It is now a preference for Organizations to not only store their data in the cloud but also to move the computation of the data to the cloud instead of handling it themselves. Cloud Service Providers (CSPs) will offer to provide these services at an affordable cost and with low maintenance. But to ensure compliance and retain privacy, organizations need to transfer the data in an encrypted format, which does ensure the confidentiality of the data. However, once the data reaches the cloud, the CSP has to decrypt the data to perform the computation. While traditional encryption can be used to privately outsource data storage to the cloud, the data cannot be used for computations without first decrypting it. Homomorphic encryption solves this problem, as it allows the cloud service to perform the computations while protecting the customer’s data with a state-of-the-art cryptographic security guarantee.
In this article we will cover What is homomorphic encryption its use cases.
What Is Homomorphic Encryption?
The purpose of data encryption is to protect the confidentiality of data as it is at rest and stored on computer systems or intransit as it crosses the internet or other computer networks. A homomorphic cryptosystem is like other forms of public encryption in that it uses a public key to encrypt data and allows only the individual with the matching private key to access its unencrypted data. The word “homomorphic” is Greek for “Same Structure,” as homomorphic encryption uses algebraic systems to encrypt data and generate keys, allowing authorized individuals to access and edit encrypted data without having to decrypt it.
There are three main types of homomorphic encryption. The primary difference between them boils down to the types and frequency of mathematical operations that can be performed on their ciphertext. The three types include:
- Fully Homomorphic Encryption
- Somewhat Homomorphic Encryption
- Partially Homomorphic Encryption
Fully homomorphic encryption is the newest type. It offers the complete ability to edit and access encrypted data. “Somewhat” and “Partially” homomorphic encryption, as their names suggest, only allow for limited access to the data. They either:
- Limit the number of operations run on a data set or,
- Only allow you to run simple operations but for an unlimited number of times.
So why aren’t we using Fully Homomorphic Encryption? The catch of using this form of encryption is that its versatility comes at the expense of speed. Unfortunately, in its current state, it is impractically slow. In the encryption race, it’s running in last place. This is, in part, because it has a larger computational overhead than plaintext operations.
How It Works – Use case example
A perfect example on where Homoporphic encryption can be used effectivly is how the medical industry can handle sensitive medical records in the cloud. The hospital homomorphically encrypts its medical records and sends them to the medical researcher’s cloud computing environment. Because the data is encrypted, it is fully protected and private in the cloud. Next, the researcher will runs it analytical functions on the homomorphically encrypted data in the cloud, manipulating the data while it remains encrypted. The data will always remain encrypted until the researcher downloads the encrypted output and decrypts the result to reveal the plaintext answer. The sensitive medical record data is encrypted end-to-end, and is only decrypted when revealing the final answer behind organizational firewalls.
In an ideal world, homomorphic encryption has a multitude of practical, real-world applications —everything from electronic voting systems to analysing medical data to enabling private queries in search engines. Thanks to its remarkable security and flexibility, it has a presence in many prominent fields that handle massive amounts of sensitive data that require regular access. It’s also not limited to corporations that work with sensitive data. It has now reached a level where it’s being implemented into everyday use. The most notable recent example comes from Google Chrome and Microsoft Edge. Both browsers recently introduced homomorphic encryption for their in-browser password management tools, along with an in-browser password generator for Microsoft Edge. Chances are either you or someone you know uses one of them daily and maybe even trusts them with passwords and other login information.
You can see the desperate need for a security mechanism such as homomorphic encryption in the industry to protect the mass of data that is being transferred to the cloud. Despite its usefulness in protecting the data, because of the maturity of the technology, homomorphic encryption is not yet widely used. The algebraic processes take a significant amount of computing energy and homomorphic encryption is too slow for most large businesses to regularly implement. Though it’s a promising method for data security, it is still relatively new and will require more research and development before companies can use it efficiently.