The Next Frontier in Encryption: Homomorphic Encryption the Future of Secure Computation

Businesses, large and small, are embracing the Cloud. No matter which research company, vendor or expert you consult, everyone agrees that about four in every five enterprise workloads are either already in the Cloud or will be within the next few months. That means the best-practice security strategy you established just a year or two ago may no longer be fit for purpose.

 

You need to be ready for a variety of web-based threats such as zero-day exploits, brute force attacks, trojans, phishing, ransomware, Distributed Denial of Service (DDoS) and compromised credentials. The old approach of traditional firewalls and perhaps an intrusion detection system is no longer the answer.

 

Industry-standard, perimeter-based security techniques common in today’s IT infrastructure are built with thousands of integrated, constantly changing hardware and software components. They mostly depend on encryption techniques that rely on the difficulty of existing hardware to find discrete logarithms and/or factor large integers.

 

Protecting data has become an increasingly complex and breach-prone process because provable data security is unachievable with this approach.  It is a statistical certainty that infrastructure breach points will always exist regardless of effort because of the number and ever-changing nature of these components.

 

Rising number of cyber threats,  have increased the organizations/companies interest about security concerns. Further, the rising costs of an efficient IT security staff and environment is posing a significant challenge. These have created a new fast growing trend named Managed Security Services (MSS). Often customers turn to MSS providers to alleviate the pressures they face daily related to information security. One of the most critical aspect, related to the outsourcing of security issues, is privacy. Security monitoring and in general security services require access to as much data as possible, in order to provide an effective and reliable service.

 

Privacy and Security

In the last few years, data privacy has become a hot-button issue globally, with high profile scandals and data leaks surrounding prominent companies like Facebook and Equifax resulting in greater privacy awareness among both consumers and businesses. On top of that, companies often share this data with third parties that can analyze it or use it to improve customer experiences, requiring them to give up control over the data that they own. Website cookies have historically been used to track web browsing via a piece of data inserted into your browser, but other techniques such as MAC address and account tracking can be used to see what you’ve been doing on the web. The primary reason that companies are collecting so much data is that they can use it to look for patterns. These patterns power the algorithms that provide personalized experiences, from those annoying ads that follow you around the internet to insurance premiums that are calculated using exercise data.

 

There is also well known conflict between privacy and security, a particularly evident problem in security monitoring solutions. On the one hand, security monitoring solutions are designed to detect and prevent security threats, which requires monitoring and analyzing sensitive data. On the other hand, privacy regulations and concerns may limit the extent to which such data can be collected and processed.

 

Homomorphic encryption for Data privacy

Homomorphic encryption can help address this conflict by enabling secure computation on encrypted data. This means that sensitive data can be analyzed without revealing its content, which can help protect individual privacy while still allowing useful insights to be gained from the data. Homomorphic encryption can also help ensure that sensitive data is protected against unauthorized access, which is critical for maintaining security.

 

Homomorphic encryptions allow complex mathematical operations to be performed on encrypted data without compromising the encryption.  Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form. Encryption typically happens where the sensitive data are first captured, for example, in a camera or edge device. Processing encrypted data happens wherever the AI system needs to operate on sensitive data, typically in a data center. And finally, decryption happens only at the point where you need to reveal the results to a trusted party.

 

The term is derived from the Greek words for “same shape ot structure.” In mathematics, homomorphic describes the transformation of one data set into another while preserving relationships between elements in both sets.   Because the data in a homomorphic encryption scheme retains the same structure, identical mathematical operations — whether they are performed on encrypted or decrypted data —  will yield equivalent results.

 

It means that if you do encryption in the right way, you can transform ordinary numbers into encrypted numbers, then do the same computations you would do with regular numbers. Whatever you do in this encrypted domain has the same shape as in the regular domain. When you bring your results back, you decrypt back to ordinary numbers, and you get the answer you wanted.

 

• Data, including its unrestricted computational derivatives, remains encrypted both at rest and throughout its life cycle and is decrypted to plaintext only in secure, trusted environments.

• Valuable insights through AI (artificial intelligence), big data, and analytics can be extracted from data—even from multiple and different sources—all without exposing the data, secret decryption keys, or, if need be, the underlying evaluation code.

For in-depth understanding on  Homomorphic Encryption  technology and applications please visit: The Future of Secure Computation: A Comprehensive Guide to Homomorphic Encryption

Applications

Homomorphic encryption is a cryptographic technique that allows computations to be performed on encrypted data without decrypting it. Recent advances in machine learning applications has been driven by innovation in algorithm design, low cost storage for large training datasets, and powerful neuromorphic computing. However, many useful training datasets can never be shared.

This technique has numerous applications in various fields. Some of the major applications of homomorphic encryption are:

1. Secure Cloud Computing: Homomorphic encryption can be used to securely perform computations on data stored in the cloud. This can prevent unauthorized access to sensitive data while still allowing for useful computations to be performed on it.
2. Secure Data Sharing: Homomorphic encryption can be used to share sensitive data securely between multiple parties without revealing the underlying data. This can be useful in applications such as healthcare, finance, and other industries that require the sharing of sensitive data.
3. Secure Machine Learning: Homomorphic encryption can be used to perform secure machine learning on sensitive data. This can be useful in applications such as fraud detection, medical diagnosis, and other industries where the privacy of the data is critical.
4. Secure Messaging: Homomorphic encryption can be used to provide end-to-end encryption for messaging applications. This can prevent unauthorized access to messages while still allowing for useful computations to be performed on the encrypted data.
5. Secure Voting: Homomorphic encryption can be used to provide secure voting systems that prevent tampering and ensure the privacy of individual votes.

Overall, homomorphic encryption has the potential to revolutionize the way we handle sensitive data and provide a secure way to perform computations on encrypted data.

 

Consider a biomedical application where a large cohort of patient genomic data needs to be compared to identify previously unknown genetic markers of disease. Of course, we need to safeguard patient data privacy and security and, therefore, cannot openly share their genomic data within and between healthcare and/or research organizations.

This will require advanced analytic approaches, such as machine learning, and likely a substantially greater amount of data. Gaining access to large sets of patient genomic data for a particular disease is challenging due to the necessary legal agreements that need to be in place to obtain that data. Homomorphic encryption may address this challenge.

If we homomorphically encrypt the DNA sequences of patients, we can then query homomorphically encrypted databases for genetic comparisons. We can then decrypt the final result and get the same answer as we would have gotten using unencrypted DNA sequences.

 

“It doesn’t have to be a zero-sum game,” says Casimir Wierzynski, senior director, office of the CTO, AI Products Group at Intel. HE allows AI computation on encrypted data, enabling data scientists and researchers to gain valuable insights without decrypting the underlying data or models. This is particularly important for sensitive medical, financial, and customer data. The technique itself has been around for more than 20 years as a theoretical construct. The criticism has been, okay, you can operate on encrypted data, but it takes you a million times longer than using regular data. It was an academic curiosity. But in the last five years, and especially the last two years, there have been huge advances in the performance of these techniques. We’re not talking about a factor of a million anymore. It’s more like a factor of 10 to 100, says Casimir Wierzynski.