Security-Performance Optimization in Cloud-Based Bank Data Processing Using HE-ZKP-ORAM

Tuan Nguyen Kim; Nguyen Minh Nhut Pham

doi:10.48084/etasr.16654

Authors

Tuan Nguyen Kim Phenikaa School of Computing, Phenikaa University, Duong Noi, Hanoi, Vietnam
Nguyen Minh Nhut Pham Vietnam-Korea University of Information Technology, Da Nang University, Vietnam

Volume: 16 | Issue: 2 | Pages: 33760-33765 | April 2026 | https://doi.org/10.48084/etasr.16654

Received: 2 December 2025 | Revised: 30 December 2025, 20 January 2026, and 10 February 2026 | Accepted: 13 February 2026 | Online: 4 April 2026

Corresponding author: Tuan Nguyen Kim

Abstract

In the context of banking systems increasingly relying on cloud computing platforms, protecting sensitive data while maintaining processing performance is a major challenge. This paper presents and evaluates a cloud banking data processing model that integrates Homomorphic Encryption (HE), Zero-Knowledge Proof (ZKP), and the ORAM protocol to achieve a balance between security and performance. Experiments were conducted on a real Bank Marketing (UCI) dataset with 5000 records, using DSL query operations to calculate the average balance, count high-balance customers, total call duration, and savings deposit acceptance rate. The results show that the combination of HE, ZKP, and ORAM significantly improves security but increases computational cost; however, a suitable configuration can significantly reduce latency while still meeting security requirements. A detailed analysis of the security-performance trade-off provides an important empirical basis for implementing banking data security solutions in the cloud.

Keywords:

homomorphic encryption, privacy-preserving computation, secure cloud computing architecture, data security, computation on encrypted data

Downloads

Download data is not yet available.

References

Y. Xie, R. Huang, and J. Qiu, "Verifiable Threshold Multi-Party Fully Homomorphic Encryption from Share Resharing," Applied Sciences, vol. 15, no. 9, Apr. 2025. DOI: https://doi.org/10.3390/app15094745

G. K. Mahato and S. K. Chakraborty, "A fast verifiable fully homomorphic encryption technique for secret computation on cloud data," International Journal of Information Technology, vol. 17, no. 4, pp. 2193–2207, May 2025. DOI: https://doi.org/10.1007/s41870-024-01994-9

D. Zhao, "Silca: Singular Caching of Homomorphic Encryption for Outsourced Databases in Cloud Computing." arXiv, June 26, 2023.

P. R. S. Moro, "Bank Marketing." UCI Machine Learning Repository, 2014.

M. Iezzi, "Practical Privacy-Preserving Data Science With Homomorphic Encryption: An Overview," in 2020 IEEE International Conference on Big Data (Big Data), Atlanta, GA, USA, Sept. 2020, pp. 3979–3988. DOI: https://doi.org/10.1109/BigData50022.2020.9377989

C. Gentry, "Fully homomorphic encryption using ideal lattices," in Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, Feb. 2009, pp. 169–178. DOI: https://doi.org/10.1145/1536414.1536440

J. H. Cheon, A. Kim, M. Kim, and Y. Song, "Homomorphic Encryption for Arithmetic of Approximate Numbers," in Advances in Cryptology – ASIACRYPT 2017, 2017, pp. 409–437. DOI: https://doi.org/10.1007/978-3-319-70694-8_15

M. A. Junior, P. Appiahene, O. Appiah, and K. Adu, "Cloud data privacy protection with homomorphic algorithm: a systematic literature review," Journal of Cloud Computing, vol. 14, no. 1, Nov. 2025, Art. no. 84. DOI: https://doi.org/10.1186/s13677-025-00774-5

S. Goldwasser, S. Micali, and C. Rackoff, "The knowledge complexity of interactive proof-systems," in Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali, Association for Computing Machinery, 2019, pp. 203–225.

E. Ben-Sasson, A. Chiesa, D. Genkin, E. Tromer, and M. Virza, "SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge," in Advances in Cryptology – CRYPTO 2013, Santa Barbara, CA, USA, 2013, pp. 90–108. DOI: https://doi.org/10.1007/978-3-642-40084-1_6

B. Parno, J. Howell, C. Gentry, and M. Raykova, "Pinocchio: Nearly Practical Verifiable Computation," in 2013 IEEE Symposium on Security and Privacy, May 2013, pp. 238–252. DOI: https://doi.org/10.1109/SP.2013.47

O. Goldreich and R. Ostrovsky, "Software protection and simulation on oblivious RAMs," J. ACM, vol. 43, no. 3, pp. 431–473, Feb. 1996. DOI: https://doi.org/10.1145/233551.233553

E. Stefanov et al., "Path ORAM: An Extremely Simple Oblivious RAM Protocol," Journal of the ACM, vol. 65, no. 4, Dec. 2018, Art. no. 18. DOI: https://doi.org/10.1145/3177872

H. Dai, Y. Ji, G. Yang, H. Huang, and X. Yi, "A Privacy-Preserving Multi-Keyword Ranked Search Over Encrypted Data in Hybrid Clouds," IEEE Access, vol. 8, pp. 4895–4907, 2020. DOI: https://doi.org/10.1109/ACCESS.2019.2963096

R. Patil and G. HimaBindu, "CuLOA-based Data Encryption with Tuned Key for Privacy Preservation in the Cloud," Engineering, Technology & Applied Science Research, vol. 15, no. 1, pp. 19546–19552, Feb. 2025. DOI: https://doi.org/10.48084/etasr.8523

B. Parno, J. Howell, C. Gentry, and M. Raykova, "Pinocchio: nearly practical verifiable computation," Communications of the ACM, vol. 59, no. 2, pp. 103–112, Jan. 2016. DOI: https://doi.org/10.1145/2856449

R. Buhren, S. Gueron, J. Nordholz, J. P. Seifert, and J. Vetter, "Fault Attacks on Encrypted General Purpose Compute Platforms," in Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, Nov. 2017, pp. 197–204. DOI: https://doi.org/10.1145/3029806.3029836