What it is: Homomorphic Encryption is an encryption scheme that allows software to perform computations on encrypted data without having access to the unencrypted data. It can also be considered a safety measure when operating on encrypted data in the cloud.
What it does: The inventor of fully homomorphic encryption (FHE), IBM researcher Craig Gentry, likened the system to “one of those boxes with the gloves that are used to handle toxic chemicals.” Operations are performed inside the “encryption box” and data never leaves it.
Why it matters: When a client application needs to operate on encrypted data stored in the cloud, either the cloud server needs access to the secret key, leading to security problems, or the client must download, decrypt, operate, re-encrypt, and upload the data, causing logistical and performance problems that erode many of the advantages of cloud computing. If the cloud data is homomorphically encrypted, the client can operate on it without using a secret key and putting the information at risk.
What to do about it: While homomorphic encryption can technically be used with any data, its greatest impacts will be felt in the healthcare, financial, and AI sectors. Today, the technology is too slow and resource intensive for commercial viability. However, with the cloud becoming increasingly central to modern computing, homomorphic encryption will continue to evolve and eventually become a valuable encryption tool.
Since day one, IBM has led the way. With Gentry at the forefront of FHE research, the company has cemented itself as a key leader in the industry. Meanwhile, other companies have developed their own FHE implementations, mainly based on second generation designs. Microsoft, MIT, Raytheon, and others all have their own take on the technology.
A community standard for FHE is available through www.homomorphicencryption.org. Developers can access a list of open source FHE frameworks, RLWE documentation, and further resources.
Starting in 2011, researchers (including Gentry) began developing more efficient FHE systems. Several of these second-generation schemes still exist today and are mainly based on Ring Learning With Errors (RLWE), a difficult mathematical problem centered on high-dimensional lattices. They include systems like Brakerski-Gentry-Vaikuntanathan (BGV) Nth degree TRUncated polynomial ring (NTRU), Brakerski–Fan–Vercauteren (BFV), Lattice Crypto (CKKS), and more.
Finally, in 2013, Gentry and others developed an even more efficient FHE scheme that bypasses a “relinearization” step in the computing process. The third-generation advancement also helped make the scheme more secure.
Impact & Application
FHE will allow companies and individuals to securely store their data on the cloud and access it whenever necessary without putting it at risk. It will also allow third parties to operate on restricted data, for example, training an AI with individual healthcare records, without regulatory violations.
Many banks and insurance companies are using Inpher’s FHE-based Secret Computing Engine to analyse customer data without violating privacy concerns.
Homomorphic Encryption Standardization. http://homomorphicencryption.org/introduction/