Skip to content
6 min

Data protection: why choose homomorphic encryption

The need to protect data from unauthorized access is now commonplace in the digital world: the use of encryption is not only aimed at protecting military communications but more generally at protecting digital data in its complexity.

Information residing in computers and other electronic devices or passing through networks is considered a real asset of immense economic value, capable of attracting more than one illicit interest (e.g., identity theft, cyber attacks, etc.).
Encryption has made data protection more effective, but it still has one major and common weakness: encrypted data residing on a computing machine must always be decrypted before it can be processed and analyzed, thus becoming visible to the machine that processes it and to all those who control that machine.


What is homomorphic encryption and why you should use it to protect your sensitive data

To solve the problem of processing encrypted data without first having to decrypt it (and thus making it vulnerable), computer scientists and mathematicians have worked on homomorphic cryptography, a concept first introduced by Rivest, Adleman and Dertouzos in 1978.

The adjective homomorphic denotes a cryptographic scheme that allows computations to be performed directly on encrypted data without having to decrypt it first. In other words, performing an operation on two encrypted data yields an encrypted result that if decrypted is equal to the result that would be obtained by performing the same operation on the two unencrypted data.


The power of homomorphic cryptography

It goes without saying: anyone who needs to delegate the processing of sensitive data to other entities (as is often the case, for example, with Machine Learning services on the Cloud) can do so without having to decrypt it and make it visible to a third-party entity.


Partially and fully homomorphic cryptography

Homomorphic Encryption can be "Partially Homomorphic" (Partially Homomorphic Encryption), which, such as the Paillier scheme, supports the addition of cipher values and the multiplication of a cipher value with a plaintext scalar, or it can be "Fully Homomorphic" (Fully Homomorphic Encryption), thus much more secure.

The first Fully Homomorphic Encryption (FHE) scheme was developed by American researcher Craig Gentry in 2009. An FHE scheme supports arbitrarily chosen operations (it allows an unlimited number of addition and multiplication operations) and is therefore more powerful than a so-called PHE scheme that only supports addition or multiplication of data (or XOR and AND as logical operations), but not both at the same time.

Currently, many publications are proposing new cryptographic primitives and protocols using mathematical structures such as "elliptic curves," and Craig Gentry's fully homomorphic scheme has since been described by his critics as too slow and complex to actually be used in the Cloud. Cryptography involves complex calculations that in turn take time to execute slowing down the speed of processes. The basic idea is that faster cryptography does not burden services and therefore web providers could use it for all data passing through the Internet.


A new era for homomorphic cryptography?

In February 2016, researchers at Microsoft in collaboration with academia published a paper (CryptoNets: Applying Neural Networks to Encrypted Data with High Throughput and Accuracy) where they claim to have speeded up homomorphic encryption.

Homomorphic encryption represents the future of cryptographic techniques, because it allows operations to be performed on encrypted data without the need to decrypt it. The Cloud would be the main beneficiary of the FHE schemes, which would find an effective data protection system and a solution to important privacy issues. Think for example, in the medical field, of Cloud-based analyses performed by researchers on datasets of DNA sequences, government and e-voting fields, as well as any proprietary machine learning algorithms that need to run on a third-party infrastructure.


Stay up-to-date on all the news and technicalities related to data protection and, in general, Machine Learning and Artificial Intelligence: visit our blog.