By: Lawrence King
June 28, 2017
A Brief Introduction to Fully Homomorphic Cryptosystems
By: Lawrence King
June 28, 2017
Recently, I completed a course through MIT Professional Education in Cybersecurity. During the course, we discussed many concepts, best practices, and policies in the field of cyber security. We also discussed the research being performed at MIT in the area of cybersecurity. One of the concepts that stood out was that of Fully Homomorphic Encryption. Fully Homomorphic Encryption allows data to be read, modified and saved without being unencrypted (Greenberg, 2017).
This concept was originally introduced by Dr. Ronald Rivest one of the professors at MIT back in the 70’s. Although they had a concept, they had many problems to overcome that were not solved until 2009 by Craig Gentry at Stanford University while he was a Ph.D. Candidate. Through his research, he was able to create a model for the first ever Fully Homomorphic Encryption Scheme (Gentry, 2009).
One of the biggest problems with current encryption methodologies we use is that in order to work with the data you at some point must decrypt the data. While the data is decrypted it is vulnerable to be read or modified through malicious means (Greenberg, 2017). By using Fully Homomorphic Encryption Schemes the data can be read, modified and saved all without ever becoming unencrypted which improves security. (Gentry, 2009).
One area where Fully Homomorphic Encryption could be very useful is in the area of cloud computing. This could create a more secure cloud-based infrastructure and make cloud computing much more secure than it is today (TEBAA & EL HAJII, 2013). The current issue with Fully Homomorphic Encryption is the overhead on current systems. Operations done in a Fully Homomorphic cryptosystem are very processor and memory intensive causing computer systems to take much longer to compute and send results due to the overhead of the mathematical computations needed for this type of encryption (Gentry, 2009).
At this point in time, the technology is not practical because of the overhead. If we can solve the issues of computing speed or the overhead involved in this type of cryptosystem, developers could start implementing this technology and it could greatly improve our current state of security in cloud computing and in web-based services or anywhere security is an issue. You can find more information on this topic by reading Craig Gentry’s journal article: https://www.cs.cmu.edu/~odonnell/hits09/gentry-homomorphic-encryption.pdf
Gentry, C. (2009). Fully homomorphic encryption using ideal lattices. Proceedings of the 41st annual ACM symposium on Symposium on theory of computing - STOC 09. doi:10.1145/1536414.1536440 Retrieved June 15, 2017 from https://www.cs.cmu.edu/~odonnell/hits09/gentry-homomorphic-encryption.pdf
Greenberg, A. (2017, June 03). Hacker Lexicon: What Is Homomorphic Encryption? Retrieved June 15, 2017, from https://www.wired.com/2014/11/hacker-lexicon-homomorphic-encryption/
TEBAA M. and EL HAJII S. (2013). Secure Cloud Computing through Homomorphic Encryption Retrieved June 15th, 2017, from https://arxiv.org/ftp/arxiv/papers/1409/1409.0829.pdf