Homomorphic encryption definition
What do you do when you need to perform computations on large data sets while preserving their confidentiality? In other words, you would like to gather analytics, for example, on user data, without revealing the contents to the computation engine that is going to calculate the analytics. Or you are a cloud services provider supporting encrypted storage of documents but want to enable your users to edit their documents without decrypting them first.
This is where homomorphic encryption could come to your rescue. Homomorphic encryption provides the ability to “outsource” the storage and computation of data to cloud environments by converting the data into an encrypted form first.
What’s noteworthy about this technique is you achieve the same results (in encrypted form) by performing the desired operations and computations on the encrypted data as you would have by performing the same operations on its unencrypted form.
“Homomorphic encryption differs from typical encryption methods in that it allows computation to be performed directly on encrypted data without requiring access to a secret key. The result of such a computation remains in encrypted form, and can at a later point be revealed by the owner of the secret key,” according to Homomorphic Encryption Standardization, the industry standards consortium that maintains the “official” standards, guidance and information on developments in the area. This allows the use of the same computational analysis solutions without compromising the confidentiality of the data at any stage.
The idea of designing such cipher suites was largely experimental and proposed in the late 1970s. It took three decades for a first practical concept to be devised in 2009, by Craig Gentry.
What’s different about homomorphic encryption
When you think of cryptography in an industry standard context, such as HTTPS (made possible by SSL/TLS) or end-to-end chat messaging, you assume all cryptography is inherently secure and guarantees confidentiality and integrity. This is one stark difference that sets homomorphic encryption apart from typical cryptosystems.
For homomorphic encryption to work, its cipher suites are designed to be malleable which means they cannot guarantee the integrity of data. This is not a flaw, but an intended feature that makes it easier to operate on encrypted data.
Malleability is a property of cryptographic algorithms that allow transformation of an encrypted text into another valid encrypted text that changes the meaning of the original text. Moreover, the user transforming the data wouldn’t even need to know or deduce what the original unencrypted data was.
Put simply, if I sent an encrypted email to CSO’s editor stating, “CSO is awesome,” a man-in-the-middle (MitM) attacker who can steal this encrypted text but doesn’t know what it means could potentially transform it into another encrypted string, which when the editor decrypts it reads, “I hate CSO!”
Of course, practical email encryption systems have countermeasures in place to protect the integrity of the data and make this scenario virtually impossible, provided no vulnerabilities are in the algorithms or their implementation.
For example, the RSA cryptosystem, which is partially homomorphic, uses what’s known as a “padding” function to minimize the impact of malleability. Further, message authentication checksums (e.g., MD5 or SHA hashes) help validate data integrity.
This is not so much a cause for concern as the confidentiality of data would not be impacted by malleability. The concern arises when, say, the computational engine working on encrypted data introduces an error in the data or the encrypted result due to a flawed algorithm. The nature of homomorphic encryption could make it particularly hard to discover these errors.
Types of homomorphic encryption
All data is numbers (computers work in binary). Cryptography, being a mathematical branch, works directly with numbers. This means, encryption and decryption are nothing but a complex play of operations on numbers.
There are three types of homomorphic encryption:
- Partially homomorphic encryption (PHE) enables only one type of mathematical operation (such as multiplication) on a given data set for an unlimited number of times.
- Somewhat homomorphic encryption (SHE) is more permissive yet still restrictive, allowing for both addition and multiplication on a given data set only a few times.
- Fully homomorphic encryption (FHE) is the best of all worlds, allowing different types of operations on data for unlimited times, but with a significant performance tradeoff.
Each approach leans toward offering either performance, utility or protection, with FHE being highly intensive and currently inefficient (and therefore offering poor performance in a real-world scenario).
The current homomorphic encryption developments are a constant balancing act among the three to achieve an optimal solution. Once unlocked, the potential of FHE will bring forward ground-breaking possibilities, such as the ability for a cloud operator to perform various mathematical operations on encrypted data.
Homomorphic encryption use cases
Regulated and privacy-centric industries
Storing data and personally identifiable information (PII) in highly regulated industries such as healthcare, finance, law, and banking is a challenge. Encrypted storage is a security measure such industries implement, but a further challenge arises when they must decrypt the user data first to derive insights from it.
For example, deriving predictive analytics, which uses machine learning, from patient case files can help doctors identify cures to diseases. With homomorphic encryption, the need to decrypt patient files first would dissipate. The analytical algorithms could be tailored to work on encrypted patient data and produce results also in an encrypted form. This result when decrypted would provide the same insights that would have come from unencrypted patient files.
This use case extends to online advertising as well. With increasing restrictions being put by legislation like GDPR, offering personalized ads while protecting the privacy of users is a challenge. Homomorphic encryption allows you to derive analytics and insights from encrypted user data without compromising confidentiality of user information in the process.
Outsourced cloud storage
Outsourcing data storage may be a cost-effective strategy when it comes to reducing personnel costs and eliminating headaches associated with the maintenance of a full-fledged secure data center. Furthermore, sometimes projects may need to outsource databases across borders because not enough legal protections are available in their own jurisdiction. As a real-world example consider WikiLeaks, a non-profit activist organization hosting its primary servers in Sweden.
Encryption solves the data storage problem, but adding to or modify encrypted data in its encrypted form is a problem homomorphic encryption can address. To add substance, this can squash the possibility of incidents such as when a former Google engineer had misused privileges to stalk some of the platform’s users.
With homomorphic encryption, data is stored securely in the cloud while allowing the ability to calculate and search encrypted information. In an ideal environment, only the user who owns the data in the cloud would have the ability to decrypt the data and the results of homomorphic encryption.
If you want to experiment with the technology, the Homomorphic Encryption Standardization website provides many open-source implementations of homomorphic encryption. Microsoft SEAL provides, “encryption libraries that allow computations to be performed directly on encrypted data” for aiding developers in building end-to-end encrypted data storage and computation services.
Copyright © 2020 IDG Communications, Inc.