SoylentNews is people
SoylentNews
The topics of security and data have become almost inseparable as enterprises move more workloads to the cloud. But unlocking new uses for that data, particularly driving richer AI and machine learning, will require next-generation security.
To that end, companies have been developing confidential computing to allow data to remain encrypted while it is being processed. But as a complement to that, a security process known as fully homomorphic encryption is now on the verge of making its way out of the labs and into the hands of early adopters after a long gestation period.
Researchers like homomorphic encryption because it provides a certain type of security that can follow the data throughout its journey across systems. In contrast, confidential computing tends to be more reliant upon special hardware that can be powerful but is also limiting in some respects.
Companies such as Microsoft and Intel have been big proponents of homomorphic encryption. Last December, IBM made a splash when it released its first homomorphic encryption services. That package included educational material, support, and prototyping environments for companies that want to experiment.
[...] With FHE, the data can remain encrypted while being used by an application. Imagine, for instance, a navigation app on a phone that can give directions without actually being able to see any personal information or location.
Companies are potentially interested in FHE because it would allow them to apply AI to data, such as from finance and health, while being able to promise users that the company has no way to actually view or access the underlying data.
While the concept of homomorphic encryption has been of interest for decades, the problem is that FHE has taken a huge amount of compute power, so much so that it has been too expensive to be practicable.
But researchers have made big advances in recent years.
[...] Maass said in the near term, IBM envisions FHE being attractive to highly regulated industries, such as financial services and health care.
"They have both the need to unlock the value of that data, but also face extreme pressures to secure and preserve the privacy of the data that they're computing upon," he said.
But he expects that over time a wider range of businesses will benefit from FHE. Many sectors want to improve their use of data, which is becoming a competitive differentiator. That includes using FHE to help drive new forms of collaboration and monetization. As this happens, IBM hopes these new security models will drive wider enterprise adoption of hybrid cloud platforms.
(Score: 2) by DeVilla on Sunday April 11 2021, @03:52PM (1 child)
Performing an operation on 2 encrypted values should get you a third encrypted value. I would assume you can also perform operations on an encrypted value and a non-encrypted value to produce an encrypted value. So I don't know how much money is in the account, but I know I need to decrement it by 1.
I would also assume I can compare 2 encrypted values. So I may not know the account ID or the ID of the account the transaction applies to, but I can compare the encrypted values and know the records need to be processed together (to subtract the amount from the transaction (which I don't know) from the account balance (which I also don't know)).
Now assume I have 2 encrypted values. cval1 & cval2. And I have a loop like so
int i = 0;
while ( cval2 - cval1 != cval2 - i ) {
i++;
}
When the loop exits i must be equal to cval1. Swap cval2 & cval1 to find cval2.
Even if all values must be encrypted, you can dig through the encrypted data looking for a one (eval1 times any eval2 equals eval2, then eval1 is one) and a zero (eval1 plus any eval2 equals eval2, then eval1 is zero). Once you've found those you use a modified version of the loop above.
If there is no way to compare to values for equality, then you are seriously limited on the useful computation you can do.
Actually, once I know the encrypted form of zero & one, I can calculate any other value I like.
int encrypt(int val){
int cval = cZero;
for(int i = 0 ; i cval ; ++i){
cval = cval + cOne;
}
return cval;
}
(Score: 0) by Anonymous Coward on Tuesday April 13 2021, @11:18PM
You need to read up on homomorphic encryption. It doesn't work like that. For one thing you are seemingly assuming a simple substitution cipher with 1:1 correspondence between ciphertext and plaintext. You also don't seem to understand that the operation for subtracting two encrypted values is different from the operation for subtracting an encrypted value and a non-encrypted value. Doing a comparison like that doesn't work in the way you think. In fact, there are an unknown number values of your ciphertext that will cause that loop to exit and, if they do exist at all, they aren't all equal to i when the loop exits. I know it sounds weird, but it doesn't take a mathematician to understand the ramifications of E(x) + E(y) == E(x) + y but it does take quite a few to design something like this.