to enable 3D frame data to be generated through rendering equation. Furthermore, we implement an EC group as the underlying group as EC promises high efficiency and strong security. • A new secure protocol. We propose a new secure protocol that allows a group of users to communicate with one another in order to get a result that has been processed in an encrypted form. The protocol allows animated studios to leverage services provided by the CSPs with secure and confidence as their precious data is kept secret even though the data is processed by untrusted third parties like the CSPs. III.

was first represented mathematically by Kajiya [9]. The representation is called a rendering equation as given in (1).

C. Rendering in Clouds The rendering is computationally expensive as the process involves a complex variety of physical processes simulated. The processes require a lot of computing power as well as storage spaces. As an example of the film Rise of the Guardians, its creation required an HP workstation Z820 that is outfitted with two Intel Xeon E5-2687W processors, running at 3.1GHz each. Furthermore, to complete such a film, DreamWorks might render as much as 65 million hours of footage to come with 90 minutes of worthwhile materials. Moreover, such movie files occupy as much as 250TB of storage. However, each animator might have 96GB of RAM on their personal Z800 or Z820 at a time while the movie was made. On the other hand, comparing with older 3D animated films like Shrek and Toy Story the detail and quality of textures of new films have risen to the point that some scenes already look photorealistic. The increase in clarity means that the demands on data storage infrastructure has also increased dramatically, and animation studios now find that they need to store and retrieve extremely large amounts of data at high speeds, and they are in need of a cost effective solution that could still scale well when growth requires it.

83

In the meantime, cloud service providers are seeing the potential of delivering on-demand and dynamically scalable computing resources as a service. Such a service will allow the animation industry to adopt a more cost effective pay-as-yougo model instead of constantly bleeding money over hardware and manpower that they do not really use all the time. Getting rid of these entire costly infrastructures will reduce operational costs as well as streamline an organization. Additionally, cloud technology itself gets rid of glass ceilings that the animation industry bumped into the past, wherein they were limited by the amount of hardware they can muster. With cloud technology, their needs can be met by highly scalable infrastructure. As a result, cloud service providers like HP have developed their own infrastructure for storage and created rendering services to meet the needs from major visual effects animation companies. They provide rendering tools to address the extreme scalability and performance requirements needed by their clients. Some of the rendering tools that are available online today are as follows: 1) RenderMan RenderMan is one of the primary rendering tools used at Pixar. It is available as a stand-alone tool and for use within Autodesk’s Maya. It has been specifically engineered to meet the demanding challenges of rendering 3D animation and visual effects [10]. 2) Tractor 1.0 This tool is Pixar’s next generation distributed processing solution. It was released in April 2010. It is a completely new and robust solution specifically engineered to address the extreme scalability and performance requirements of multi-core networks of tens of thousands of processors and beyond [11]. 3) HP Media Cloud Solution HP Cloud Solution for Media offers flexible computing services with the capability for fast scaling of processors and storage to accommodate client needs. Using this solution will benefited their clients in term of less complexity with cloud-based services, fast deployment, and many more [12]. 4) RenderRocket RenderRocket has its own base of servers rendering. It has been developed since 2004 markets itself as a self-service 3D render farm supports many of the big name effects software Maya, Mental Ray, 3ds Max, V-Ray, Cinema 4D Maxwell Render [13].

for and that like and

IV.

BACKGROUND

This section describes some fundamental concepts and definitions that have been used in our scheme. A. An n-Multilinear Map Definition of n-Multilinear Map: [14] be cyclic groups of the same prime Let , , … , and be a finite field that is closed under order q and multiplication operation. -multilinear groups = = = are all isomorphic to one another as they have the = same order and are cyclic. An n-multilinear map is a function … such that the following properties : are satisfied: , ,…, and , , … , , • For all … , ,…, = ( , ,…, ) . • The map is non-degenerate: If generates then generates . ( , ,…, ) An example of a construction of n-Multilinear Groups of Order using the Elliptic Curve Group: = = = of order n An -multilinear group = can be constructed as follows: • Let = 2, and = 10 such that is a square-free integer that is not divisible by 3. A square-free integer is one divisible by no square number, except 1. Then, = − 1 = 2(10) − 1 = 19. = defined over a finite field • Let ( , ) ( ): be the groups of points. The curve has 1= . Thus, there exists a subgroup = 20 points in in ( , ) ( ) of order 10 since = 10. • Let be the subgroup of a finite field that is closed = of order n. Our aim is under multiplication, to have an n-multilinear map : … which includes the admissible n-multilinear map generator. B. Elliptic Curve over Finite Field Let 3 be an odd prime. An EC E over a prime field is defined by an equation as given in (2). =

(2)

where , , and 4 27 0 . The set ( ) consists of all points ( , ), , together with a point at infinity O. Furthermore, the algebraic formula of adding distinct points and doubling a point on the curve are given as follows. Let , and be points on the curve. Then, • •

84

= = for all ( ). If = ( , ) ( ), then ( , ) ( , − ) = . (The point ( , − ) is denoted by − , and is called the negative of P).

• (Point addition) Let =( , ) ( , ) where . Then =( ,

.

(

=

and

) where

=

)−

−

−

−2

and

=

−

)

( ), where , where =

(

−

)−

.

Working example: All points that lie on the curve ( , ) ( ) are illustrated in Fig. 1, and working examples of point addition and point doubling on the curve is described as below. •

Point Addition

=

Thus,

A. The Proposed Scheme: Suppose 0,1 be a plainntext and ( ) be a ciphertext. The proposed scheme consistts of four algorithms which can be described as below. b finite fields of order where be • KeyGen: Let and = such that a and are two distinct random prime numbers. Pick tw wo random generators , and set = . The public key = . is = ( , , , , , ) . The secret key is • Encryption: ( ) = ( ( )) = • Decryption: = ( ) such that = . • Evaluate: iphertext is represent as: a) The summation of cip

− 0 − 1 = 6,

( )=

(0 − 6) − 2 = 20.

=

•

) where = (1,8) ( , )( = = ( , ), where

= (0,2) and . Then

Let

= (6,20)

( , )(

= =

( ) ( ) ( ) ( )

( )= ( ,

), where

Definition: Subgroup Decission Problem Let and let ( , , , , ) be a tuple produced by . Given ( , , , ) and an ( ) where = element . Then 1 if | | = . 1, Output = 0 if otherwise. 0, That is, without knowing the factorization of the group order , decide if an element is in a subgroup of . This problem is referred as the suubgroup decision problem [15].

).

30 25

2 =(20,22)

20

=(6,20)

15 10 5

=(1,8) =(0,2)

0 -5

)

B. Scheme security: The security of our proposeed scheme is based on subgroup decision problem as describbed below.

(0 − 20) − 2 = 22. ( , )(

,…,

such the scheme shoould support n-multilinear maps.

− . Then

− 2(0) = 20,

Thus, 2 = (20,22)

( )

b) The product of cipheertext is represent as:

).

Point Doubling Let = (0,2) ( , )( 2 = ( , ), where

U PROPOSAL OUR

This section describes our proposed p scheme and its related properties. We then describe our proposed protocol and its related process.

.

• (Point doubling) Let =( , − . Then 2 = ( , )

V.

=

and =

0 5 =(−1,−1) -5

Fig. 1. An elliptic Curve over

10

15

20

25

30

C. Scheme requirements: p The scheme should hold such properties: 1) Homomorphic under operations. o a) ( ) = ∑ ( )=∏ ( ) is homomorphic underr addition. b) ( ) = ∏ ( ) is homomorphic under multiplication. 2) Double layer encryptionn. The scheme should suppport double layer encryption in order to ensure that the security of the outsourced data is preserved.

with point at infinity, (−1, −1)

D. Basic description protocol:

85

The protocol is illustrated in Fig. 2, and its steps are explained as follows: Step 1: A group of data contributors, , and , create secret respectively. They create raw data keys , and and = for = 1,2, … , , and encrypt = ( ) and ( ). them using their secret key i.e. ( ) and ( ) to the They outsource designated cloud storage. creates a secret key together with a public Step 2: User key, . Then sends to the cloud while keeps secretly. Step 3: , and retrieve ’s public key from the cloud, ( ) and use it to encrypt their secret key ( ) respectively and sent them to the cloud. ( ) and ( ) using to Step 4: The cloud encrypts ( ) and ( ) . The produce cloud runs an initial process on the encrypted data

operation is: letting and be Here, the definition of the integers such that is a secret key to encrypt a plaintext and ( )= . = = ( ) is a ciphertext, we then have VI.

Our results are based on mathematical results that enable encrypted data to be processed in order to generate 3D frame in the cloud environment. These results are important as our scheme enable arbitrary multiplications on encrypted data. Arbitrary multiplications are required in the rendering equation as described in Section III. 1) The proposed scheme can compute arbitrary multiplications on encrypted data = ( , ) and = ( , ). Let = for Set . some and = a) Encrypts Product

and ( ) using the with operation called data transformation. The processes can be described as below. ( )) = ( • ( ) =

( ) =

b)

( )

Decrypts Product Step 1: ( )=

∏

=

∏

̃ ̃ ∏

=

( )

∏

= element of

Then, the cloud computes those data homomorphically. ( ) ( )= ( ) retrieves the result from the cloud and decrypts it Step 5: ’s secret key: (

( )

( )=

( ) =

•

RESULT

̃

, as

Step 2: , Let = To recover ∏ ( ) ( ) = log = log ( )∏

) =

= Thus,

is the identity

, then

log ( )

=∏ . ( ( )) = ∏

2) The arbitrary multiplications are homomorphic = ( , ) and = ( , ). Let = for Suppose ( ) some . A product of ciphertexts ( ) = ∏ using the proposed scheme is homomorphic under multiplication operation. Proof: . Then, Let ( ) = ( ) = ( , ,…, ) ) , ,…, = ( ) , ,…, = ( As the scheme supports n-multilinear maps and the generator exists in the map, then ) ( , ,…, ( )( )…( ( ) = , ,…, (… ) … =

Fig. 2. The protocol

86

)

Let

= (…

Then, ( ) =

…

(…

)

.

) = ̃ and ∏ ∏

VII.

= (…

)

[4]

S. Subashini and V. Kavitha, “A survey on security issues in service delivery models of cloud computing,” Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1–11, Jan. 2011.

[5]

Z. Mahmood, “Data Location and Security Issues in Cloud Computing,” 2011 International Conference on Emerging Intelligent Data and Web Technologies, pp. 49–54, Sep. 2011.

[6]

C. Gentry and N. P. Smart, “Homomorphic Evaluation of the AES Circuit,” Advanced in Cryptology - CRYPTO 2012. Lecture Notes in Computer Science, vol. 7417, pp. 850–867, 2012.

[7]

J. Fan and F. Vercauteren, “Somewhat Practical Fully Homomorphic Encryption,” in IACR Cryptology ePrint Archive, 2012.

[8]

D. Boneh, “Evaluating 2-DNF Formulas on Ciphertexts,” in Second Theory of Cryptography Conference, TCC 2005, Cambridge Proceedings, 2005, pp. 325–341.

[9]

J. T. Kajiya, “The Rendering Equations,” in Proceeding SIGGRAPH ’86 Proceedings of the 13th annual conference on Computer graphics and interactive techniques, 1986, vol. 20, no. 4, pp. 143–150.

.

=

̃

CONCLUSION

We have proposed a fully homomorphic encryption scheme that allows big animated film companies like Pixar to migrate their operations to the cloud environment securely. Our technique implements EC group as the underlying group as EC promises efficiency while n-multilinear maps to achieve fully homomorphic properties to the scheme. Efficiency is crucial in rendering process as a large amount of data needs to be rendered in order to generate a photorealistic animated film. Furthermore, fully homomorphic properties are required as the process involves arbitrary additions and multiplications on encrypted data. To execute such a scheme, we have proposed a new protocol that allows a group of users to communicate with one another to get a result that has been processed by the CSPs. Based on such a protocol, the security of the data is guaranteed due to no information disclosed at any stage of the process in the cloud environments. For further work, we will be working on the generator of n-multilinear maps. This generator must be proved exists in the map prior to implementing such a map in the scheme.

REFERENCES

[10] Pixar, “Pixar’s RenderMan® / Industry Standard,” 2013. [Online]. Available: http://renderman.pixar.com/products/whats_renderman/standard.html. [Accessed: 21-Mar-2013]. [11] Pixar, “Pixar’s RenderMan® / Pixar's Tractor,” 2013. [Online]. Available: http://renderman.pixar.com/products/tools/tractor.html. [Accessed: 21-Mar-2013]. [12] HP, “Cloud Solutions for Media | HP® United Kingdom,” 2013. [Online]. Available: http://www8.hp.com/uk/en/businesssolutions/solution.html?compURI=1090150. [Accessed: 21-Mar-2013]. [13] RenderRocket, “About Us: Render Rocket – Cloud Render Farm,” 2013. [Online]. Available: http://www.renderrocket.com/about-us/. [Accessed: 21-Mar-2013].

[1]

S. Singh and I. Chana, “Cloud Based Development Issues: A Methodical Analysis,” International Journal of Cloud Computing and Services Science, vol. 2, no. 1, pp. 73–84, 2013.

[14] C. Papamanthou, R. Tamassia, and N. Triandopoulos, “Optimal Authenticated Data Structures with Multilinear Forms,” Procceeding of the 4th international conference on Pairing-based Cryptography, pp. 246–264, 2010.

[2]

K. Nahrstedt, R. Campbell, E. Burger, J. Giffin, X. H. Gu, A. D. Joseph, E. Keller, D. Ma, and H. Weatherspoon, “Security for Cloud Computing,” in A Report: Directorate for Computer and Information Science and Engineering (CISE), 2012, pp. 1–19.

[15] D. M. Freeman, “Converting Pairing-Based Cryptosystems from Composite-Order Groups to Prime-Order Groups,” Advances in Cryptology – EUROCRYPT 2010, Lecture Notes in Computer Science., vol. Volume 611, pp. 44–61, 2010.

[3]

D. Zissis and D. Lekkas, “Addressing cloud computing security issues,” Future Generation Computer Systems, vol. 28, no. 3, pp. 583–592, Mar. 2012.

87