Homomorphic cryptography is a branch of cryptography that allows calculations to be performed on encrypted data without first decrypting it, thus ensuring the security of external processing of sensitive information such as personal data, health data, financial data or electronic voting.
Encryption is said to be “homomorphic” (of the same shape), because decoding the result of an operation performed with encrypted data gives a result identical to the operation performed on this same unencrypted data. The advantage of this encryption method in particular is to solve the security problems associated with the outsourcing of accounts related to sensitive data, at a time when the number of cyberattacks against cloud computing players is increasing every year.
Although the concept was born in the 1970s, it took nearly forty years for Craig Gentry, an American computer scientist, to propose in 2009, in his doctoral thesis, the first completely symmetric encryption system (Full symmetric encryption, FHE). The code is said to be “completely homogenous” because it supports addition and multiplication an arbitrary number of times. This is the principle upon which encryption is based.
As Laria Schelotti explained in her doctoral dissertation on the subject, which she defended in 2018 at the University Paris-Saclay, “In all proposed isomorphic coding schemes, the ciphers contain a small amount of noise, which is necessary for security reasons. When performing calculations on “noisy” numbers, the noise increases, and after a certain number of operations is evaluated, this noise becomes very large, and if not are controlled, they may endanger the result of the calculations ». The innovation proposed by Craig Gentry is based on an idea “boot”which according to him consisted of “Updating” the encrypted message without decoding it with noise reduction.. Since 2009, four generations of homomorphic encoders have been proposed, dating the most recent to 2016, in particular to improve decryption processes, the time-consuming nature of which has prevented any practical application.
Take, for example, a research program that must perform calculations on sensitive medical data, such as biometric data, but does not have enough computing power. The team responsible for this program would like to perform these calculations on EuroHPC, the pan-European supercomputer infrastructure (see there m No. 45 p. 16). In the traditional asymmetric encryption scenario, the research team encrypts sensitive medical data with a public key to send it to EuroHPC. This same data will then be decrypted using a private key entrusted to the supercomputers. Finally, the results of the calculations, as well as the data, will be encrypted again before being sent to the research team. Although the data is well encrypted when transmitted, on the other hand, accounts relate to data in clear text, which is particularly risky, even prohibited by applicable legislation.
The research team’s end-to-end secure solution is to use symmetric cryptography to encrypt sensitive medical data using a public key sent to EuroHPC. Supercomputers will then perform the required calculations on this unencrypted data, while the results are decrypted by the research team using a private key. Thanks to symmetric encryption, the data on which EuroHPC has performed calculations will remain encrypted throughout the procedure, without any change in the results, the responsibility for decryption of which rests solely with the initial sponsor.
Electronic voting provides another example of the use of symmetric encryption. A traditional in-place electronic voting system collects participants’ votes, pre-coded, which are then decoded and then added together to calculate the voting results. Thus, counting presents a risk of fraud as the data is decrypted to perform the vote count. A symmetric-based electronic voting system encrypts the vote as soon as it is entered and sends the data to a server where additions are then made, without the need to decrypt the data.
Some obstacles still prevent widespread use of this style of encryption, notably significant slowdowns in computation time performed on encrypted data. In 2009, this computation time could be a billion times greater than the time required for unencrypted data. However, the diversity of possibilities for the application of isomorphic encoders arouses strong interest from researchers and companies, such as the French company Ravel Technologies, created in 2018, in which about fifteen mathematicians are working exclusively to optimize this processing time. In January 2023, the company announced that it had developed a new fully symmetric cryptographic system with extremely fast processing time. Mahdi Sabigh, head of the company, explained this occasion in columns exhibition that, “In this process, the encrypted message contains noise that increases as processing progresses and that must be managed. Our solution saves four orders of magnitude in performance. To the point of making homomorphic encoding effectively usable in applications that require processing large amounts of data with low latency too, like automated advertising for example.”.
Homomorphic encryption also responds to the issue of digital sovereignty. the Hypercontracture – Infrastructure providers are responding to the growing needs of big data – Other players in the cloud are Americans and Europe will likely not be able to catch up on this important market. However, when a foreign company entrusts unencrypted data to a US representative, the US government can, under the Foreign Legal Use of Data Clarification Act, known as the Cloud Act, passed in March 2018, compel that representative to communicate personal data stored on its servers. in the United States or in a foreign country, even if such legislation conflicts with the General Data Protection Regulation (RGPD) in Europe (see there m No. 42-43 p. 21).
Homomorphic cryptography would circumvent these territorial limits of US law by making it possible to entrust primary US cloud service providers with encrypted data that makes others unable to use it, except for its owner.
sources:
- “Exactly Symmetric Encryption Using Perfect Synapses,” Craig Gentry, Ph.D. thesis, Stanford University and IBM Watson, 2009.
- “homomorphic encryption,” Ely, linuxfr.org, 13 Jan. 2014.
- “Towards the efficiency and security of symmetric cryptography and cloud computing”, Ilaria Schelotti, PhD thesis in computer science defended at the University Paris-Saclay (ComUE), as part of the Doctoral School of Communication Sciences and Technology, in partnership with the Versailles Mathematical Laboratory (LAM) and the University of Versailles-Saint-Claude Quentin-en-Yvelines (Record Operator Foundation), theses.fr, May 17, 2018.
- ” [Cahier Technique] Symmetric encryption, the art of sharing without disclosure”, Renaud Cerdi, Arnaud Griffith-Siebert, Cedric Joy-Piller, usinenouvelle.com, July 21, 2022.
- “Understanding symmetric encryption”, Gaetan Raoult, lemagit.fr, October 7, 2022.
- “The Promises of Symmetric Encryption for the Handling of Private Data,” Clementine Lorenz, lemonde.fr, January 4, 2023.
- “Innovation: This French startup revolutionizes symmetric cryptography,” Marc Endwild, latribune.fr, January 27, 2023.
