Homomorphic encryption is a form of encryption that **allows computations to be performed on encrypted data without first having to decrypt it.** The resulting computations are left in an encrypted form which, when decrypted, result in an output that is identical to that produced had the operations been performed on the unencrypted data. Homomorphic encryption can be used for **privacy-preserving outsourced storage and computation.** --- ### Why is it interesting? When a fully homomorphic cipher emerges that does not accumulate errors in the process, it will be possible to significantly reduce the risk of leakage of confidential data. It will be possible to store large amounts of data permanently in encrypted form and change them without decrypting. In the case of a leak of a large file or database, it will not be compromised. - Useful in many situations where data privacy is critical, like in cloud computing, where you want to **perform operations on your data but you don't want the cloud provider to see your data.** - Homomorphic encryption allows you to **keep your data encrypted (and therefore secure) while still being able to work with it.** --- ### Homomorphic encryption schemes They allow computations to be performed on encrypted data without decrypting it first. There are different types of homomorphic encryption schemes based on the **operations they support and the level of security they provide**. few major types: 1. **Partially Homomorphic Encryption (PHE)**: These are encryption schemes that support either addition or multiplication, but not both. One of the most famous examples is the RSA cryptosystem, which is multiplicatively homomorphic. 2. **Somewhat Homomorphic Encryption (SHE)**: These encryption schemes can handle both addition and multiplication but only to a limited extent. The problem with this approach is that every operation introduces a little bit of noise, and if too many operations are performed, the noise can grow too large and prevent the decryption of the data. 3. **Fully Homomorphic Encryption (FHE)**: In a fully homomorphic encryption scheme, an unlimited number of both addition and multiplication operations can be performed on the encrypted data. The first FHE scheme was proposed by Craig Gentry in 2009. Since then, numerous optimizations have been made to make FHE more efficient and practical. 4. **Levelled Fully Homomorphic Encryption (LFHE)**: This is a variant of FHE where the maximum number of computation levels (i.e., the depth of the computational circuit) is fixed in advance. LFHE schemes are typically more efficient than FHE schemes but less flexible. These different schemes are used in different scenarios, depending on the computational requirements and the level of security needed. The choice of scheme is a **trade-off between computational efficiency, error (or noise) management, and the complexity of the operations** that need to be performed on the encrypted data. --- ### Exploration Can a quantum computer correct errors in a homomorphic cipher? Will encryption on a quantum computer be faster than on a normal computer? #### Benchmarks How does one know what good looks like? Performance varies depending on: - Hardware used - Encryption scheme used - Size of encryption keys - Level of security provided Eg. - Homomorphic Encryption Standardization project's API - Homomorphic Encryption Evaluation Framework (HEEF) - [SHEEP is a Homomorphic Encryption Evaluation Platform](https://github.com/alan-turing-institute/SHEEP) - [HEBench](https://hebench.github.io/about_hebench.html) --- ### Noise Budgets Homomorphic encryption schemes are complex and often introduce a certain level of noise or error into the encrypted data. When you perform operations on encrypted data, this noise or error can increase. For example, with every addition or multiplication operation on encrypted data, the amount of noise associated with the data increases. If the computations are very complex or involve many steps, the noise level can become so high that it prevents correct decryption. To manage this, there is usually a threshold, referred to as the "noise budget." As long as the noise stays within this budget, the data can still be decrypted correctly. But if the noise exceeds the threshold, it results in decryption errors, meaning the decrypted data won't be the same as the original data. So, **error in homomorphic encryption is really about managing the noise level that can accumulate from performing multiple computations on encrypted data.** Proper noise management and selection of encryption parameters are critical to preventing these errors and ensuring that the homomorphic encryption scheme works correctly. ---- ### Existing Solutions 1. **IBM** - IBM has been researching homomorphic encryption for several years. They have developed the open-source library called HElib, which is designed for homomorphic encryption. 2. **Microsoft** - Microsoft Research developed SEAL (Simple Encrypted Arithmetic Library), another open-source library designed for performing arithmetic operations on encrypted data. 3. **Inpher** - Inpher's XOR Secret Computing® technology enables analytics and machine learning on encrypted data, providing solutions for privacy-preserving computations. 4. **Duality Technologies** - This company offers advanced cryptographic solutions for secure data analysis and collaboration, including homomorphic encryption. 5. **Zama** - Zama offers a solution for running end-to-end encrypted deep learning models. They utilize homomorphic encryption for secure computation on encrypted data. 6. **Nucypher** - Nucypher offers a decentralized key management system that uses homomorphic encryption and proxy re-encryption to protect data. ---- [[Cryptography MOC]] #tq