Home / Definitions / Homomorphic Encryption

Homomorphic Encryption

Jenna Phipps
Last Updated May 24, 2021 8:02 am

Homomorphic encryption allows computations to be performed on data in use while that data is still encrypted. It is particularly useful for processing sensitive data in highly regulated industries such as healthcare when that data may present privacy concerns.

Homomorphic comes from the algebraic term homomorphism, where computation on an item or set preserves the nature of that data: it is not changed and will have the same result because it is processed algebraically. Homomorphic encryption was first initiated in the 1970s but is still in the early stages of implementation. There are multiple types of homomorphic encryption, but fully homomorphic encryption is the most comprehensive solution.

Examples of sensitive data in use that require better encryption include communications software and document collaboration, user accounts, and data being processed in cloud environments. Typically, data in use has to be decrypted for processing at least once, if not multiple times. This makes it much more susceptible to malicious interception. Skilled hackers might steal bank login information, for example, during the brief window in which it’s decrypted and processed. Homomorphic encryption removes that possibility by keeping the information encrypted throughout the entire process. It uses algebraic algorithms so that the data ends the same as if it had been processed while decrypted. Lattice-based cryptography is one of the better known methods of homomorphic encryption; it uses lattices (complex mathematical equations) to encrypt information.

Despite its usefulness in protecting data, homomorphic encryption is not yet widely used. Because the algebraic processes take a significant amount of computing energy, homomorphic encryption is too slow for most large businesses to regularly implement. Though it’s a promising method for data security, it is still relatively new and will require more research and development before companies can use it efficiently.