What is Homomorphic Encryption?
Ever had your bags sniffed at an international airport by a dog working for the customs or narcotics agencies? These dogs are trained to detect potentially dangerous substances in your bags with absolutely no invasion of your privacy.
The dog at the airport does not get to see what is in your bag but is still able to process the contents of your bag. Think of homomorphic encryption along those lines. Homomorphic encryption enables the analysis of encrypted data without exposing the unencrypted data to the systems, environments or people who process the data. It is, in essence, a cryptographic method that allows mathematical operations on data to be carried out on cipher text, instead of on the actual data itself.
Why do we need it?
Fully homomorphic encryption enables private queries to a search engine – the user submits an encrypted query, and the search engine computes a succinct encrypted answer without ever looking at the query in the clear.Craig Gentry
Data use and data privacy come into conflict in highly regulated industries, such as health care when organizations want to derive value from data by building analytics and machine learning models. When access to data is inhibited by privacy concerns (rightly so), it stifles the mining of value from data. Most of us would agree that preventing search engines from getting to know too much about our personal choices is a good thing. It can be annoying when social media presents us with commercial products that we have been looking up on our internet browsers. One way they can do that is by tracking our search keywords and patterns. Craig Gentry in his thesis “A fully homomorphic encryption scheme” notes that such sniffing of our searches can be prevented by encrypting search strings with homomorphic encryption – “the user submits an encrypted query, and the search engine computes a succinct encrypted answer without ever looking at the query in the clear”.
The fields of science and research could hugely benefit from the value that can be derived from personal data. Such as from health records which is vital to be able to build models that detect early symptoms of fatal human disease and conditions. What if we can protect the sensitive details of the actual data, but still, enable it to be analyzed and processed. This is exactly what homomorphic encryption enables. It offers a potential solution to organizations that need to process data without jeopardizing privacy and security policies that apply to the data. The principal benefit of homomorphic encryption is that it allows computation on encrypted data. Data can remain confidential as it is processed, even when on untrusted environments. In a world of hybrid clouds and machine learning as a service (MLaaS) this is a tremendously valuable capability.
How does it work?
Homomorphic cryptosystem works like other forms of encryption in that it uses a private key and public key to encrypt/unencrypt data. However, what sets it apart from other forms of encryption is that it uses an algebraic system to accomplish computations on the encrypted data.
In algebra, a homomorphism is a structure-preserving map between two algebraic structures of the same type, such as two rings, or two vector spaces. A homomorphic encryption scheme retains the structure of the data between when it is encrypted or decrypted. Therefore, identical mathematical operations on encrypted or decrypted data will result in equivalent results and analytics can be carried out on encrypted data as though it is in plaintext format
Homomorphic Encryption – For Dummies
The following is an easy to digest illustration to help understand how a homomorphic encryption scheme works.
- A bank has a secret data set that consists of the numbers 10 and 20.
- To encrypt the secret data set, the bank multiplies each element in the set by 2, creating a new data set with the members are 20 and 40.
- The bank sends the encrypted set to a cloud provider for storage and analytics
- A financial regulator requests the bank to provide a sum of secret data elements.
- The bank asks its cloud provider to perform the operation
- The cloud provider, who only has access to the encrypted data set, finds the sum of 20 + 40 and returns the result, i.e. 60 to the bank.
Note: At no point during the analytics operation (summing of the two numbers) does the cloud provider get to see the secret data. The cloud provider only ever operates on the encrypted data set. The analytics operation was possible because the data encrypted using homomorphic encryption.
- The bank takes the result (i.e., 60) from the cloud provider and decrypts it.
- The bank provided the financial regulator with the decrypted result, i.e. 30.
Types of Homomorphic Encryption
There are three main types of homomorphic encryption
Partially Homomorphic Encryption (PHE)
PHE keeps sensitive data secure by only allowing select mathematical functions to be performed on encrypted data. PHE only allows one mathematical operation, (addition or multiplication) to be performed an unlimited number of times on the ciphertext. This pattern is similar to RSA encryption which uses multiplicative operations.
Somewhat Homomorphic Encryption (SHE)
SHE supports limited operations (either addition or multiplication) that can be performed only a set number of times.
Fully Homomorphic Encryption (FHE)
FHE is the gold standard of homomorphic encryption. However, it is still in the development stage. FHE, when implemented, will be capable of using both addition and multiplication operations any number of times, thereby allowing for arbitrary computations on ciphertexts. FHE will enable the use of encrypted data by using a public key to perform operations on the data and hence will not need access to the encryption key.
Challenge and Benefit
The biggest challenge with homomorphic encryption is that it is still relatively slow in processing speeds. A trait that currently prevents its widescale adoption. On the benefit side, however, unlike most other encryption models that are in use today, it is not vulnerable to the threat posed by quantum computers which if ever build will be able to break today’s encryption algorithms.
Final Thoughts
Homomorphic encryption will hugely benefit cloud computing patterns by enabling companies to publish and store encrypted data on a public cloud and leverage a cloud provider’s computation power for data analytic services, such as building resource-intensive machine learning models. Another area of significant promise is querying without revealing intent (i.e. oblivious queries). The most exciting aspect of homomorphic technology is how it enables analytics to be carried out on protected data by offering a way to enforce data privacy but still allowing detailed analytics to be carried out on data.