Is there a solution for runing processes in encrypted mode on runtime?

Question

Is there any solution for securely running encrypted processes on an untrusted machine over the WAN?

In public clouding, you can split your processes and send process request over the WAN, but you can not detect whether machine who wants to run your processes is secure or not. If there is malware running with sufficient privileges, it will have access into all resources of remote machine. Therefore, the system is not secure for running our processes over the WAN.

This is important because when we send a process request for a machine we must check the result is correct or not. We can check it by using some models like SHA or MD5 hash code but there is a problem. In this model of public clouding, the insecure destination machine will create hash code. Therefore, we can not trust on that hash code because we don't know how many machines that received our code were compromised and we don't know returned results that we received are correct or not.

Because of this problem we can not trust into result of processes over the WAN.

Is there any solution for resolving this problem? Is there any solution for running a process over the WAN in trusted mode? in every operating systems we had this problem. We can access on resources of a system by using low level programming and because of that there is no protected memory option in any operating system that I know.

Answer 1

This is a fundamental problem with using a system you don't control. You don't control it and cannot force it to behave.

You hinted at one solution in your question. Send a single request to multiple remote systems and compare the results. If they are different, one of them is wrong. It doesn't matter if it's compromised or buggy. As long as you have enough systems to reduce the likelihood of compromised systems outnumbering secure systems, you can use the result agreed by most systems. This is what NASA does to deal with cosmic rays flipping bits.

You could ask them to perform hard operations whose results are easy to verify. For example, let the remote system find all prime factors of a large number, then you multiply the result together to determine if the result is correct.

Another option is to send the remote system only the data it cares about. If the result is wrong, only that system('s user) cares and is the only one penalized. For example, if they need to answer a question correctly to earn money, and incorrect answers won't earn money, then they will want to get the right answer. If they fail to secure their system, they are harmed but not you.

If you are trying to hide a secret from the remote system but still want the remote system to operate on the secret, then you cannot send them the secret. You may be able to send them part of the secret, from which they are unable to reconstruct the original secret. There is a branch of cryptography related to operating on encrypted data. In theory, this would let you send data to a remote system, the remote system would operate on the data, and you would check the result. Last I heard, that's not really viable because you can only perform ne add/multiply operation on the data before you have to decrypt and re-encrypt. The crypto will be more expensive than the add/multiply operation and so doesn't help us with anything. Yet.