Encryption has many states. There’s encryption for data in transit which is typically encrypted using protocols such as HTTPS, SSL, TLS, FTPS. Data at rest – which is “data that is temporarily held in computer memory“.
Traditional encryption methods can secure data in transit and data at rest but data in use -data being processed, held in memory or analyzed by software apps- has proven harder to encrypt without reduced functionality.
This is where Homomorphic encryption comes into play. According to CBS Insights the encryption method is creating new opportunities for secure internet processes:
Startups and corporates alike are leveraging it for private database comparison, search, cloud computing, and to prevent future cyberattacks
CBS Insights
The encryption method has been touted as the answer for organizations that need to process information whilst simultaneously protecting privacy and security.
Homomorphic encryption makes it possible to analyze encrypted data without revealing the data to anyone. This is important because most other encryption methods required that data be decrypted before use which made the data vulnerable to whatever you were trying to avoid by decrypting in the first place.
For instance, when you search for a shop on the internet a lot of your data is shared with third parties:
- what you searched for
- where you were when you searched for it
- what time it was when you searched for the shop
With homomorphic encryption in place none of the above will be shared with third parties and they also won’t be able to access what results we obtain from such searches.
Homomorphic encryption has huge potential in areas with sensitive personal data such as in financial services or healthcare when the privacy of a person is paramount. In these cases, homomorphic encryption can protect the sensitive details of the actual data, but still, be analyzed and processed.
The encryption method is suited to many use cases including:
- Securing Data Stored in the Cloud
- Enabling Data Analytics in Regulated Industries e.g health care
- Improving election security and transparency
The reason why homomorphic encryption isn’t in widespread use yet is that the encryption method is still slow. According to HashedOut, this is because the method requires a larger computational overhead compared to other encryption methods.
When IBM released it’s HElib C++ library in 2016, the library reportedly ran 100 TRILLION times slower than plaintext operations (i.e other encryption methods). They’ve since made the library 75 times faster than it was but it is still painfully slow compared to less secure alternatives in the field of encryption.
“what you searched for
where you were when you searched for it
what time it was when you searched for the shop”
How is this information shared with third parties, when a person performs a search? The search engine provider does it willingly. How then is encryption relevant to this, the search engine provider could redact the information they want to keep private from the third party if they want to.
Third parties use cookies to monitor your searches and unfortunately search engines the most popular ones anyway (Google & Bing) aren’t really interested in redacting that information since they make money from advertising.
Anyway the homomorphic encryption will be used to protect much more important data than your search history so maybe that’s a bad example to begin with