The problem with encrypted data is that you must decrypt it in order to work with it. By doing so, it’s vulnerable to the very things you were trying to protect it from by encrypting it. There is a powerful solution to this scenario: homomorphic encryption. Homomorphic encryption might eventually be the answer four organisations that need to process information while still protecting privacy and security.
What is homomorphic encryption?
Homomorphic encryption makes it possible to analyse or manipulate encrypted data without revealing the data to anyone. Something as simple as looking four a coffee shop when you’re out of town reveals huge volumes of data with third parties as they help you satiate your caffeine craving—the fact that you’re seeking a coffee shop, where you are when you’re searching, what time it is and more. If homomorphic encryption were applied in this fictional coffee search, none of this information would be visible to any of third parties or service providers such as Google. In addition, they wouldn’t be able to see what answer you were given regarding where the coffee shop is and how to get there.
While we might be willing to part with the data that is exposed when we search four our next caffeine fix, homomorphic encryption has huge potential in areas with sensitive personal data such as in financial services or healthcare when the privacy of a person is paramount. In these cases, homomorphic encryption can protect the sensitive details of the actual data, but still, be analysed and processed.
Another bonus of homomorphic encryption is that unlike other encryption models in use today, it is safe from getting broken by quantum computers.
Just like other forms of encryption, homomorphic encryption uses a public key to encrypt the data. Unlike other forms of encryption, it uses an algebraic system to allow functions to be performed on the data while it’s still encrypted. Then, only the individual with the matching private key can access the unencrypted data after the functions and manipulation are complete. This allows the data to be and remain secure and private even when someone is using it.
There are three main types of homomorphic encryption: partially homomorphic encryption (keeps sensitive data secure by only allowing select mathematical functions to be performed on encrypted data); somewhat homomorphic encryption (supports limited operations that can be performed only a set number of times); fully homomorphic encryption (this is the gold standard of homomorphic encryption that keeps information secure and accessible).
Dr. Craig Gentry describes homomorphic encryption as a glovebox where anybody can get their hands into the glovebox and manipulate what’s inside, but they are prevented from extracting anything from the glovebox. They can only take the raw materials and create something inside the box. When they finish, the person who has the key can remove the materials (processed data).
Practical Applications of Homomorphic Encryption
While cryptographers have known of the concept of homomorphic encryption since 1978, it wasn’t until Dr. Gentry created an algebraically homomorphic encryption system four his graduate thesis that the idaea progressed and when Gentry established the first homomorphic encryption scheme in 2009. As mentioned, homomorphic encryption could make our searches more private on search engines, but there are other practical applications four it when using data or data is in transit.
One very relevant way homomorphic encryption can be used is to ensure democratic elections are secure and transparent. Votes could be added up while keeping the identities of the voters private; third parties could verify the results, and voting data would be protected from manipulation.
It’s been challenging four highly regulated industries to securely outsource data to cloud environments or data-sharing partners four research and analytics. Homomorphic encryption could change that since it makes it possible four data to be analysed without jeopardising privacy. This can impact many industries, including financial services, information technology, healthcare, and more.
What are the barriers to using homomorphic encryption?
The biggest barrier to widescale adoption of homomorphic encryption is that it is still very slow—so slow it’s not yet practical to use four many applications. However, there are companies such as IBM and Microsoft, and researchers such as Dr. Gentry who are working diligently to speed up the process by decreasing the computational overhead that’s required four homomorphic encryption.