Twin Clouds: Secure Cloud Computing with Low Latency

Sven Bugiel, Stefan Nürnberger, Ahmad-Reza Sadeghi, Thomas Schneider

In: Bart De Decker , Jorn Lapon , Vincent Naessens , Andreas Uhl (editor). Proceedings of the 12th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security. Communications and Multimedia Security (CMS-2011) 12th October 19-21 Gent Belgium Pages 32-44 Lecture Notes in Computer Science (LNCS) 7025 ISBN 978-3-642-24711-8 Springer Berlin, Heidelberg 2011.


Cloud computing promises a cost effective enabling technology to outsource storage and massively parallel computations. However, existing approaches for provably secure outsourcing of data and arbitrary computations are either based on tamper-proof hardware or fully homomorphic encryption. The former approaches are not scaleable, while the latter ones are currently not efficient enough to be used in practice. We propose an architecture and protocols that accumulate slow secure computations over time and provide the possibility to query them in parallel on demand by leveraging the benefits of cloud computing. In our approach, the user communicates with a resource-constrained Trusted Cloud (either a private cloud or built from multiple secure hardware modules) which encrypts algorithms and data to be stored and later on queried in the powerful but untrusted Commodity Cloud. We split our protocols such that the Trusted Cloud performs security-critical precomputations in the setup phase, while the Commodity Cloud computes the time-critical query in parallel under encryption in the query phase.

nuernberger2011cms_twinclouds.pdf (pdf, 492 KB )

German Research Center for Artificial Intelligence
Deutsches Forschungszentrum für Künstliche Intelligenz