/* ---- Google Analytics Code Below */

Monday, March 01, 2021

IBM Makes Encryption Paradox Practical in IEEE Spectrum

More on FHE and IBM.   From IEEE Spectrum ... 

IBM Makes Encryption Paradox Practical  in IEEE Spectrum

“Fully homomorphic” cryptography allows partial access to digital vaults without ever opening their locks    By Dan Garisto

How do you access the contents of a safe without ever opening its lock or otherwise getting inside? This riddle may seem confounding, but its digital equivalent is now so solvable that it’s becoming a business plan. 

IBM is the latest innovator to tackle the well-studied cryptographic technique called fully homomorphic encryption (FHE), which allows for the processing of encrypted files without ever needing to decrypt them first. Earlier this month, in fact, Big Blue introduced an online demo for companies to try out with their own confidential data. IBM’s FHE protocol is inefficient, but it’s workable enough still to give users a chance to take it for a spin. 

Today’s public cloud services, for all their popularity, nevertheless typically present a tacit tradeoff between security and utility. To secure data, it must stay encrypted; to process data, it must first be decrypted. Even something as simple as a search function has required data owners to relinquish security to providers whom they may not trust.

Yet with a workable and reasonably efficient FHE system, even the most heavily encrypted data can still be securely processed. A customer could, for instance, upload their encrypted genetic data to a website, have their genealogy matched and sent back to them—all without the company ever knowing anything about their DNA or family tree. 

At the beginning of 2020, IBM reported the results of a test with a Brazilian bank, which showed that FHE could be used for a task as complex as machine learning. Using transaction data from Banco Bradesco, IBM trained two models—one with FHE and one with unencrypted data—to make predictions such as when customers would need loans.

Even though the data was encrypted, the FHE scheme made predictions with accuracy equal to the unencrypted model. Other companies, such as Microsoft and Google have also invested in the technology and developed open-source toolkits that allow users to try out FHE. These software libraries, however, are difficult to implement for anyone but a cryptographer, a problem IBM hopes to remedy with its new service.           

“This announcement right now is really about making that first level very consumable for the people [who] are maybe not quite as crypto-savvy,” said Michael Osborne, a security researcher at IBM.

One of the problems with bringing FHE to market is that it must be tailor-made for each situation. What works for Banco Bradesco can’t necessarily be transferred seamlessly over to Bank of America, for example.   .... "

No comments: