Note on Homomorphic Encryption (HE) & preview of the HE Library from Ziroh Labs
I have a 9-year-old daughter, the joy of my life. Talented, kind and a feminist like her mother. However, she does have one bad habit. She would immaculately pick out the vegetables off her plate and keep them aside. The next day, she can give a talk in her class with effortless eloquence about the valuable vitamins and minerals vegetables contain and how essential they are for the human body to function at peak. Amazing. The talent to preach and not practice is a natural gift.
Last week, I had the privilege to present to some CIOs in the healthcare and banking industry. We discussed among many other things, how leaders are keeping valuable enterprise data secure and private. One cannot have a discussion on Data Security & Privacy without addressing encryption technologies. Time and again, I see that encryption technologies are very poorly adopted. I could not help think and smile that some of these leaders are like my daughter. Preach but don’t practice. But these are brilliant folks, so there has to be more to this. After all, encryption technologies keep you (and your job) safe. So, why won’t you adopt encryption? This disturbing fact is also corroborated by statistics published at www.breachlevelindex.com which states “ONLY 4% of breaches were “Secure Breaches” where encryption was used and the stolen data was rendered useless.”
One of the big reason for this aversion to encryption has to do with the fact that legacy encryption technologies degrade data usability. I have attempted to write more about this aspect of legacy encryption degrading data usability here. If you are hard pressed for time, the gist is that legacy encryption techniques forces users to make a trade-off between usability and security. No one likes trade-offs. You cannot perform any computations on the encrypted data anymore. You have to decrypt each time you want to perform any operation. Standard Encryption makes the data you need to run your business every day highly inaccessible. You are essentially caught in a costly cycle of encrypt-decrypt-encrypt.
Enter Homomorphic Encryption:
Homomorphic Encryption (HE) enables computations on encrypted data without decrypting it. It sounds like math magic. It has been a topic of academic interest for a good three decades. Today, it is practically viable and available for a wide variety of use cases.
Like water has three states — Solid, Liquid and Gas, so does your data. Data-At-Rest, Data-In-Transit and Data-In-Use. While legacy encryption technologies protect data in the Data-At-Rest and Data-In-Transit states (with it’s known side effects discussed above), Data-In-Use is always in the clear (also known as plain text) and vulnerable to new threat vectors that can steal data from a computer’s memory.
That’s right; data can be scrapped from memory as well. For example, a security conscious retailers will deploy network-level encryption (Data-In-Transit) to protect data as it travels through those cables. However, credit card numbers are not encrypted in the PoS (Point of Sale) themselves and can still be found within the memory of the PoS system. A bad actor would merely need some readily available RAM-scraping malware to extract this data from memory.
Now the above use case is more Security focused — i.e., the need to protect data from bad, external actors. However, there is another angle to this. There is a relationship between Privacy and Security. Security Risks can be classified as Unauthorised System Behaviour whereas Privacy Risks will be a by-product of Authorised Processing of sensitive data, e.g., PII or Personal Identifiable Information.
Consider this. You have to store a box filled with your personal and private belongings in a friend’s house temporarily. You have authorised your friend to hold your personal and private belongings, but you certainly do not expect that your friend might “take a peek” into your box. If your friend does take that peek into your stuff, that would be more of a privacy violation. The physical box in this illustrative example could be your storage and compute workloads and your friend’s house could be the cloud, like Azure, Google, AWS, etc.
Such privacy concerns can be addressed in a satisfactory manner by encrypting data using Homomorphic Encryption “before” uploading the data to a cloud service provider. Such a cryptographic technology would be highly desirable for highly privacy-sensitive use cases where a un-trusted third party is indeed needed to perform computation without ever knowing the real contents of the data.
It would be like asking AWS ( Amazon Web Service) to perform the compute “7” + “5” and return you the result “12” where AWS would never come to know that you added “7” and “5”. Some would call that having your cake and eating it too. The same applies to String data types. You want to know which file contains the keywords “John Doe credit history,” but do not want the cloud service provider to know it as well.
Homomorphic Encryption is not the only type of technology with the promise of uncompromising privacy and security without compromising any of the data usability (unlike legacy encryption). There are other promising techniques as well as Secure Multi-Party Computations, Trusted Execution Environments (TEEs) like Intel’s SGX, etc. These technologies, however, are not as versatile as an efficient Homomorphic Encryption scheme.
Today, I also wanted to give you a preview of the Highly Efficient Homomorphic Encryption Library from Ziroh Labs.
It is purpose built to operate on String Data types with very high speeds and acceptable levels of security. I will continue to share more details about our Homomorphic Encryption Library. You are very welcome to reach out to me for additional information at bhaskar@ziroh.com or for access to a trial license of our library.
We have developed two different FHE primitives. The first one is Integer based, the hardness of which is reducible to factorisation and CRT. The second one is based on LWE. Our invention lies in the generation of keys, methods to control the noise and balance the generation of the cipher-text during multiplication.
Both of these primitives allow batching, bit as well as block level for encryption and decryption. The security parameter depends on the key size. Both of the primitives guarantee IND-CPA and they have been tested both theoretically (probabilistic polynomial adversary) as well as NIST statistical test among others in collaboration with highly knowledgeable experts from the Indian Institute of Science (IISc), Bangalore, India.
