Imagine you could make valuable healthcare data available for research without actually revealing the data. Or what if you could submit and tally online votes with complete privacy and end-to-end verifiability? Wouldn’t computing be far simpler if data could remain safely encrypted while calculations were performed? Yes, it would! And that’s what homomorphic encryption facilitates.
What exactly is homomorphic encryption and why should we be excited about it?
Most data is (hopefully!) transmitted and stored in an encrypted format. This is an essential level of protection for all data (like emails and even WhatsApp messages), but it is especially critical for our most sensitive and personal data like health, financial, and banking records.
However, data isn’t only just stored and transmitted. It is also used to perform transactions, analyze trends, or even create tailored advertisements. Homomorphic encryption makes it possible to perform computations and analysis on and even make changes to encrypted data without first having to decrypt it. This ensures the utmost utility for valuable data while simultaneously maintaining the utmost privacy.
There are three types of homomorphic encryption
There are three different types of homomorphic encryption and each one places more or less emphasis on one of three factors: performance, utility, or protection. Let’s take a closer look:
- partially homomorphic encryption (PHE) – makes it possible to perform (only!) one computation (e.g. addition OR multiplication) on encrypted data. However, it can be performed multiple times.
- somewhat homomorphic encryption (SHE) – makes it possible to perform multiple computations (e.g. addition AND multiplication) on encrypted data, but only a limited number of times.
- fully homomorphic encryption (FHE) – all kinds of computations can be performed an infinite number of times.
FHE benefits and use-cases?
We already know that data is constantly being tracked, collected, stored, and analyzed. Every time we search for an Italian restaurant in our neighborhood, our search data along with our location and device specs are being tracked and stored. Every time we track our workouts using smart devices, our workouts, location, and even sensitive health data are collected and stored. FHE would make it possible for our apps and services to use all this data without actually being able to read the values. Because they would remain encrypted but still accessible.
FHE in particular has enormous potential when it comes to data in the cloud. For example, users who choose to outsource data storage to the cloud still need to be able to e.g. analyze or edit it. Currently, data primarily has to be decrypted before any computations can be performed on it. And while it is decrypted, it is vulnerable to hacking. By using FHE to eliminate the decryption step, data privacy can be guaranteed.
Beyond protecting data from hacking, FHE makes it possible to tap the potential benefits of personal data without sacrificing data privacy. Since FHE makes it possible to utilize data without explicitly revealing the data, its application opens up new avenues for research and development. Avenues that would otherwise be hampered by stringent data protection regulations like GDPR. If personal health data is protected with FHE, it could easily be made accessible to researchers in the medical field. Researchers would be able to analyze the values in the data without actually seeing the values themselves. For example, predictive analysis could be performed by applying algorithms to encrypted data that detect patterns. This could facilitate the diagnosis of illnesses, disease prediction, and relapse or recurrence prevention.
Furthermore, FHE does not affect the results returned when computations are performed on encrypted data. The results are the same as those of analysis performed on decrypted data. This is especially important when FHE is used in banking, where the reliability and credibility of calculations are crucial to maintaining trust, or e-voting, where democracy would otherwise be called into question.
The future of homomorphic encryption
Going forward, it will be essential for homomorphic encryption to be standardized. Since this technology is especially beneficial when it comes to accessing cloud data, it must also function in a multi-cloud environment. There are already countless cloud providers. And the number is on the rise. Similar to the concept of data portability, data has to be transportable and accessible in different cloud environments so that it can be securely exchanged between different providers. Not being able to apply computations to FHE-protected data across different clouds would make the technology futile.
Homomorphic encryption resolves the dilemma created by the need to ensure data privacy and the need for detailed analysis. And it makes it possible to truly benefit from the wealth of amassed data without forfeiting personal privacy.