Encryption may not seem sexy, but it’s never been more important.
While it may sound dry, it marks a step forward in practical uses of HE, which lets multiple actors conduct data analysis on a variety of datasets while keeping that information encrypted and protecting things like personally identifiable information.
“HE is relevant for any industry dealing with highly sensitive data, such as health care and the financial services industry, but other regulated industries such as telecom, insurance and academic research that involves personal data, can also benefit from HE applications,” said Dr. Alon Kaufman, CEO and co-founder of Duality, in an email.
“In financial services industries, HE can facilitate privacy-enhanced, collaborative financial crime investigations across firms and legislations, by enabling institutions to share information and insights while complying with privacy regulation.”
What is homomorphic encryption?
HE lets math calculations be done on data in its encrypted form. The result of the calculations is also encrypted, but when the result is decrypted it is identical to the result had the data not been encrypted in the first place.
So if data is sent to a commercial cloud, large-scale analysis can be done on it without putting sensitive information such as people’s medical or financial information at risk.
In encryption, plaintext is converted to ciphertext, or its encrypted form. Ciphertext can be converted back to plaintext, but only by certain parties possessing a secret key that decrypts the information using that secret key.
In traditional forms of encryption, data is only protected in storage and during communications. In the case of HE, which is named for homomorphisms in algebra (or the ability to mirror the operations on one algebraic structure with operations on another), analysis can be done without access to that secret key which would decrypt the information.
When thinking of HE, said Kaufman, imagine placing the pieces of a jigsaw puzzle, representing your data, in a box. Then you lock that box using encryption and hand it to somebody else. This person is actually able to assemble the puzzle (run analytics on your data) without unlocking the box and seeing the pieces, because the box is still encrypted. You then receive the box back and unlock it to see the assembled puzzle, or the encrypted results that you then decrypt.
“In this way, Homomorphic Encryption enables computations, including advanced analytics and Machine Learning, on encrypted data, assuring data privacy throughout the analytics cycle,” said Kaufman in an email to CoinDesk. “Homomorphic Encryption allows multiple parties to collaborate on data without seeing each other’s data assets, thus generating valuable insights from them.”
Why homomorphic encryption matters now
In a world where privacy concerns are advancing, particularly amid the pandemic, and disparate privacy laws are resulting in countries revoking some form of data access to others, tools like HE could give companies a way to get data insights without creating the potential not just for non-compliance, but also for big data abuse that has driven concerns about Big Tech.
Earlier this year researchers showed how HE can enable analysis on genomic data in such a way that it preserves data privacy. Such analysis can help us understand complex or novel diseases, such as COVID-19.
Duality piloted SecurePlus Statistics at the Tel Aviv Sourasky Medical Center in Israel where it was used to analyze data regarding the prevention, diagnosis and treatment of cancer studies while protecting personal health information.
Numerous proposals have also been written for how HE could benefit blockchain-based projects. One paper, published in 2019, proposed using HE to protect sensitive data generated from the ever-expanding internet of things (IoT).
“Previous blockchain-based IoT systems have issues related to privacy leakage of sensitive information to the servers as the servers can access the plaintext data from the IoT devices,” reads the abstract. “So, we present the potential of integration of blockchain based-IoT with homomorphic encryption that can secure the IoT data with high privacy in a decentralized mode.”
Another proposal, published earlier this year, experimented with applying blockchain technology in edge computing to improve edge computing’s performance of secure storage and computation. The researchers introduced HE as a way to ensure the “noncorrelation, anonymity and supervision of identity privacy in blockchain systems,” and found promising results they said would lay the groundwork for future research.
“Privacy-preserving data collaboration – even among competitors – is also important in solving other global challenges, such as fighting different types of cyber and financial crimes that are committed by increasingly sophisticated global networks,” said Kaufman.