Towards the end of 2020, a global software provider in the Philippines launched a service that allowed its clients to analyse data in the cloud or on third-party platforms without ever decrypting it. Companies can use fully homomorphic encryption (FHE) to create a testing environment for developing prototype applications without exposing confidential data.
Current encryption techniques protect data while it is in storage or transit, but they create a gap that exposes data to exposure and theft when it is decrypted. Although FHE is still a new technology, it is already filling a gap in the majority of today’s encryption solutions.
Next-generation encryption makes it simple to keep your data out of the wrong hands. It is always active, encrypting all of your data from the moment it is created. And the data is always encrypted, even when transferred to a shared folder, USB stick, or the cloud. Moreover, next-generation encryption also communicates with the rest of your IT system, sharing and acting on security intelligence. If your endpoint detects a threat, the encryption keys are automatically revoked, ensuring that your data remains secure even if hackers gain access to your network.
During an online briefing and demo, the software provider’s research AI security group manager discussed how FHE changes the way businesses protect their data. He explained that the process includes not only the ability to encrypt data in transit but also the ability to perform computations without decrypting the data. If malicious entities gain access to the user’s server or cloud account, they will be unable to see the data itself.
“If you wanted to perform computation over that data, then you would have to decrypt it. If a malicious entity got access to your server or your cloud account, at that exact point when the data is vulnerable, they would be able to see the data and steal it. FHE changes this,” he said.
Employee records, customer details, loyalty schemes, transactions, and data collection are all examples of key pieces of information that businesses commonly store. This is maintained to protect that data from being used for fraud by third parties, such as phishing scams and identity theft.
Before businesses can fully benefit from what FHE has to offer, they must first be able to learn and experiment with it, according to the tech giant. Businesses can use the encryption services to get a scalable hosting environment on the software provider’s Cloud.
FHE is based on “quantum-safe” lattice cryptography and is intended to be resistant to future quantum-computing requirements. Initial FHE computations were too slow to be practical for everyday use before being able to perform at seconds per bit. A research and advisory firm estimates that by 2025, at least 20% of companies will have budgeted for projects centred on FHE, compared to less than 1% today.
“We have to accept the fact that every organisation will use multiple clouds – either what they have internally in their data centre or what they consume from the public cloud space from any of the popular vendors. Sharing data and making data available for computing somewhere else is a pattern that we will have now after Covid,” added the software technical manager.
Moving forward, the company stated that it will collaborate closely with its clients in developing prototype solutions and use cases for FHE technology, with an initial focus on developers and crypto engineers. Some of the initial use cases include analysing encrypted data and training AI and machine learning models while maintaining privacy and confidentiality controls.
