Data protection is important. But often prevents collaboration and exchange. Homomorphic encryption combines both and could therefore be an important building block for data-secure cloud computing.
Encryption techniques use mathematical functions to transform readable plain text into illegible ciphertext. As if the data were in a safe, they are encrypted and safe from hackers. But if you want to edit your data, you have to free it from the safe and decipher it. The owner’s secret safe key also opens the door to unencrypted data for hackers. Homomorphic encryption could solve this problem: data that is stored on hard drives or in databases can also be processed in the encrypted state. A great advantage, especially in multi-cloud computing and machine learning, which opens up many new possibilities.
What can homomorphic encryption do?
Cryptographic processes enable calculations with the encrypted data without decoding them. The results of analyzes of encrypted and unencrypted data do not differ. Secret keys that decrypt the data are no longer necessary. Only the owner of the data has a key that can reveal the data and the encrypted calculations at a later point in time in plain text.
In his dissertation in 2009, the American computer scientist Craig Gentry presented the first practical concept of completely homomorphic encryption. He describes the calculations with the encrypted data as an opaque box with integrated gloves. Without opening the box, users can change the contents by reaching into the glove openings.
How does the cryptographic procedure work?
The homomorphism comes from grid-based algebra. One data record is mapped by a second with the same structure. Since plain text and ciphertext are structurally true to one another, mathematical calculations lead to the same result – regardless of whether they are carried out with encrypted or decrypted data.
Homomorphic encryption is based on the public key method used in transport encryption. However, it is not a question of transport encryption as we know it from messenger services. Instead, only the owner of the data and authorized users can decrypt the data with a mix of private and public keys.
The security of homomorphic encryption is based on the complexity of the mathematical problem called “Ring-Learing with Errors” (RLWE), which is related to high-dimensional grids. Research with peer reviews confirms that this method is at least as secure as other encryption systems. RLWE are considered secure even against quantum computers.
What is homomorphic encryption used for?
Homomorphic encryption can be used wherever data should be protected but still outsourced. Sensitive data, for example from the healthcare sector, can also be stored in more commercial cloud environments. The end-to-end encryption of the data could create trust in cloud services and third parties could also be given the opportunity to analyze the data without disclosing the data themselves. Data protection is preserved and data can be shared at the same time. Microsoft, IBM and Google, among others, are working on applications of fully homomorphic encryption. What exactly they are working on has listed the Academic Consortium to Advance Secure Computation here.
Homomorphic encryption techniques enable new applications in the area of multi-cloud computing and machine learning. The reliable encryption technology could be helpful, for example, if voters’ votes are to be digitized or systems for military operations are to be networked. Homomorphically encrypted databases are extremely secure and can prevent data leaks. Matthias Schulze from the German Institute for International Politics and Security writes in a paper from February.
The computer scientist sees the greatest benefits for artificial intelligence and machine learning. Without disclosing the users’ data, self-learning algorithms could carry out analyzes on encrypted data sets, writes Schulze.
However, technological progress could also create dependencies. In the USA, for example, work is already underway on the standardization of business models for multi-cloud computing, whereby various cloud databases are combined with one another. “In order not to be left behind, the EU should promote application research and include homomorphic encryption at an early stage in the planning for its own Gaia-X cloud initiative,” continues Matthias Schulze.
The European cloud and data infrastructure Gaia-X promoted by Germany and France could be upgraded through homomorphic encryption techniques. “With homomorphic encryption, Europe has the opportunity to jump on a train that is already rolling, but has not yet left completely,” writes the IT security expert.
What types of homomorphic encryption are there?
- Partially Homomorphic Encryption (PHE)
- Almost fully homomorphic encryption (Somewhat Homomorphic Encryption, SHE)
- Fully Homomorphic Encryption (FHE)
The three forms of homomorphic encryption differ in the mathematical operations that can be performed on the ciphertext. Depending on the type of encryption, one or more types of calculation can be applied to the data set with different frequencies. Performance, utility and level of protection – every approach has a different focus.
With partially homomorphic encryption (PHE), only one operation (e.g. multiplication or addition) can be applied to the data set. In return, however, infinitely often. The almost fully homomorphic encryption (SHE) enables different arithmetic operations with the data set, which, however, can only be carried out to a limited extent. Fully homomorphic encryption (FHE) combines both, so that different mathematical methods can be used an unlimited number of times. However, the performance suffers as a result.