Data Privacy is a big concern for governments and institutions. There are many debates about data residency, data stewardship, data ownership, and data privacy on the cloud. The introduction of acts/laws such as GDPR, CCPA, LGPD, and industry standards like HIPAA, have kept data privacy in check. Data custodians are bound by data privacy laws. That can be a real inhibitor to bringing larger data sets together, which in turn limits how much we can infer from that data. Data is encrypted at rest and in transit, but it must be decrypted to be processed on the cloud or elsewhere. So, there is a window of opportunity where data privacy can be compromised. Well, Intel Labs has been working on a homomorphic encryption standard to address this issue. However, there are some speed bumps to be tackled before the technology is ready for widespread adoption. CISO MAG had earlier reported on a related development called Federated Learning. Both are part of Intel’s Confidential Computing mission, which aims to tackle the issue related to the restrictions around data privacy.
By Brian Pereira, Principal Editor, CISO MAG
Speaking at Intel Labs Day on December 3, 2020, Jason Martin, Principal Engineer, Secure Intelligence at Intel Labs, updated the audience on Intel’s progress with Homomorphic encryption.
“Homomorphic encryption is a new cryptosystem that allows applications to perform computation directly on encrypted data, without exposing the data itself. The technology is emerging as a leading method to protect the privacy of data when delegating computation. For example, these cryptographic techniques allow cloud computation directly on encrypted data, without the need for trusting the cloud infrastructure, cloud service, or other tenets,” said Martin.
How Does Fully Homomorphic Encryption Work?
You are familiar with the concept of public and private keys for encryption and decryption. In traditional cryptography, a public key is used to encrypt the data. And a secret private key is exchanged between the two parties for decrypting it. When this processing happens on the cloud, the cloud server must have access to the secret key to unlock the data for processing purposes. Homomorphic encryption simplifies and secures this process by allowing the cloud to perform computations on ciphertext or the encrypted data. And then return those encrypted results to the owner of the data. So, the data is never decrypted at any point in time, and complete privacy is maintained, regardless of where data is stored.
Intel Labs researchers discovered that any arbitrary computation can be constructed from addition and multiplication. They also found that in fully homomorphic encryption, you can perform those basic operations on encrypted data using any algorithm of arbitrary complexity. And when you decrypt the data, those operations are applied to the plain text.
But why hasn’t homomorphic encryption gone mainstream yet? There are some technical challenges to overcome as traditional hardware and software cannot handle the huge overhead presented during homomorphic encryption.
“In traditional encryption mechanisms to transfer and store data, the overhead is relatively negligible. But with fully homomorphic encryption, the size of homomorphic ciphertext is significantly larger than plain data. In some cases, 1,000 to 10,000 times larger. This data explosion then leads to a compute explosion,” explained Martin.
As the ciphertext expands, it requires significantly more processing. This processing overhead increases not only from the size of the data but also from the complexity of those computations. And that will require significant hardware resources like memory. Current hardware cannot handle such a scale and that’s why homomorphic encryption is not already in widespread use.
“At Intel, we wanted to democratize access to this technology. To do this, we are investigating new hardware and software approaches. And engaging with the ecosystem and standards bodies,” added Martin.
The answer to these limitations lies in emerging computing technologies like Quantum Computing.
There is yet another challenge. When data sets are owned by multiple entities and stored on multiple systems, exchanging sensitive data and consolidating it for processing becomes a challenge due to privacy. Intel Labs demonstrated Federated Learning that allows multiple parties to collaborate securely with their sensitive data.
About the Author
Brian Pereira is the Principal Editor of CISO MAG. He has been writing on business technology concepts for the past 26 years and has achieved basic certifications in cloud computing (IBM) and cybersecurity (EC-Council).