Fully homomorphic encryption
BACKGROUND
If you had to sum up software innovation in recent times, two words would suffice : Artificial Intelligence. In fact, its growth is only possible thanks to the explosion in modern computing capacity. The capacity of specialized processors (GPUs, TPUs, ASICs) is constantly increasing, and this has a huge global impact.
More computing power means greater password vulnerability (see the table below, taken from https://www.hivesystems.io/blog/are-your-passwords-in-the-green) and calls into question the viability of current encryption methods.
Data security is all the more important at a time when Artificial Intelligence and Machine Learning methods are being democratized for businesses and individuals alike. Indeed, these approaches require costly infrastructures, and many are turning to Cloud solutions for model training and distribution. This raises a huge data security issue. Consider, for example, a healthcare organization that wants to train a predictive model using patient data. This organization needs to transmit its data to a Cloud service provider, who will then have free access, since, even if it can be encrypted for transmission, this data needs to be in clear text so that model training can take place.
This cloud-related issue doesn’t just concern Artificial Intelligence efforts, but a growing number of operations in all fields.
Another factor challenging current encryption techniques is the expected arrival of quantum computing. Between the constant advances made by the various players, the diversification of approaches and components (D-Wave and their adiabatic processors, Lightmatter for example and photonic circuits, IBM and Origin Quantum and quantum chips) are casting the shadow of an earthquake in the world of cybersecurity. When these new computing capabilities, and the paradigm shift they imply, become publicly available, most of the encryption algorithms currently in use will be rendered obsolete. To mitigate this risk, new, so-called ‘post-quantum’ schemes have been invented to ensure that the race is not lost by those who want to defend and protect our data.
(FULLY) HOMOMORPHIC ENCRYPTION
The problem of constructing a homomorphic encryption scheme was posed in the late 70s by the researchers behind RSA encryption. It wasn’t until 2009 that a solution to this problem was found (albeit an inefficient one), and since then several variants have been developed, each with its own advantages and disadvantages. It’s a rich ecosystem, driven by passionate researchers and developers, of which we are a part.
But what is (fully) homomorphic encryption? In a nutshell, it’s an approach that enables you to perform operations on encrypted data without having to decrypt it. To explain in a little more detail what this technique, which may seem mysterious or even magical, consists of, let’s first take a look at other encryption approaches.
For these explanations, we’ll always consider three protagonists: Alice, Bob and Eve. Alice has precious materials – diamonds and gold, for example – and wants Bob to fashion a necklace from them. Eve wants to steal either the materials or the necklace.
To prevent Eve from simply getting her hands on the loot while it’s being transported, Alice decides to enclose it in an extremely strong box, which would take a colossal effort for Eve to break. Alice needs to be able to lock the box, but she also needs to give Bob access to the contents so he can assemble the necklace.
This toy model corresponds to the real-life case where Bob is a Cloud service provider and Alice wants to use Bob’s infrastructure to perform calculations (e.g. train an Artificial Intelligence model) on sensitive data.
First, let’s consider symmetric key encryption. To return to our toy model, Alice decides to add a lock to her box, to which corresponds a key. Alice has two copies of this key and sends one to Bob. She places the materials in the box and passes it on to Bob. Bob can then open the box, shape the necklace, close the box and send it back to Alice, who uses her copy of the key to retrieve the necklace. If Eve recovers the box, she can’t do much with it, unless she manages to get her hands on a copy of the key (this is of course dependent on the vulnerability of the lock, which can be forced if it’s not made of sufficiently resistant materials).
Asymmetric key encryption works a little differently. In this case, Alice and Bob each have a lock (public key) and the associated key (private key). They never share their keys. To make the necklace, Bob sends Alice his padlock. Alice places the materials in the box and locks it with Bob’s padlock, then sends it back to him, along with his own padlock. Bob uses his own key to open the box, collect the materials and place the finished necklace inside, locking the box with Alice’s padlock. Alice receives the box and can use her own key to retrieve the necklace.
In both cases, Bob needs to be able to open the box in order to access the materials, i.e. Alice needs to trust him, the place where he’s working, and so on. How can Alice avoid worrying about her precious materials while Bob looks after the necklace?
To solve this problem, Alice uses a slightly different box. It uses a laboratory glove box.
This glove box is a little different from the usual one because it’s opaque. It is also equipped with a lock. Alice doesn’t share the key to the lock, but she can place her materials in the box and send it to Bob. Bob is a very skilled jeweler, and is perfectly capable of fashioning the expected necklace using the glove box, but he can never really see what Alice’s diamonds look like. More importantly, the diamonds and gold contained never need to leave the box, they are perfectly protected until Alice receives her box containing the necklace, which she can open with her key, reassured that neither Eve nor Bob have had visual access to its contents.
This is the essence of homomorphic encryption. Some of the encryption schemes used have properties of this kind, and certain operations on encrypted data can be carried out without decryption, but the big breakthrough is completely homomorphic encryption. This means that using these schemes, any calculation is possible without decrypting the data.
Alice’s strange solution
WHAT USES?
Secure use of cloud services
As already mentioned, fully homomorphic encryption offers a massive advantage for all cloud-based operations. Today, data processed in this way is at risk, and Cloud platforms represent an extremely critical point of vulnerability. This is a risk faced by many companies, with no real solution.
It has been demonstrated that it is possible to train neural networks or machine learning models on encrypted data. This makes it possible to comply with all (legal) data protection injunctions with minimum effort, while enjoying all the benefits that the use of Cloud services confers.
This extends, of course, to all operations that can be carried out on a Cloud.
Securing database queries
Another possibility offered by fully homomorphic encryption is to secure database queries. This ensures the confidentiality of the data contained in the database, the query and the results obtained. Based on this model, several layers of encryption can be applied to guarantee reasoned access to data, which is of considerable benefit to operators of databases containing personal data (governments, banks, etc.).
Multiparty aggregation of sensitive data
There’s strength in numbers. Consider a case where several hospitals seek to train a machine learning model for the same purpose (e.g. early cancer detection) using their own patient data. Each of these hospitals fails, because their data are not large enough to train this model correctly. With fully homomorphic encryption, data can be encrypted, bundled and transmitted to a central service provider who drives the model. The parties work together to decipher the model, which is accessible to all without having to reveal each other’s data(https://www.nature.com/articles/s41467-021-25972-y).
Data storage
As an encryption scheme, fully homomorphic encryption can be used to store data securely.
Communications
Similarly, communications can be secured using fully homomorphic encryption.
Obfuscation of blockchain transactions
By their very nature, blockchain transactions can be consulted in the ledger and are therefore public. Thanks to fully homomorphic encryption, the content of transactions can be obfuscated, thus retaining the protection against data tampering guaranteed by the blockchain, without exposing risky data such as transaction amounts or the identifiers of the parties involved in the transactions.
Secure voting
Fully homomorphic encryption enables a voting system to be set up where several entities can record the results, guaranteeing the veracity of their portion of the vote, and then pool their encrypted results. From all the results from the various entities, it is then possible to calculate the overall voting result, without exposing the individual votes. The algorithm that enables this application has been proven to be extremely robust against tampering (which requires an overwhelming majority of participating entities to collaborate in order to defeat it). This makes it possible to build digital voting mechanisms of a new kind, which could revolutionize many fields.
CONCLUSION
As data protection is one of the most important issues in today’s digital world, it is all the more important to identify and implement strategies to ensure data integrity. Fully homomorphic encryption is a state-of-the-art solution, offering advantages and possibilities that are as yet unknown as they are exploited by the industry and the general public. At Digital Solutions, we are convinced that this approach is one of the tools that will soon be indispensable.