How can firms analyse data on the cloud without compromising data security and privacy? Homomorphic encryption makes it possible
In ‘locked-room’ mysteries, a crime has been committed in a room that no one could have entered, and the reader has to work out what happened. Spoiler: the room was never as secure as it seemed. And real-life data crime has, unfortunately, the same spoiler. Unencrypted data is never really secure – no matter how good the locks on the perimeter may look.
The obvious solution to that, of course, is to keep data encrypted. But what happens when you need to use it? Until recently, the need to have data in plain text to be able to analyse it was an insurmountable security problem – particularly on the cloud and when data was being shared. Now, however, firms say there is a way to have secure data sharing and collaboration: homomorphic encryption.
A leap of faith?
Homomorphic encryption has long been the holy grail of cybersecurity. IBM’s cryptography expert Craig Gentry defined it as: “[how] a third party can perform complicated processing of data without being able to see it”. The analogy Gentry gives is of a jewellery workshop with a locked box of precious materials that only the owner can open. Staff, however, can access the box using gloves to assemble the jewellery but can’t take anything out, leaving the assembled jewellery safe for the owner.
Homomorphic encryption is similar in that it lets data processors manipulate selected ‘raw materials’ such as sales figures or medical data, but keeps the plain-text data private. That is because the data doesn’t have to be decrypted to be used. Only the end result of the computation is presented in plain text. Because homomorphic encryption is mathematically and computationally very challenging, it was an intriguing theoretical discussion long before it became a practical option. And it is still in development.
“There are no theoretical limits to the computations that can be carried out using homomorphic encryption,” says Ellison Anne Williams, CEO and founder of Enveil, a company that specialises in privacy enhancing technologies. “But there are practical constraints.” In particular, homomorphic encryption is still limited in terms of the functions it can carry out and it needs a lot of processing power to run.
Why use homomorphic encryption?
Given that analysing data you can’t see seems to require both a leap of faith (at least for non-mathematicians) and significant resources, why use it? Williams says that, at Enveil, they “don’t ask clients to press the ‘I believe’ button” but provide frameworks and tools to verify the analysis and to help people understand what is going on.
The use cases are also increasingly evident. Robert Schukai, executive vice-president, technology development, fintech and new infrastructure at Mastercard (an investor in Enveil), said in the keynote address at the 2021 Secure and Private Compute Summit: “Homomorphic encryption is a phenomenally exciting technology. We see great value in querying data where it lives… Homomorphic encryption is an ideal technology when you are dealing with sensitive data that you don’t want to sling around but would prefer to leave in its location.”
Firms often need to interrogate data that is kept elsewhere. Big multinationals, for example, share information across borders. Homomorphic encryption allows them to do that while still meeting local data and regulatory requirements because what is moved around is the analysis of the data. The data itself is kept in place and remains encrypted.
Homomorphic encryption is already in use by the large firms that can afford to pay for, and value, the use cases. Williams points out, for example, that ransomware goes after data at rest, so firms are well advised to keep data permanently encrypted if they can.
On the horizon for clouds
Homomorphic encryption promises that data never has to be moved or presented in plain text. Even if there is a perimeter breach, the data is safe. But is homomorphic encryption itself a securely locked room? What about quantum computing, which is powerful enough to break many of the ciphers now in use? Williams says that even quantum computing won’t be able to crack homomorphic encryption because it doesn’t rely on factoring huge numbers.
Unsurprisingly, given the promises of the technology, the big cloud players are all active in homomorphic encryption. Microsoft, for example, offers Microsoft SEAL (which stands for simple encrypted arithmetic library) and does what it says on the tin. It is a set of ‘encryption libraries’ that helps software engineers build end-to-end encrypted services. The open-source technology aims to make homomorphic encryption ‘easy to use and available to everyone’ – not just people with a deep understanding of the complex maths.
Google launched its open-source fully homomorphic encryption library in June this year. Again, the aim is to bring everyone on board with open-source software. Google’s solution is a transpiler that turns code for “any type of basic computation… into a version that can run on encrypted data”.
Miguel Guevara, product manager in Google’s privacy team, says: “Up to our release, you needed to be expert to produce things on top of encrypted data. This tool lets any developer do it. You no longer need a PhD in the field.” However, there may still be a big gap between a library that researchers and developers use and a solution that businesses can implement. This isn’t one to try at home.
Also, Guevara says that while Google’s offer is “very good for basic things such as verifying an age in a database, or updating and changing records… we’re far away from being able to convert all applications to fully homomorphic encryption”. It’s also still cloud-based and not for ‘edge devices’ like mobile phones.
“That is mostly because the technology is still very new,” he says. “Over time, there will be a mix. For example, homomorphic encryption could be used to hold the keys to the data on a phone.”
Still, even now, homomorphic encryption promises to solve some major privacy problems as well as easing security headaches. For example, Guevara says that a database of smart devices in a home could be interrogated to produce a video snippet that provides information on the structure of the home without exposing videos of the home.
If firms – and governments – really only do have access to anonymised data that is essential to a particular, and necessary, query, it won’t just be big, cloud-based companies that get comfort from homomorphic encryption.