Homomorphic encryption solves a vulnerability inherent in all other approaches to data protection Imagine if you work in the financial services industry — or, maybe you already do. Every day, your organization handles a lot of personally identifiable information (PII) and financial data — information that needs to be encrypted both when it is stored (data at rest) and when it is being transmitted (data in transit). While modern encryption algorithms are virtually unbreakable (because they require so much processing power that it makes the process of breaking it too costly and time-consuming to be feasible), they also make it impossible to process the data without first decrypting it — and decrypting your data could leave it vulnerable to hackers.
What is Homomorphic Encryption?
In a nutshell, homomorphic encryption is a method of encryption that allows any data to remain encrypted while it’s being processed and manipulated. It enables you or a third party (such as a cloud provider) to apply functions on encrypted data without needing to reveal the values of the data. A homomorphic cryptosystem is like other forms of public encryption in that it uses a public key to encrypt data and allows only the individual with the matching private key to access its unencrypted data (though there are also examples of symmetric key homomorphic encryption as well). However, what sets it apart from other forms of encryption is that it uses an algebraic system to allow you or others to perform a variety of computations (or operations) on the encrypted data.
In practice, most homomorphic encryption schemes work best with data represented as integers and while using addition and multiplication as the operational functions. This means that the encrypted data can be manipulated and analyzed as though it’s in plaintext format without actually being decrypted. In other words, HE can enable your employees (or a third party) to work with and use the encrypted data without having access to or knowing the contents of the decrypted data. They can compute and process the encrypted data to get an encrypted answer, but only you can decrypt the ciphertext and understand what it means. Homomorphic encryption requires few rounds of interactions and uses arithmetic circuits (which focus on additions and multiplication, allowing you to add and multiply numbers) rather than Boolean circuits like other methods of secure computation (such as two-party computation [2PC] or general multi-party computation [MPC]).
Real-World Challenges That Homomorphic Encryption Can Help Solve
In an ideal world, homomorphic encryption has a multitude of practical, real-world applications —everything from electronic voting systems to analyzing medical data to enabling private queries in search engines.
Some applications for homomorphic encryption include:
- Securing Data Stored in the Cloud. Let’s go back to the idea that you own or work at a financial services company that collects, stores, and uses sensitive personal and financial information. Your organization uses this data to deem whether customers qualify for lending. You want to store this information in the cloud to free up IT resources but don’t fully trust the security of your cloud software-as-a-service (SaaS) provider. (Considering that cloud storage isn’t always as secure as we’d like, that isn’t a far-fetched concern.) Using homomorphic encryption, you can secure the data that you store in the cloud while also retaining the ability to calculate and search ciphered information that you can later decrypt without compromising the integrity of the data as a whole. It’s a win-win scenario for your business as well as your customers.
- Enabling Data Analytics in Regulated Industries. Homomorphic encryption allows data to be encrypted and outsourced to commercial cloud environments for research and data-sharing purposes — all while protecting user or patient data privacy. It can be used for businesses and organizations across a variety of industries including financial services, retail, information technology, and healthcare to allow people to use data without seeing its unencrypted values. For example, homomorphic encryption allows predictive analytics service providers to safely analyze medical data without putting data privacy at risk.
- Improving Election Security and Transparency. Researchers are working on how to use homomorphic encryption to make democratic elections more secure and transparent. For example, the Paillier encryption scheme, which uses addition operations, would be best suited for voting-related applications because it allows users to add up various values in an unbiased way while keeping their values private. This technology could not only protect data from manipulation, it could allow it to be independently verified by authorized third parties.
Homomorphic encryption helps to protect the integrity of your data by allowing others to manipulate its encrypted form while no one (aside from you as the private key holder) can understand or access its decrypted values. Compare this to the encryption methods used by traditional cloud storage and computation solutions, which cannot run computations on encrypted data. This means that the cloud provider and/or app would require access to unencrypted data to perform computational functions on it. This practice exposes your organization’s or customers’ sensitive data to potentially insecure cloud operators and hackers who want your data. Now that’s what we call progress — but it’s going to take some time before we see the application of homomorphic encryption on a larger scale.
Types of Homomorphic Encryption
There are three main types of homomorphic encryption.
The primary difference between them boils down to the types and frequency of mathematical operations that can be performed on their ciphertext. The three types of homomorphic encryption include:
- Partially Homomorphic Encryption
- Somewhat Homomorphic Encryption
- Fully Homomorphic
Encryption Partially homomorphic encryption (PHE) helps sensitive data remain confidential by only allowing select mathematical functions to be performed on encrypted values. This means that one operation can be performed an unlimited number of times on the ciphertext. Partially homomorphic encryption (with regard to multiplicative operations) is the foundation for RSA encryption, which is commonly used in establishing secure connections through SSL/TLS. Some examples of PHE include ElGamal encryption (a multiplication scheme) and Paillier encryption (an addition scheme).
A somewhat homomorphic encryption (SHE) scheme is one that supports limited operations (for example, either addition or multiplication) up to a certain complexity, but these operations can only be performed a set number of times. This is the precursor to fully homomorphic encryption, which we’ll discuss more in depth momentarily.
What is Fully Homomorphic Encryption?
Fully homomorphic encryption (FHE), while still in the development stage, has a lot of potential for making functionality consistent with privacy by helping to keep information secure and yet still accessible. Born from a somewhat homomorphic encryption scheme, this holy grail of cryptography is capable of using any efficiently computable functions (such as addition and multiplication, not just one or the other) any number of times and makes secure multi-party computation more efficient. Unlike other forms of homomorphic encryption, it can handle arbitrary computations on your ciphertexts.
The goal behind fully homomorphic encryption is to allow anyone to use encrypted data to perform useful operations without access to the encryption key. In particular, this concept has applications for improving cloud computing security. If you want to store encrypted, sensitive data in the cloud but don’t trust your cloud provider or want to run the risk of a hacker breaking in your cloud account/app, it provides you with a way to pull, search, and manipulate your data without having to allow the cloud provider or Google access to the data on the files you want to access.