When it comes to cryptography in the context of industry standards such as HTTPS (or SSL/TLS) or the end-to-end encryption of chats, one can assume that the encryption methods used are relatively secure and guarantee integrity.
This is where homomorphic encryption differs significantly from conventional methods: For homomorphic encryption to work, the cipher suites must be designed to be flexible (“malleable”). As a result, the integrity of the data cannot be guaranteed. However, this is not a bug, but a wanted feature that simplifies working with encrypted data sets.
This “malleability” is inherent in cryptographic algorithms that allow the transformation of an encrypted text into another, valid and encrypted text, with the meaning of the original text changing. The user who initiates the transformation of the data does not need to know what the data looked like in its unencrypted form.
For example, if you send an email to a colleague with the text “You are a great colleague”, an attacker could steal this encrypted text with the help of a man-in-the-middle attack and turn it into another encrypted data record. When the colleague opens the mail, he may then read: “You are an underground colleague”. In practice, the encryption systems of the e-mail providers usually reliably prevent such attacks – various measures guarantee the integrity of the data, provided that the algorithms and their implementation are free from bugs. If this is not the case, errors can find their way into the encrypted data sets or the results during the analysis. Homomorphic Encryption then makes it particularly difficult to discover such errors.
A practical example of homomorphic encryption is – at least in part – the RSA cryptosystem. This uses the so-called “padding” function to minimize the effects of “malleability”. Message authentication checksums such as MD5 or SHA also help to maintain data integrity.
Homomorphic encryption methods
As a sub-category of mathematics, cryptography relies on numerical values: The encryption and decryption of data is a series of complex numerical calculations. There are three different types of Homomorphic Encryption:
- Partially Homomorphic Encryption (PHE) allows any type of mathematical operation (e.g. multiplication) to be applied to an existing data set without limits.
- Somewhat Homomorphic Encryption (SHE) allows multiple uses of addition and multiplication methods on a data set.
- Fully Homomorphic Encryption (FHE) enables the unlimited use of different mathematical methods on a data set – but with significantly worse performance.
Each of these approaches has a different focus in terms of performance, utility and level of protection. The current developments in the field of homomorphic encryption try to find an optimal solution by balancing PHE, SHE and FHE.
Homomorphic Encryption – Use Cases
The provision of personal data is a challenge in regulated industries such as health and finance. One of the security measures implemented in these industries is storage encryption – which in turn creates new challenges when user data first has to be decrypted to gain insights to generate them.
Predictive analytics can, for example, help doctors determine therapy methods for patients based on data. If homomorphic encryption is used, the patient data does not have to be decrypted. Instead, the analytics algorithms work with the data in encrypted form and also provide the analysis results in an encrypted form.
The same use case could also be extended to online advertising: The restrictions of the GDPR make it difficult to deliver personalized advertisements if data protection is to be guaranteed at the same time. Homomorphic Encryption enables the generation of analytical insights based on encrypted user data – while fully maintaining the confidentiality of the data.
Outsourced cloud storage
Outsourcing data storage can be an effective strategy for reducing labour costs and “getting rid of” data centre maintenance tasks. In some cases, it may also be necessary to outsource databases as part of a certain project for legal reasons – think of WikiLeaks, whose servers are in Sweden.
The data in such outsourced environments is of course encrypted. A problem usually arises when encrypted data needs to be added or modified. With the help of homomorphic encryption, data can be securely stored in the cloud, while calculations and analyzes are still possible. Ideally, only the owner of this data has the opportunity to decrypt it (and also the analysis results).
If you feel like experimenting with homomorphic encryption: There are numerous open-source implementations of homomorphic encryption available on the internet.Tagged With Author: Author: homomorphic encryption language:en