Homomorphic encryption (HE) is a cryptographic technique that enables computation on encrypted data without revealing the underlying unencrypted data to the operating process. It provides a means for clients to send encrypted data to a server, which operates on that encrypted data and returns a result that the client can decrypt. During the execution of the request, the server itself never decrypts the original data or even has access to the decryption key. Such an approach presents new opportunities for cloud services to operate while protecting the privacy and security of a user’s data, which is obviously highly attractive for many scenarios.
Have you heard of functional encryption which allows a server to compute a function on encrypted data without knowing the decryption key and return the result in the clear. Therefore the server learns the result and nothing else about the encrypted data is leaked. There are possibility results but there is no practical, implementable scheme at present for general functions but there are schemes for specific functions like inner products (linear functions) and quadratics. With FHE, only the client, who has the decryption key, can learn the result so some interaction is needed for the server to learn the result. Each has their own applications.
Zero competency in cryptography, so your explanations are much appreciated.
Q: Does this mean that encrypted data (stored files, communications via messengers etc) can be scanned for keywords, without the need to decrypt the entire file/message?
Are there any prominent examples of homomorphic encryption being used at scale in production? I hunted around for some a few years ago but couldn't find any.
I've been wondering the same and finding not much. It's hard to find implementations which have technical detail describing the novel problem FHE fixes.
Biomedical research is sometimes more of a cottage industry than "at scale in production" but some think that HE can reduce cross-institution collaboration. Here is a systematic review from 2022, the Background section will give you an idea of what folks are doing or plan to do:
I’ve heard that these guys use it to run a fairly successful fund https://numer.ai/
Not an expert but my understanding is that you can vend encrypted versions of otherwise proprietary datasets semi-publicly for random data scientists to do prediction on, then translate those predictions back to the prediction space you care about (e.g. stock price).
It seems (at a very high level) for 3rd parties to be able to hook into the incoming phone call path and filter what a user might see based on data of a server they control.
I don't quite understand it (so would be happy if people could fill me in). My naive guess is that this is to prevent such a service from getting a phone number, and instead get a blob that one can work on via HME means. That seems obviously wrong though, because if I'm using this encrypted blob to look up phone # data to return (spam et al) metadata to the user, presumably I created the data set locally, so could associate the incoming blob to an actual number then.
I wonder if this has anything to do with Apple Intelligence. Maybe they can have an LLM that operates on encrypted input text without decrypting it, so that users can send sensitive information to an Apple-controlled central server without worrying about privacy issues?
The idea behind Homomorphic lib is to allow 2 basic operations (such as add, multiply) on encrypted numbers. They return encrypted numbers as well.
From those basic operations, we can build more complex functions.
That's the gist of the magic.
I'm all in until figuring out what to do with those operations. In this example, I think the scenario is straight forward. What do I do with adding or multiplying phone numbers? If I add phone numbers, what results should I expect and how do I use those post-decrypt?
I was under the impression here, that I hand you an encrypted phone number and you provide meta data back suggesting scam / known business / etc. Hence having trouble grasping how you can mathematically approach a phone number you wouldn't know to then change it.
I recognize the use-case, have you the service provide info/data back based on my query, and I don't want you to know I am receiving a call from said phone#. But what do I add to the phone number when querying you the service or what are you adding via FHE operations? Or why are you adding to the phone number that you can't know? What results from the addition when I'm decrypting, a longer phone number or additional results regarding the unknown phone number?
Separately, why would I provide this service two phone numbers to then multiply? I'm not sure the axis which would result, but the string I would expect is not a valid phone number and wouldn't result in my knowing more than before? Are there other technical aspects which cause add / multiply to be novel per implementation which isn't resulting in classical plaintext data actions?
https://www.swift.org/blog/announcing-swift-homomorphic-encr...
Intro: