Hacker Lexicon: What Is Homomorphic Encryption?

The problem with encrypting data is that sooner or later, you have to decrypt it. Keep your cloud files cryptographically scrambled using a secret key that only you possess, and its likely no hacker will have the codebreaking resources necessary to crack them. But as soon as you want to actually do something with those filesanything from editing a word document or querying a database of financial datayou have to unlock the data and leave it vulnerable. Homomorphic encryption, a still-mostly-theoretical advancement in the science of keeping secrets, could change that.

A homomorphic encryption scheme is a crypto system that allows computations to be performed on data without decrypting it. A homomorphically encrypted search engine, for instance, could take in encrypted search terms and compare them with an encrypted index of the web. Or a homomorphically encrypted financial database stored in the cloud would allow users to ask how much money an employee earned in the second quarter of 2013. But it would accept an encrypted employee name and output an encrypted answer, avoiding the privacy problems that usually plague online services that deal with such sensitive data.

Plenty of encryption schemes allow partial homomorphic encryption; That is, they let users perform some mathematical functions on encrypted data, but not others. In 2009, however, IBM researcher Craig Gentry came up with the first fully homomorphic encryption scheme. He compared the system to one of those boxes with the gloves that are used to handle toxic chemicalsAll the manipulation happens inside the box, and the chemicals are never exposed to the outside world.

Unfortunately, Gentrys method also adds immense computational requirements to computational tasks that would be simple with unencrypted data. With his original scheme, a Google search would take about a trillion times longer using his process. He estimated that it would be a decade or more before the scheme became practically usable.

But that scheme has been slowly improving. Gentry now says that it with recent tweaks to his method, fully homomorphic encryption would multiply the computing time necessary for a function by roughly a millionhalf as many zeroes as five years ago. That puts him more or less on track with his 2009 road map. And last month, Gentry was awarded the MacArthur genius grant for his crypto research. With $625,000 in Gentrys pockets and users clamoring for better encryption in online services, practical homomorphic encryption could be unlocked in the not-so-distant future.

Hacker Lexicon is WIREDs explainer series that seeks to de-mystify the jargon of information security, surveillance and privacy.

More here:
Hacker Lexicon: What Is Homomorphic Encryption?