Architectural Framework for an Enhanced Multi-Party Fully Homomorphic Encryption Scheme

The Common Vulnerability Scoring System (CVSS) depends on reliable vulnerability data from expert, but the current process of vulnerability score generation and transmission remain exposed to data manipulation and interception. Existing research work used supervised machine learning to automate CVSS scoring with up to 90% accuracy, but their plaintext-based approach lacked cryptographic protections, leaving it vulnerable to Man-in-the-Middle (MitM) attacks. Another research work introduced a homomorphic encryption-based framework that preserves data confidentiality during computation and offers moderate performance gains. However, their dependance on a single trusted aggregator, static key management, and absence of dynamic integrity threshold mechanisms left the system exposed if the aggregator’s key or channel were compromised. An architectural framework for an Enhanced Multi-Party Fully Homomorphic Encryption Scheme (EMHES) was designed to combat Man-in-the-Middle (MitM) attacks targeting Vulnerability Score manipulation. By employing Homomorphic Encryption, the framework enables computations on encrypted vulnerability scores, ensuring confidentiality throughout their lifecycle. Key enhancements include integrating digital signatures to authenticate classified scores before encrypted transmission to cloud environments and verify the integrity of decrypted results post-processing. Digital signatures and regulatory oversight significantly strengthen security properties like non-repudiation, integrity, and confidentiality for cloud-based data computations. The EMHES architecture features a secure transmission channel with multiple security layers within the cloud service provider infrastructure. Additional security mechanisms include secure key management protocols, zero-knowledge proofs for integrity verification, and a resilient secure aggregation protocol designed to counter MitM attacks. From a computational analysis, baseline algorithms exhibit constant time complexity O(1), while the EMHES architecture operates with linear time complexity O(n). The result shows that EMHES provides superior security, integrity and performance on large datasets.