Developers
September 11, 2020

An Intro to Homomorphic Encryption: What It Is and Why It Matters

Homomorphic encryption is a game-changer in the world of data security.

Encryption is a fundamental part of today’s digital life. Web browsing, emails, messaging, online banking, databases, e-commerce, government communication, and much more are protected by one kind of encryption or another.

One of the most exciting developments in the world of encryption is homomorphic encryption. What is it? How does it work? Why is it important?

A Brief History of Encryption

Encryption, in some form or another, has been used for thousands of years. The earliest types of encryption were basic substitution ciphers, where letters were offset by a certain number of digits, or certain letters were substituted for others. In each case, there was a cipher that served as the key to decrypting the information.

In modern times, symmetric key encryption become the most popular form for some time. With this style of encryption, both the sender and the recipient needed to have the key that could decrypt the information. The Enigma Machine, used by the Germans in World War II, is a prime example of this kind of encryption.

One of the biggest breakthroughs in encryption came in form the form of public-key cryptography. With this method of encryption, a private and public key is generated and used together. The public key is uploaded for anyone to use to encrypt information. Meanwhile, only the recipient has the private key, and only the private key can decrypt information encrypted with the corresponding public key. Services such as PGP and GPG are based on this method.

With the rise of public-key cryptography, encryption was suddenly available in an accessible package for the masses. Anyone in the world could send encrypted information to anyone else, as long as they downloaded their public key first. To facilitate this, servers were set up to serve as public key repositories, making it easy to search for an individual and their public key.

The Issue With Standard Encryption

Despite the advances in the realm of encryption, there is still significant weakness in the process. While encryption can ensure the security of data in transit or while being stored, once it arrives at its destination, it still needs to be decrypted to be analyzed or manipulated.

This is especially an issue in cloud computing and enterprise situations, where data constantly resides on connected machines. Again, while data is encrypted when stored or being transmitted, decrypting that data to use it poses a constant risk, especially in these environments.

Homomorphic Encryption to the Rescue

To solve this problem researchers began working on a way to manipulate data without decrypting it. Dr. Craig Gentry is one of the pioneers in this field, specifically with his work on fully homomorphic encryption (FHE), the holy grail of homomorphic encryption that allows full manipulation of the data while keeping it secure.

At its core, homomorphic encryption is a form of public-key cryptography. Data is still encrypted with a public key. Once it is encrypted, only the individual, company, or organization holding the private key will be able to decrypt it. Even without the private key, however, calculations can be performed on the data, while still keeping it private and secure.

Using homomorphic encryption, you could encrypt three numbers and give the encrypted values to a third party, asking them to perform a calculation. For example, you could ask them to multiply the first two values and divide the result by the third value. The third-party would not know what the three initial values were, nor would they be able to decipher the result. Using your private key, however, you could decipher the result, confirming its accuracy based on the values you initially encrypted. Throughout the process, however, all of the data remained completely secure and private from the third party that was performing the calculations.

The possibilities for this kind of encryption are endless. High-security industries stand to benefit the most, however. Whether it be financial records, patient data, customer information, classified secrets, or other similar applications, homomorphic encryption stands to revolutionize how data is handled.

In announcing their Homomorphic Encryption Toolkit, IBM’s Flavio Bergamaschi highlighted some use cases:

“FHE holds significant promise for a number of use cases such as extracting value from private data; data set intersection; genomics analytics; oblivious queries (i.e. querying without revealing intent) and secure outsourcing.

”FHE is particularly suited to industries which are regulated and make use of private, confidential, and ‘crown jewel’ data, such as finance and healthcare since the technology can make it possible to share financial information or patient health records broadly while restricting access to all but the necessary data.

”For example, we recently published a paper with Brazil’s Banco Bradesco SA, where we homomorphically encrypted the data and the model and showed that it was possible to run predictions with the same accuracy as without encryption and with adequate performance. The result, banks can safely outsource the task of running predictions to an untrusted environment.”

The Takeaway

Needless to say, homomorphic encryption represents the single biggest advance in the field since public-key cryptography. Widespread adoption of this technology will address a long-standing weak point in modern encryption methods, and ensure the security and privacy of encrypted data.

TagsHomomorphic EncryptionStandard Encryption
Matt Milano
Technical Writer
Matt is a tech journalist and writer with a background in web and software development.

Related Articles

Back
DevelopersSeptember 11, 2020
An Intro to Homomorphic Encryption: What It Is and Why It Matters
Homomorphic encryption is a game-changer in the world of data security.

Encryption is a fundamental part of today’s digital life. Web browsing, emails, messaging, online banking, databases, e-commerce, government communication, and much more are protected by one kind of encryption or another.

One of the most exciting developments in the world of encryption is homomorphic encryption. What is it? How does it work? Why is it important?

A Brief History of Encryption

Encryption, in some form or another, has been used for thousands of years. The earliest types of encryption were basic substitution ciphers, where letters were offset by a certain number of digits, or certain letters were substituted for others. In each case, there was a cipher that served as the key to decrypting the information.

In modern times, symmetric key encryption become the most popular form for some time. With this style of encryption, both the sender and the recipient needed to have the key that could decrypt the information. The Enigma Machine, used by the Germans in World War II, is a prime example of this kind of encryption.

One of the biggest breakthroughs in encryption came in form the form of public-key cryptography. With this method of encryption, a private and public key is generated and used together. The public key is uploaded for anyone to use to encrypt information. Meanwhile, only the recipient has the private key, and only the private key can decrypt information encrypted with the corresponding public key. Services such as PGP and GPG are based on this method.

With the rise of public-key cryptography, encryption was suddenly available in an accessible package for the masses. Anyone in the world could send encrypted information to anyone else, as long as they downloaded their public key first. To facilitate this, servers were set up to serve as public key repositories, making it easy to search for an individual and their public key.

The Issue With Standard Encryption

Despite the advances in the realm of encryption, there is still significant weakness in the process. While encryption can ensure the security of data in transit or while being stored, once it arrives at its destination, it still needs to be decrypted to be analyzed or manipulated.

This is especially an issue in cloud computing and enterprise situations, where data constantly resides on connected machines. Again, while data is encrypted when stored or being transmitted, decrypting that data to use it poses a constant risk, especially in these environments.

Homomorphic Encryption to the Rescue

To solve this problem researchers began working on a way to manipulate data without decrypting it. Dr. Craig Gentry is one of the pioneers in this field, specifically with his work on fully homomorphic encryption (FHE), the holy grail of homomorphic encryption that allows full manipulation of the data while keeping it secure.

At its core, homomorphic encryption is a form of public-key cryptography. Data is still encrypted with a public key. Once it is encrypted, only the individual, company, or organization holding the private key will be able to decrypt it. Even without the private key, however, calculations can be performed on the data, while still keeping it private and secure.

Using homomorphic encryption, you could encrypt three numbers and give the encrypted values to a third party, asking them to perform a calculation. For example, you could ask them to multiply the first two values and divide the result by the third value. The third-party would not know what the three initial values were, nor would they be able to decipher the result. Using your private key, however, you could decipher the result, confirming its accuracy based on the values you initially encrypted. Throughout the process, however, all of the data remained completely secure and private from the third party that was performing the calculations.

The possibilities for this kind of encryption are endless. High-security industries stand to benefit the most, however. Whether it be financial records, patient data, customer information, classified secrets, or other similar applications, homomorphic encryption stands to revolutionize how data is handled.

In announcing their Homomorphic Encryption Toolkit, IBM’s Flavio Bergamaschi highlighted some use cases:

“FHE holds significant promise for a number of use cases such as extracting value from private data; data set intersection; genomics analytics; oblivious queries (i.e. querying without revealing intent) and secure outsourcing.

”FHE is particularly suited to industries which are regulated and make use of private, confidential, and ‘crown jewel’ data, such as finance and healthcare since the technology can make it possible to share financial information or patient health records broadly while restricting access to all but the necessary data.

”For example, we recently published a paper with Brazil’s Banco Bradesco SA, where we homomorphically encrypted the data and the model and showed that it was possible to run predictions with the same accuracy as without encryption and with adequate performance. The result, banks can safely outsource the task of running predictions to an untrusted environment.”

The Takeaway

Needless to say, homomorphic encryption represents the single biggest advance in the field since public-key cryptography. Widespread adoption of this technology will address a long-standing weak point in modern encryption methods, and ensure the security and privacy of encrypted data.

Homomorphic Encryption
Standard Encryption
About the author
Matt Milano -Technical Writer
Matt is a tech journalist and writer with a background in web and software development.

Related Articles