Homomorphic Encryption- The crown jewel of cryptography

In this article, I will try my best to explain Homomorphic Encryption and why would it become the Crown Jewel of Cryptography in the mere future.

In a matter of days or years, there would be a war going for things like gold, coal and oil resources basically black gold and there is one more thing that has already lead to the start of a war, not the guns and bullets kinda war but computers, intelligence and one big thing that we daily user leave behind without our known on the internet its the DATA. Yeah, you guys heard me right and this war is not far behind not years, not months, not days but it is happening right now and this war is something that isn’t visible to our own eye’s but it’s happening in between those small invisible bits and bytes. With the blow of the internet and its capability, the cyberspace increased as the technology grew and by default, the attack surface has increased and attack vectors have increased exponentially.

As they say, once you enter the rabbit hole of internet it’s hard to get your traces off the internet. But with increased IT Laws and need of security for your data being collected by an organization or a state body has increased rapidly. From simply storing data in plain text to encrypting the same data multiple times so that even if the worst happens and to stop the attackers from actually reading the data.

To date, we have ways to keep data and how it can be encrypted like

1. Data in rest- Disk encryption, AES, 3DES, etc…
2. Data in Transit- TLS/SSL, HTTPS, HSTS etc…
3. Data in use

For both Data in rest and Data in Transit, we have many ways and many types of encryption to keep the attackers from actually knowing your true data. But when it comes to Data in Use we still lack true means to encrypt in and say it matches the safety as similar to that of Data in rest and in Transit. There is a saying ‘You’re as strong as your weakest link’ and here in our case Data in Use would be our weakest link in this chain but it also depends on how you implement encryption for Data in rest, Data in transit too.

So, how do we encrypt and kinda make our Data in Use more secure? Let’s have a look at an example, imagine I have a gold ornament designing unit and I have a bunch of employees and they are good at designing and good goldsmiths, Here our DATA is Gold. To secure my gold in rest I have many options for lockers out of which many are really good and it takes more than a billion years to break in so it good, to move my gold from one place to another I use similar one but something that has ease of transfer and takes billion years to break in. But how do I as an individual protect my gold that is in use from stealing by my employee who could go rogue? here comes our Homomorphic Encryption we simply put a chest box with one side visible side and put some gloves/plastic hands into the box and it has necessary tools for goldsmith inside the box and then locks the box for which you only have to key to open and to touch it physically you need the key to open while the goldsmiths can operate with the gold inside the box without having to worry about theft.

This is used for chemical trails to isolate the env, but imagine something similar for goldsmith

So now replace everything with Data instead of gold. I have some computations to be done with my highly sensitive data like financial computations but I don't have the required computation power to run these algorithms to process my data. So I send my financial data to someone who has enough computational power to work with. For sending the data and storing the data the 3rd party has accepted to use encryption for storing and moving the data but I don't want my data to be seen by them but to do the computations, they need to have a look at the data but I don't want them to see my data as it’s highly confidential data that no one other than me wants to see it. So to avoid I first encrypt my data with a public key such a way that if I do my computations on the encrypted data and use the private key to decrypt should yield the original result that was intended this is called homomorphic encryption.

Simply put Homomorphic Encryption allows computations on encrypted data. Ex: I need the addition of 4 and 5 so I encrypt using Homomorphic encryption public key and let us suppose I get 8 and 9 now I send that data to my computing 3rd party and he does the addition of 8 and 9, then send me the result which is 17 now with the private key that I decrypt 17 to get 9. (This is just an example for real we would be getting some other data after we encrypt)

In this Homomorphic Encryption, we have 3 different types

1. Partial Homomorphic Encryption- Can only perform limited operations
2. Fully Homomorphic Encryption- Crown jewel of these 3, can any operation
3. Somewhat Homomorphic Encryption- Limited operations for a limited set of times.

With this Homomorphic Encryption, many uses are starting with healthcare to Banking and finance, Machine Learning as a Service(MLaaS) where client encrypts his data with his public key and sends it over to the model owner and then he does the training and sends back the data to the client who uses his private key to decrypt the results and then use the trained model further, in this way one can ensure his data being exposed. Can be used in Elections to make it more secure. It is also safe from being broken down by quantum computers.

Credits to Openmind

Drawbacks are it takes huge computational power so it becomes costlier, as of now there are only a few calculations or computations it can be done using HE, it is a slow process too.

Organizations like IBM, Microsoft and Google have a team that works on Homomorphic encryption and its application. Microsoft has an open-source holomorphic encryption library that can be used SEAL. IBM has released a toolkit for macOS and iOS for Fully Homomorphic Encryption in opensource library HElib.

Resources:

1. https://blog.openmined.org/what-is-homomorphic-encryption/
2. https://www.ibm.com/blogs/research/2020/06/ibm-releases-fully-homomorphic-encryption-toolkit-for-macos-and-ios-linux-and-android-coming-soon/

Special mention:

Peeps at OpenMined they just boosted my curiosity on this topic, I hope one day I do some notable impact ❤

Thanks for Reading. Stay Tuned!