Modern cryptography is embedded in countless digital systems and components. It's an essential tool for keeping data secure and private. Yet one of the biggest limitations with cryptography, including widely used public key encryption (PKE), is having to decrypt sensitive data in order to process and analyze it.
"There are many scenarios where it's preferable to work on data 'blindfolded' and without access to the encryption key," says Chris Peikert, an associate professor in the Department of Computer Science and Engineering at the University of Michigan. This includes areas as diverse as healthcare, law, manufacturing, finance, and online voting.
Enter homomorphic encryption. The technology uses lattice-based algorithms to hide the input, intermediate values, output, and even the function being computed from anyone not holding the secret decryption key. In other words, it allows computations to be performed on encrypted data.
While fully homomorphic encryption (FHE) has been around for just over a decade, the combination of more powerful computers and better algorithms is now making it viable.
Cracking the Code
The origins of homomorphic encryption date back to 1978. That's when a trio of researchers at MIT developed a framework that could compute a single mathematical operation (usually addition or multiplication) under the cover of encryption. The concept gained life in 2009, when Craig Gentry, now a research fellow at the blockchain-focused Algorand Foundation, developed the first fully homomorphic encryption scheme for his doctoral dissertation at Stanford University in 2009.
Gentry's initial proof was simply a starting point. Over the past decade, security concerns related to cloud computing, the Internet of Things (IoT), and the growing demand for shared and third-party data have all pushed the concept forward. Along the way, more powerful homomorphic algorithms have emerged. Today, the likes of IBM and Microsoft have entered the space, along with the US Defense Advanced Research Projects Agency (DARPA) and an array of startups.
"There is a tremendous benefit to being able to perform computations directly on encrypted data," says Josh Benaloh, senior cryptographer at Microsoft Research. "This allows computations to be outsourced without risk of exposing the data."
The use cases for homomorphic encryption are broad. For example, say a business wants to demonstrate it has the financial resources to handle a project, or it needs to submit data for an audit by an outside company or government agency. Homomorphic encryption allows it to submit sensitive financial data and prove that it meets requirements or is in compliance without ever displaying the underlying data.
When combined with blockchain, homomorphic encryption could usher in new types of smart contracts, working agreements, and apportion settlements that aren't possible today. It could allow members of a blockchain to share data in more flexible and secure ways, including adding and revoking access to members of a committee, for instance.
The benefits extend far beyond the business world. For example, homomorphic encryption makes it possible for a person to screen for cancer or submit genome data to identify risk factors without revealing his or her identity.
Homomorphic encryption also supports next-gen cybersecurity functionality. For instance, using a succinct, noninteractive, quickly verifiable cryptographic proof, referred to as a "zero-knowledge proof," or SNARK, it's possible to prove that code doesn't contain any errors. This makes it possible to develop software free of bugs and security flaws without revealing proprietary code.
Homomorphic encryption also allows the owner of data to gain far greater and granular control over it. This means it's possible to grant, revoke, or provide limited access to data, depending on the use and preferences of the parties involved.
The technology is particularly suited to big data environments, where it's necessary to tap enormous cloud computing power and keep the underlying data private, Gentry says.
"The cloud can process your data while it's encrypted — even the function it's applying to your data can be encrypted — so that the cloud learns nothing aside from the size of your data set," Gentry says.
Microsoft's ElectionGuard, for example, lets citizens verify their votes have been counted without compromising the security or privacy of the ballots. Each vote is encrypted and assigned a unique identifier. Votes are tallied but the identity of individuals remains concealed and unavailable. The platform, currently in pilot phase, produces verifiable, secure, and auditable results.
Meanwhile, the open source Microsoft SEAL project offers a code library that allows users to harness homomorphic encryption without the need to develop complex mathematical formulas. The platform handles all additions and multiplications on encrypted integers or real numbers, and it incorporates an API to connect it to various environments. IBM has also developed a free and open source homomorphic encryption library called HElib. Both platforms are distributed through GitHub.
"There are many people working on homomorphic encryption," says Gentry, who developed next-generation FHE schemes at IBM before joining the Algorand Foundation. "Confidence in the underlying security of homomorphic encryption schemes is high."
By the Numbers
Despite advances in the field, there's still a fair amount of work to be done to bring homomorphic encryption into the commercial mainstream. One issue is performance. In practical terms, current algorithms demand high computing overhead, meaning the computation might take many times longer on encrypted data versus unencrypted data.
"The overhead can be so onerous that most computations cannot be performed practically," Microsoft Research's Benaloh explains.
Homomorphic encryption also performs better in some situations than others, Gentry says. Oftentimes, the technology has been tailored to a specific use case. Producing fast homomorphic software that can accommodate a wide range of real-world tasks and situations is still a bit over the horizon.
"Making fully homomorphic encryption practical for most purposes will require improved algorithms to reduce the overhead," Benaloh says. "We need to develop better ways to structure computations so that they are more amenable to fully homomorphic encryption."
Nevertheless, the future of homomorphic computing looks bright, and experts say the technique could gain widespread adoption and have a major impact on business within a few years.
"We are finding far more advanced ways to use encryption," University of Michigan's Peikert says. "We're entering the golden age of cryptography."