An intuitive and simple solution is to encrypt sensitive data before a customer sends the data to an untrusted environment. However, simple encryption, such as advanced encryption standard (AES) and Rivest-Shamir-Adleman (RSA), does not allow arbitrary processing over encrypted data and getting the results by decryption. eoretically, homomorphic encryption (HE) [2] can provide perfect security features to protect sensitive data in a remote untrusted environment, such as a cloud. Unfortunately, there is no practical implementation for homomorphic encryption, by hardware or soware. Back in July 2009, a well-known cryptographic personality Bruce Schneier (https://www.schneier. com/) praised Craig Gentry’s groundbreaking HE scheme, but pointed out that “Gentry’s scheme is completely impractical ... Gentry estimates that performing a Google search with encrypted keywords-a perfectly reasonable simple application of this algorithm-would increase the amount of computing time by about a trillion.” In May 2013, the International Business Machines (IBM) released an open source soware package called HElib (https:// github.com/shaih/HElib), a soware library that implements HE. Although this is a big new step in cryptography, the HElib developers pointed out that “At its present state, this library is mostly meant for researchers working on HE and its uses. Also currently it is fairly

20.7 Security Analysis 337 20.8 Discussion 338 20.9 Next Step in Future: Agile Cloud with Privacy Protection 339 20.10 Summary 340 Acknowledgments 341 References 341

low-level (set, add, multiply, shi, etc.), and is best thought of as ‘assembly language for HE’.” us, protecting sensitive data on untrusted platforms remains extremely challenging.