Security

The future of crypto: IBM makes a new leap with Fully Homomorphic Encryption

Share this post:

Over a decade ago, IBM Research sent the world of cryptography abuzz, when our scientists announced a major breakthrough with Fully Homomorphic Encryption (FHE). A mouthful perhaps, but this mathematical concept allows something no other crypto scheme does —  to perform arbitrary calculations on encrypted data without decrypting it.

And now we are taking this work to the next level. Our team is now offering a first-of-its-kind security homomorphic encryption services package that provides education, expert support and a prototyping environment for clients, enabling them to start experimenting with FHE.

Researchers first started tinkering with homomorphic encryption in the 1970s, but the real pivotal moment came in 2009. It was then that Craig Gentry, back then an IBMer, now — research fellow at Algorand Foundation, published his seminal work, A Fully Homomorphic Encryption Scheme. Thanks to this work, researchers and companies began to consider FHE for cloud security, from banking and financial services to online shopping and healthcare. At the time, Craig compared it to “one of those boxes with the gloves that are used to handle toxic chemicals… All the manipulation happens inside the box, and the chemicals are never exposed to the outside world.”

While a crucial moment, at the time FHE was believed to be too slow for routine use because the computation was too complex and required too much computing power. But fast-forward to today — we’ve been continuously pushing the limits of this ‘black-box’ crypto scheme and have now hugely sped up the technology.

FHE’s potential impact on the modern world of data

Critically, though, we think that to continue its journey into the wider use, FHE needs to be in the hands of data scientists and regular application developers, not just crypto experts. That’s what we are striving for: to reduce the barrier to entry so that FHE becomes consumable by all.

By working together with leading businesses that understand the unique challenges in their industry and with academics developing and using FHE, we enable the development of a new generation of AI, machine learning, and cloud technologies that allow critical computations to be performed on sensitive data – without compromising on privacy.

Today’s world runs on data, whether you are a consumer using a traffic app or a major company that needs data to understand customers or to run computations. And with that abundance of data, security and privacy are key. With business information stored in the cloud, it is exposed to security risks and vulnerabilities on a daily basis. IBM X-Force Threat Intelligence Index found that in 2019, some 8.5 billion records were breached, giving attackers access to stolen credentials. Securing data and access to sensitive information is more important than ever.

That’s where FHE comes in.

While encryption allows data to be protected both during transit and storage, the data typically must be decrypted while accessed for computing and business-critical operations – creating the opportunity for potential compromise of privacy and confidentiality controls. FHE is designed to close this gap. It allows data to remain encrypted even during computations, so that they are performed on encrypted data (ciphertext), without the service behind it needing to ‘see’ that data.

Other FHE milestones

Earlier this year, IBM Research took another leap forward and released FHE toolkits based on HELib, an open source HE library. The toolkit allows developers with basic platform tool familiarity to start using it just by following a few simple instructions.

IBM has also worked with a select group of clients including Banco Bradesco, one of Brazil’s largest banks, using real financial data. Researchers showed that it was possible to perform encrypted predictions concealing the data and the result throughout the processing, obtaining the level of privacy not currently possible with any other methods. FHE can provide privacy protection for users requesting predictions— redefining the boundaries of what data must be stored and by whom.

There’s still a lot of work to do with FHE, and we’re excited to see FHE move out of research to a broader audience who, we hope, will soon see the value of this technology and take the next steps in improving cloud security.

 

Inventing What’s Next.

Stay up to date with the latest announcements, research, and events from IBM Research through our newsletter.

 

Senior Research Scientist, IBM Research Europe

Russ Daniel

Senior Technical Researcher, Emerging Technologies, IBM Research

Ronen Levy

Senior Manager, Cloud Security & Privacy Technologies Department IBM Research

More Security stories

The remarkable work of women scientists and researchers at IBM Research

During the month of March, IBM Research put the spotlight on a number of women scientists and engineers, and asked them about their professional and personal motivations, journeys and experiences as women — and particularly, as women in STEM. They represent the breadth of career experiences at IBM Research, across disciplines, geographies, ethnicities, tenures and backgrounds, who share a passion for science and tech, as well as a commitment to help all women rise to meet their aspirations.

Continue reading

Hybrid cloud for accelerating discovery workflows

Hybrid cloud could ultimately enable a new era of discovery, using the best resources available at the right times, no matter the size or complexity of the workload, to maximize performance and speed while maintaining security.

Continue reading

IBM AI helps to break down massive code to ease cloud migration

We use AI to automatically break down the overall application by representing application code as graphs. Our AI relies on Graph Representation Learning – a popular method in deep learning. Graphs are a natural representation for software and applications. We translated the application to a graph where the programs become nodes. Their relationships with other programs become edges and determine the boundary to separate the nodes of common business functionality.

Continue reading