Infosys experts share their views on how digital is significantly impacting enterprises and consumers by redefining experiences, simplifying processes and pushing collaborative innovation to new levels

« Contextual Data Generation for Secure Quality Assurance | Main

Is Homomorphic Encryption a game changer in the Data Privacy Space?

Homomorphic Encryption (HE):

 

                "Homomorphic encryption is one form of encryption that allows computations to be executed on ciphertexts and the encrypted output obtained will be same as the encrypted result of computations performed on the plain text."

In other words, we can encrypt some data and then perform any operation on encrypted data. The result of operation if decrypted gives the data result which would be identical to the result which we get if we had performed the said operation on plain text.

A public key is used to encrypt data using Homomorphic encryption, this encrypted data can only be unencrypted using a private key. Whoever owns the private key has access to unencrypted data.

 

Why do we need Homomorphic Encryption?

 

Nowadays most major industries are taking help from cloud-based service providers to help support their data storage and other various services like computation on data or analyzing the data etc. Now, this data that is on the cloud might contain sensitive or personal information (PII) that needs to be kept private. Now on the cloud, there is always a risk of data leakage or data hack which depends on the level of security the cloud provider is having.

To facilitate these situations, data on the cloud are mostly stored in encrypted form. If there is an arithmetic or logical operation to be applied on the data which resides on the cloud, the data first has to be fetched back, Decrypted, and apply the computation.

Now, this creates a risk of data leakage again at the computation or maybe in-transit back to the cloud. If the PII or any sensitive data gets leaked anywhere the organization must bear all the blames and associated penalties etc if it is obligated to follow strict regulations like GDPR, CCPA and HIPAA. Now that's where the idea of Homomorphic encryption came in the picture. 

 

HE is a type of encryption that does not need to decrypt the data before you using it. This also ensures that the data integrity and privacy taken care off while the data can still be processed.

 

In other words, HE can enable individuals or a third party to use the encrypted data without having access to OR knowing the actual contents of the encrypted data.

 

Homomorphic Encryption (HE) types

 

The main difference between variations of HE algorithms is the ability to cater to various Mathematical OR Analytical operations performed on the encrypted text and no of times they can be applied,

Partially Homomorphic Encryption (PHE)

               In PHE, it allows only one mathematical operation to be performed on cyphered data while keeping the sensitive data confidential.

Somewhat Homomorphic Encryption (SHE)

                SHE supports limited number of computations up to certain level of complexity but can be performed only limited number of times (Addition and Multiplications are few example)

Fully Homomorphic Encryption (FHE)

                FHE allows multiple computations on the cyphered data, also the type of computation that can be applied are unlimited.

Pros

1.       Security of Data that is stored in the Cloud: Using HE, the data stored in the cloud can be secured, while also be able to perform calculations and also search for ciphered text that can be later decrypted without losing the originality of the data.

 

2.       Data Analytics: HE encrypts data and thus this data can be outsourced to third party for statistical analysis, research and third party sharing purposes while privacy of the actual subject is protected. 

Cons

One of the major drawbacks of HE is that it comes at the expense of speed. The computation overhead on HE data is higher than that is of doing on plain text.

Conclusion

1.       The concept of HE is convincingly essential in implementation in today's environment where data privacy is one of the main concerns of any industry.

2.       HE ensures we get the advantage of leveraging computation on data at the same time ensure that the data is secure.

3.       It is a good idea to leverage HE algorithms to ensure your data is secure on Cloud. Thus, you can take the advantage of storing the data in cloud with lower cost and be able to provision that data whenever needed.


Author: Mustafa Saeed

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.