Proof of Encryption: Enforcement of Security Service Level Agreement for Encryption Outsourcing

dWith the popularity of cloud and edge computing, various types of service level agreement (SLA) are used to enforce the amount of resources that service providers commit to end users. However, the security SLAs (SSLA) are usually hard to verify since their execution results are related to the intensity and frequency of cyber attacks. In this paper, we investigate the proof of encryption problem. Restricted by available resources and hardware capabilities, some end users need to outsource the strong encryption operations of data to external service providers. Verification of the correct execution of encryption is a problem since it is directly related to data safety. We first define the expected properties of the Proof of Encryption (PoE) mechanisms. We propose two mechanisms based on whether or not the service requester is aware of the encryption key. They allow an end user to verify that corresponding encryption algorithm and key strength are honored. We describe the details of the verification procedures. Simulation and experiments show that our approaches can detect a dishonest service provider with high probability.