“Is online data really secure?”
Anyone who understands how the internet works and its potential vulnerabilities must ask this question at least once daily. Data breaches are a major concern for businesses, software providers, governments, and individuals worldwide. It has to be, considering the average time to identify a data breach inside an organization is about 206 days. This is where homomorphic encryption finds its main use.
Let’s discuss what happens behind the scenes of cybersecurity. Here, we’ll unpack homomorphic encryption (HE), a cyber security approach to keeping data secure through encryption schemes even while it’s being processed.
Homomorphic encryption algorithms are an encryption method that allows computational calculations on the encrypted data in use before it’s decrypted. Traditional encryption requires decryption before any operations, but homomorphic encryption keeps your data secure through robust encryption schemes.
Examples of sensitive data in use that require better encryption include communications software and document collaboration, user accounts, and data being processed in cloud environments. Typically, data in use has to be decrypted for processing at least once, if not multiple times. This makes it much more susceptible to malicious interception.
Skilled hackers might steal bank login information, for example, during the brief window in which it’s decrypted and processed. Homomorphic encryption removes that possibility by keeping the information encrypted throughout the entire process.
So, how do we know when to use homomorphic encryption?
Consider a simple example to illustrate homomorphic encryption. Suppose Alice wants to share sensitive data with George so he can perform computations on it. Instead of sending the plaintext data, Alice encrypts it using homomorphic encryption schemes with her secret key.
George receives the encrypted data and performs the computations directly on this encrypted data. He then returns the encrypted result to Alice, who uses her secret key to decrypt it and get the final output. Throughout this process, Bob never has access to the raw data or the secret key, ensuring its confidentiality.
Homomorphic encryption schemes have been around for decades. The idea first took shape in 1978 when encryption functions known as privacy homomorphisms were first proposed. Cryptographer Craig Gentry developed the first applicable solution known as lattice-based cryptography, which is commonly thought of as first generation fully homomorphic encryption.
Let’s take a walk through homomorphic encryption schemes history to understand the technology behind encrypted or decrypted data.
In 1978, researchers came up with the idea of fully homomorphic encryption, but it took them over 30 years to figure it out. Early cryptosystems like RSA and ElGamal allowed unlimited modular multiplications, while schemes like Goldwasser-Micali and Benaloh enabled unbounded XOR operations and modular additions, respectively. Although these schemes made progress, they couldn’t support arbitrary computations fully.
In 2009, Craig Gentry made significant advancements in homomorphic encryption by introducing the first functional fully homomorphic encryption scheme, which used lattice-based cryptography. His approach started with a somewhat homomorphic encryption scheme capable of limited computations. Gentry introduced bootstrapping to refresh noisy ciphertexts, maintaining their usability for more operations.
His breakthrough allowed for theoretically infinite computations on encrypted data grounded in lattice problem complexity. However, early homomorphic encryption implementations were slow, taking about 30 minutes per bit operation.
From 2011 to 2012, researchers like Zvika Brakerski and Vinod Vaikuntanathan developed more efficient FHE schemes, such as Brakerski-Gentry-Vaikuntanathan (BGV) and Boldyreva-Fan-Vercauteren (BFV), all named after the researchers. These leveraged the Ring Learning With Errors (RLWE) problem for security.
Notably, BGV and BFV reduced noise growth during computations, enabling practical applications without constant bootstrapping. Innovations like packing multiple values into a single ciphertext further optimized performance, making these schemes and their encryption algorithms suitable for real-world uses.
In 2013, Craig Gentry, Amit Sahai, and Brent Waters presented a novel Fully Homomorphic Encryption (FHE) method that eliminated the expensive relinearization steps required for multiplications. Subsequent advancements led to efficient bootstrapping methods, exemplified by schemes like FHEW, an FHE library, and Totally Functional Homomorphic Encryption (TFHE). FHEW and TFHE allowed rapid refreshing of ciphertexts, improving processing speed for homomorphic operations.
In 2016, Cheon, Kim, Kim, and Song developed the CKKS scheme, named after its authors, supporting approximate fixed-point arithmetic. CKKS excelled in privacy-preserving machine learning applications due to its efficient rescaling operation, which managed noise without frequent bootstrapping. Despite introducing some approximation errors, CKKS became a preferred method for complex computations on encrypted data. Further research addressed potential vulnerabilities, enhancing the robustness of homomorphic encryption libraries.
These generations of fully homomorphic encryption schemes highlight momentous strides in making secure, practical computations on encrypted data feasible, transforming sensitive data processing and protection.
There are three categories of homomorphic encryption algorithms, which vary in terms of the complexity and extent of operations on encrypted data.
Partially homomorphic encryption offers a valuable balance between security and efficiency for applications requiring specific types of computations on encrypted data. While it lacks the flexibility of fully homomorphic encryption, its ability to perform unlimited operations of a single type makes it a practical choice for many real-world scenarios.
Somewhat Homomorphic Encryption offers more flexibility. It can handle addition and multiplication, but only up to a certain complexity. This makes SHE suitable for a wider range of calculations, but can’t handle overly intricate computations.
Fully Homomorphic Encryption is the ultimate power user of homomorphic encryption. It’s like having a supercomputer that performs any mathematical operation, addition, multiplication, and even more complex functions on encrypted data, and all without decryption. This makes FHE ideal for highly sensitive data analysis where complex calculations are required. However, this power comes at a cost—FHE is computationally expensive and requires more resources.
RSA was named after its inventors, Ronald Rivest, Adi Shamir, and Leonard Adleman.
Let’s explore industries where you might find a homomorphic encryption scheme in real life.
Supply chain security involves managing and protecting the data related to the production, shipment, and delivery of goods. Different entities exchange sensitive information in global supply chains, such as production details, shipment schedules, and supplier data.
A homomorphic encryption system allows companies to process sensitive supply chain data without exposing it. It achieves this by transforming it into encrypted data instead. This means that the data remains secure in the event of an interception during transmission. HE ensures only allowed parties can access and compute the data, maintaining the confidentiality and integrity of sensitive supply chain information.
At the SAP TechEd event, Axel Schroepfer from the SAP Innovation Center Network shared a homomorphic encryption example that safeguards shared information with partners across a hyperconnected supply chain.
Many industries, such as healthcare and finance, are subject to strict data privacy and security regulations. Compliance with regulations like GDPR, HIPAA, and PCI DSS requires robust methods for protecting sensitive information, like homomorphic encryption.
Healthcare providers can encrypt patient data and outsource analysis to third-party vendors. The vendor can perform computations like fraud detection or trend analysis on the encrypted data without ever decrypting it, ensuring patient privacy while fulfilling regulatory requirements.
Find out more about health care monitoring using a homomorphic encryption schemes, as explored on ResearchGate.
Businesses often possess valuable data that can be used for analytics but may be hesitant to share because of privacy concerns. Such limitations may hinder collaborative data analysis across companies.
Companies can encrypt their datasets and participate in joint analysis projects. Using homomorphic encryption, secure computations can be performed on the combined encrypted data, allowing for insights without revealing the underlying information from each company.
A study on the secure learning of classification outcomes over encrypted data leverages homomorphic encryption as the fundamental building block to enable secure learning of classification outcomes over encrypted data, all while preserving the privacy of the input data and the machine learning model.
Several encryption schemes support homomorphic encryption, each with unique characteristics and applications. These schemes include:
RSA is one of the earliest and most widely used encryption algorithms. It is primarily known for securing online communications. RSA is a public-key encryption scheme, meaning it uses two keys: a public key for encryption and a private key for decryption.
RSA supports a form of multiplicative homomorphism. This means that the product of two ciphertexts corresponds to the product of their plaintexts once decrypted.
ElGamal is another early homomorphic encryption scheme introduced by Taher ElGamal in 1985. It is also a public-key encryption system widely used in various cryptographic protocols. ElGamal supports multiplicative homomorphism. Specifically, the product of two ElGamal ciphertexts decrypts to the product of their corresponding plaintexts.
The Paillier cryptosystem, introduced by Pascal Paillier in 1999, is a public-key encryption scheme known for its additive homomorphic properties. Unlike RSA and ElGamal, which focus on multiplicative operations, Paillier enables secure additions of encrypted values. Paillier supports additive homomorphism, allowing the sum of plaintexts to be derived from the product of their ciphertexts.
Each scheme offers distinct advantages based on the type of homomorphic operations it supports, catering to various needs in secure data processing.
While homomorphic encryption offers significant benefits, it also has limitations:
The future of homomorphic encryption is promising, with ongoing research and advancements aimed at overcoming its current limitations. Potential developments include:
As these advancements continue, homomorphic encryption will change how we approach data security and privacy. These changes will allow us to store encrypted data and share it securely. An advancement in homomorphic encryption offers the possibility of secure and private computations in our increasingly digital society.
As more of our life goes online, both individuals and businesses need to give careful consideration to how that data can be recorded and used without being shared. HFE is just one way of achieving this, with a host of other solutions, such as zero-knowledge proofs, also providing a solution.
Cryptography is a space worth keeping an eye on, whether you’re a business or a regular person, because it is quietly deciding how our personal data will be managed in the future – and our abililty to remain private. So keep reading and make sure you’re up to date. It’s your data in the balance.