So what’s this then?

Homomorphic encryption – sounds like something from Dr. Who, doesn’t it? It isn’t, but its roots go back nearly as far. In a nutshell, it allows a cloud provider to perform computations on data that you have encrypted yourself without giving the supplier the crack key.

The data can be converted into a code using a cipher system which a third party then performs calculations on, producing a coded result which is then sent back to the data owner to decipher and use. Thus, you can still get outsourced services performed on your data while it remains a secret, even from the organisation hosting and working with your data.

Sounds simple...

Yeah. It really isn’t. In fact it’s fiendishly difficult. Establishing a system which allows you to perform multiple additions and multiplications consistently seems to have been an extremely arduous task – so much so that it took 30 years of geniuses fiddling with it before they even worked out whether it was properly possible or not.

Even when they did work it out, fully homomorphism encryption creates a lot of problems which render it unsuitable to be used as an efficient, practical day-to-day business solution. One of the problems is that the ciphers are extremely long and complex, meaning calculations take too long. Similarly, the amount of compute power needed is extraordinary.

The main problem, though, is that when you swap some numbers for larger ones and then continually perform calculations upon them you start to encounter margins of error (or ‘noise’) which throws the result when it is deciphered back to its original form.

So it’s just a pipe dream then?

No, not any more, the pipe dream has become reality and is increasing in scope apace. There have been a number of breakthroughs in what’s being called ‘somewhat homomorphic encryption’. This enables you to perform calculations small enough that the noise doesn’t reach a level where it creates problems. There are a number of applications for this – mostly using only additions or just one multiplication, such as working out mean averages, calculating standard deviation or performing predictive analysis.

Then, a couple of years ago, a man called Craig Gentry produced a thesis at Stanford University. He realised that you could perform several rounds of somewhat homomorphic encryption in order to make up fully homomorphic encryption. His idea is that the computer performing calculations does so until it reaches the point where an error could occur. Then, ‘refresh’ the encryption by creating a second key of the data and then repeat the process until all of the calculations you need to do have been performed.

The only problem now is the amount of computing power it uses. Gentry suggest it will take a computer a trillion times the amount of effort to work with homomorphic encrypted data than it would with plain text. It’s all to do with the formulas apparently, but the experts promise they are working on it and they seem confident.

Could anything go wrong?

Well, you could lose your key. Then you’d be in trouble. Because the whole reason you would be performing homomorhic encryption is because you don’t want the cloud supplier to hold it in case it is breached. But you can adopt key management systems and best practice to help with this.

Sign me up then. How do I do it?

Pass.

Bored now, what’s the point again?

To reiterate, the point is you’ve now got one less barrier to cloud adoption – if your data is so sensitive, or your governance so stringent, that not even accredited personnel at a major cloud supplier can see it yet you still need to work with the data, you can now – or will soon be able to – merrily do so with homomorphic encryption.

So where can I find out more?

See this paper – ‘Can homomorphic encryption be practical?’ by a collection of Microsoft Researchers who are experts in the field and have devised formulas themselves. It has real world use-cases of somewhat homomorphic encryption

Alternatively, Craig Gentry’s dissertation is available here.

If you’re well versed in maths, these should be pretty accessible. Otherwise, don’t attempt it unless you're firing on all cylinders.