We live in a world where the focus on privacy is increasing day-by-day. The importance of encryption techniques is expanding to protect both data at rest and data in transit. However, what if we tell you that just password protection for data while stored and SSL protection, while it is in transit, is not enough? What if we advise you that the world needs a new encryption technique to achieve end-to-end encryption? Whether you believe it or not, it is true. And a new encryption technique has also been developed to serve that purpose. That technique is known as Homomorphic Encryption, and in this article, we are going to explain it for you in detail. Without taking any more time, let us jump straight into it to understand what we are saying.
What is Homomorphic Encryption?
We know very well the importance of encryption in securing sensitive data. That is why we keep it encrypted while it is stored (data at rest), and also while it’s being sent from one device to another (data in transit). At least all enterprises conscious about the security of their customers do that. And most of the time, it also works well, because modern encryption standards are virtually unbreakable. They require a tremendous amount of processing power and time to be broken through trial-and-error based attacks (i.e., brute-forcing) which is not feasible for anyone in today’s era.
However, there is a limitation of all encryption systems: you can not work on encrypted data! If you want to perform some sort of computations on it, you must decrypt it first. And when you have decrypted it, that’s the moment when someone can steal it. That someone may be one of your employees or any other hacker from outside your organization who has managed to infect somehow your systems that process the decrypted data.
That is the problem Homomorphic Encryption aims to solve. It allows you to work on data without decrypting it first, thereby eliminating the chance of data theft. The computations, whatever they are performed on the encrypted ciphertext itself, and an encrypted result, is produced. The result, when decrypted, will provide the same values that you would have received if you performed the computations on decrypted plain text data.
Sounds fascinating, right? You may be wondering, how is it possible, and how can any form of encryption achieve that? Well, that is what you’ll learn in the next few sections.
The Origins of Homomorphic Cryptosystems
The history of Homomorphic Cryptosystems dates to the end of the last decade. In 2010 Craig Gentry, a graduate student supported by the National Science Foundation of United States, proposed a new method of encrypting data that is today known as Fully Homomorphic Encryption or FHE. While his initial scheme was a somewhat homomorphic encryption scheme, as it allowed only addition and multiplication operations to be performed on ciphertext, it was possible to construct circuits based on it that could perform any arbitrary computations, thereby resulting in a Fully Homomorphic Encryption scheme. That scheme is known as First Generation FHE.
Since then, the research and development of FHE are ongoing, and two more generations of FHE have been developed under Gentry’s guidance. The second-generation FHE came in 2012 and third-generation FHE in 2013, which was further improved in 2014 with the release of the FHEW scheme and in 2016 with the TFHE scheme.
Types of Homomorphic Encryption and How it Works?
Homomorphic Encryption or HE, as it’s popularly known – comes in multiple types. And all of those types function slightly differently. However, the basic method of their function is the same: they use an arithmetic circuit for performing computations instead of a boolean course, which is used in other computing methods. Using an arithmetic circuit allows the data to be presented in an integer format instead of the plain text format. And then, the computations are performed on those integers. That way, your employees can work on it without knowing about the actual content of data. You’ll understand this better when we’ll explain how three different types of Homomorphic Encryption work, so let’s dive into those details now:
1. Partially Homomorphic Encryption
This type of Homomorphic Encryption allows certain mathematical functions (i.e., addition, multiplication, etc.) to be performed without decrypting the data, while for other functions, you need to decrypt it.
2. Somewhat Homomorphic Encryption
This type of encryption allows certain mathematical functions to be performed unlimited times on the encrypted data. In contrast, other functions can be performed only a fixed number of times, or up to a certain level of complexity.
3. Fully Homomorphic Encryption
As its name suggests, this type of encryption allows all functions to be performed unlimited times and up to any level of complexity without requiring the decryption of data. It is the most secure type of Homomorphic Encryption that you can get today.
With this in mind, now let’s take a little more detailed look at Fully Homomorphic Encryption (FHE).
What is Fully Homomorphic Encryption?
We already explained what fully homomorphic encryption is concise. Now let’s understand it with the help of an example. Suppose you run a company that lends money based on people’s credit history and financial standing. You need to check their income during a fiscal year and their credit score to determine whether they will be able to repay the loan or not. So, you extract their credit score from the credit bureau and ask them to submit their Income Tax Returns for the last financial year to make a decision. They bring you the data in an encrypted format, and you also store it on your systems in an encrypted form.
So far, so good. But when you need to analyse their financial standing, the data will have to be decrypted. And you don’t want to trust your employees with something as sensitive as financial data of your customers. You fear that they may leak it to your competitors, who may then use the data to steal your customers. So what do you do? Here is the solution:
- You extract the income of your customer and the credit score in a Homomorphically encrypted format.
- You extract the total amount of their existing loans in similarly encrypted form.
- You send this encrypted data to your employees for processing. They run it through the loan eligibility formulas and algorithms of your company. The algorithm does its job and generates a score in the predetermined range set by you. The resulting score (which is a homomorphically encrypted result because of similarly encrypted inputs), is sent by your employees to you.
- You decrypt the result through your private key and find out whether the score generated by your algorithms found someone eligible or not eligible for the loan.
During the entire process, your employees do not know whose data it was, what were the exact income, credit score and the loan history of the individual, and what was the outcome of computations performed by the algorithm. Only you know that thereby eliminating all chances of data theft.
By now, you might have started understanding the potential of this revolutionary encryption method. Now let us explore some areas where this potential can be put to use.
Applications of Fully Homomorphic Encryption
FHE can turn out to be a game-changer for several applications in the computing industry. Some of its possible applications include:
Storing sensitive data in the cloud
Many times, companies store their data in cloud environments to preserve their precious resources. However, the security of cloud servers in the business of someone else. You can’t do much about it – or it seems so, until now. However, homomorphic encryption can change that by allowing you to save data encrypted by you to the Cloud. And you’ll still be able to search for it or perform other functions on it, without having to decrypt it first.
Banks and other financial institutions
Banks are other financial institutions that also save and process a lot of sensitive data daily. If their employees can do whatever they want to do with the data without having to uncover your financial information first necessarily, then it can be a game-changing situation for the whole financial industry. For instance, an employee of the bank may be able to determine whether you qualify for a loan or not without going through your sensitive financial information like your bank account number or the amount of money that’s available in your account.
Homomorphic encryption can also significantly improve the voting procedures of significant democracies worldwide. Researchers are working on that, and special encryption schemes (i.e., Paillier scheme) have been designed to implement Homomorphic Encryption in the electronic voting systems.
These are just 3 of the many possible scenarios where FHE can be applied to improve the security of data significantly. As more and more development takes place in this technology, more use cases will also emerge.
Limitations of Fully Homomorphic Encryption
You may be wondering, if FHE is so good, then why is it not being used by every organization around the globe? Why is it not the default method of encryption? Well, there are always two sides to the coin. FHE is good, but it has two severe limitations, which you can see below:
The first limitation with FHE is that it’s quite slow. It’s so quiet at the moment that it can’t be put to any practical use. The computational overhead of FHE is enormous at the moment, which refers to the time consumed while performing computations on encrypted version vs. decrypted version of data. To make FHE mainstream IBM had released the first version of its HElib C++ library back in 2016, but reports suggest that it ran 100 trillion times slower than the computations done on plain text. If something like this is put to use in complex business environments, the computing power on the face of the earth will fall short of satisfying its requirements.
Limited support for multiple users
The second shortcoming of FHE is limited support for multiple users. It’s worth noting that all FHE cryptosystems work by establishing a database that is used for computation as well as decryption of computed results. The security of the database is dependent on the security of this database because if someone can access this database, then they can also find out the decrypted plain text result of any computation. Now, one way for the provider of the Homomorphic cryptosystem to ensure the security of this database is to have a separate database for every user. However, if the number of users is vast, then maintaining a separate database for all of them can become impractical and infeasible. That’s why some researchers are working on multi-key FHE cryptosystems. But until those systems are developed, this is a significant limitation in the mainstreaming of FHE.
It’s due to these limitations that FHE has not become a mainstream encryption method at the moment. However, researchers are working hard to fix both of them so FHE can become the encryption method of the future.
Implementations of Fully Homomorphic Encryption
You just took a look at the limitations of FHE, and it’s now clear to you that this type of encryption is not practically implementable at the moment. However, that doesn’t mean there are none of its implementations in the world. Major tech companies like Microsoft, IBM, and Google are working hard to speed up the development of FHE so it can become the default method of encryption in the near future. Some of the FHE implementations created by them include:
- Simple Encrypted Arithmetic Library (SEAL): Microsoft has created this library that can be used to allow computations directly on encrypted data.
- Private Join and Compute: This open-source tool has been developed by Google, which provides an analysis of data in an encrypted format.
- HElib C++ library:This one we’ve already discussed above. IBM released it in 2016, though it was found to be quite sluggish at the moment.
Fully Homomorphic Encryption schemes may have their limitations as of today, but the researchers in the computing industry are working hard to fix that. There is no doubt in the fact that FHE is going to be the encryption standard of the future. You should keep an eye on its development, and as it becomes more and more practically applicable to your business, you should consider the option of using it at the earliest.