Homomorphic encryption allows manipulation of ciphertext without decryption. It was first presented in 1978 and a fully homomorphic encryption scheme was proposed in 2009. It is crucial for secure cloud computing, but concerns remain about processing time and security. Craig Gentry’s three-step process creates a fully homomorphic encryption scheme, but it is impractical and vulnerable to ciphertext attacks. Somewhat homomorphic encryption schemes have been developed to address time constraints.
The concept known as homomorphic encryption, in which ciphertext can be manipulated and worked on without being decrypted, was first presented to the scientific community in 1978 by Ronald Rivest, Leonard Adleman, and Michael Dertouzos as a privacy homomorphism. A semantically secure homomorphic encryption scheme was developed and proposed by Shafi Goldwasser and Silvio Micali in 1982. In 2009, Craig Gentry demonstrated that a fully homomorphic encryption scheme is possible.
Rivest, Aldeman, and Dertouzos developed their theory around the fact that existing encryption and security systems severely limit the ability to do anything with data after it’s been encrypted and turned into ciphertext. Without the development of a homomorphic solution, sending and receiving data is essentially the only function that can be performed with encrypted data. The major concerns were the level of processing required to process the encrypted request on the encrypted data and whether an encryption scheme of this nature could be secure enough for practical use.
With the advent and continued expansion of cloud computing, finding a viable homomorphic encryption method is imperative. Otherwise, the risk is too high to entrust data to a cloud computing provider when that data must remain secure. If the provider has any access to the data in its decrypted form, the data can be compromised too easily. Gentry has shown that this is a viable theory, although the amount of time required for the calculations and the potential ease with which encryption can be broken are concerning.
Gentry’s system outlines how to create an encryption scheme that will allow data to be securely stored in a cloud environment where the owner of the data can use the cloud provider’s computing power to perform functions on the persistently encrypted data. It does this in a three-step process. A “bootstrapable” encryption scheme is constructed or consists of a somewhat homomorphic encryption scheme that can work with its own decryption circuit. Next, a nearly bootable public-key cryptography scheme is constructed using ideal lattices. Finally, the patterns are modified to be more simplistic, allowing them to be bootstrapped while retaining their depth.
This method creates a completely homomorphic encryption scheme, but remains relatively impractical. Homomorphic cryptography has evolved to be mostly protected against chosen plaintext attacks, but protection against ciphertext attacks remains an issue. In addition to the security issue, fully homomorphic schemas are so large and complex that time constraints have precluded their use in most applications. Somewhat homomorphic encryption schemes have been developed to at least deal with the time factor, using only the most efficient parts of a fully homomorphic encryption scheme.
Protect your devices with Threat Protection by NordVPN
