Homomorphic Encryption: A next chapter in Encryption

Disclaimer: I am not associated with any of the foundations or firms mentioned below. There was no compensation received to write on this topic.

Background

Traditionally Encryption has always been slow and lazy. You cannot analyze data and use computation without first every decrypting it. This is inefficiency and does not provide enough utility when it comes to processing encrypted information.

Even in the cloud era, to be able to?compute data, we had always relied on unencrypted access to customer data. Homomorphic encryption aims to solves this.

Encryption Revolution

Homomorphic Encryption, a ground breaking technology allows to compute while still encrypted, without the need to decrypt.

It is a revolutionary idea technologically, since this allow for trust and opportunity to outsource computation securely that never existed.

This will allow for solutions to be end to end encrypted, securely stored and at the same time conduct massive analysis on the data without ever disclosing the encrypted data.

Image source: https://homomorphicencryption.org/

So who can view the real data? Only the DATA OWNER. No one else can.

Adoption

This is a paradigm shift for cloud providers because this will enable more trust for users uploading sensitive data to cloud. Big cloud players are already trying their hand to come up with their own open source versions of this technology.

Microsoft’s SEAL, AWS’s Additively Homomorphic Encryption along with XGBoost, Google’s Fully Homomorphic Encryption (FHE) and IBM’s HE services are great initiatives to observe

Use cases

Analytics – conduct analysis without exposing data

AI and Machine Learning – train models without ever exposing the unencrypted data to machine learning

Search – conduct two dimensional searches without revealing intent and search content

Identity and Biometrics - provide authentication without revealing identifiable or biometric information

PALISADE

There are many implementations that attempt for HE (or FHE or other forms of HE). PALISADE is an important implementation to take note.

PALISADE supports different ciphertext (an encrypted text or data) encryption protocol implementations and more.

• Brakerski/Fan-Vercauteren (BFV) scheme?for integer arithmetic with?RNS (Residue Number Systems)?optimizations
• Brakerski-Gentry-Vaikuntanathan (BGV) scheme?for integer arithmetic with?RNS optimizations
• Cheon-Kim-Kim-Song (CKKS) scheme?for real-number arithmetic with?RNS optimizations
• Ducas-Micciancio (FHEW) scheme?for Boolean circuit evaluation with optimizations
• Chillotti-Gama-Georgieva-Izabachene (TFHE) scheme for Boolean circuit evaluation with extensions

These are different ciphertext encryption protocols and mechanisms that have evolved. The library is written in C++, PALISADE aims to support more encryption protocols and provide mechanism to efficiently compute over the underlying data. With PALISADE you could also extend the capabilities of the library and mechanisms. You can read more about PALISADE here.

The Homomorphic Encryption is also an evolving standard. One other important aspect to note is the concept of RLWE (Ring Learning With Errors).

RLWE: Ring Learning With Errors

RLWE developed to provide basis for Homomorphic Encryption is a foundation for new cryptographic algorithms to protect unsecured data analysis or more specifically cryptanalysis by quantum computers.

Image source: https://en.wikipedia.org/wiki/Homomorphic_encryption

Next steps

Homomorphic Encryption is an exciting, evolving and breakthrough technology, has immense potential for adoption. The computing trust can be established, the cost of computation will see a reduction as we have seen over the last decade the storage has become cheap and computation is still expensive. This will allow for more trusted ways of using managed services both in the cloud and distributed formats. There could be locally deployed models too for limited and organizational exposure. The use cases are endless, exciting and evolving at the same time :)

Question for you: What do you think would be the greatest challenge in data security? And what are your thoughts on Homomorphic Encryption?

Chime in below.

Thanks for reading.

Peace :)

Vijayan Swaminathan

---------------------------------------------------------------------------------------------------------------

References on Homomorphic Encryption:

Homomorphic Encryption: https://homomorphicencryption.org/introduction/

PALISADE: https://palisade-crypto.org/software-library/

RNS IEEE: https://ieeexplore.ieee.org/document/7330131

RLWE Wiki: https://en.wikipedia.org/wiki/Ring_learning_with_errors

IBM Quantum computing: https://www.ibm.com/quantum-computing/what-is-quantum-computing/

Microsoft SEAL: https://www.microsoft.com/en-us/research/project/microsoft-seal/

Microsoft SEAL Github: https://github.com/Microsoft/SEAL

AWS HE: https://www.amazon.science/blog/machine-learning-models-that-act-on-encrypted-data

AWS XGBoost: https://github.com/awslabs/privacy-preserving-xgboost-inference

IBM HE service: https://www.ibm.com/security/services/homomorphic-encryption

IBM HE on Mac and iOS: https://www.infoq.com/news/2020/06/ibm-fully-homomorphic-encryption/

Google Encryption at rest: https://cloud.google.com/security/encryption/default-encryption

Google FHE: https://github.com/google/fully-homomorphic-encryption