What Is Homomorphic Encryption?

The concept known as homomorphic encryption, in which ciphertext can be manipulated and worked with without being decrypted, was first presented to the scientific community in 1978 by Ronald Rivest, Leonard Adleman and Michael Dertouzos as privacy homomorphism. A semantically secure homomorphic encryption scheme was developed and proposed by Shafi Goldwasser and Silvio Micali in 1982. In 2009, Craig Gentry proved that a completely homomorphic encryption scheme is possible.

Rivest, Aldeman and Dertouzos developed their theory around the fact that existing security and encryption systems severely limit the ability to do anything with the data after it is encrypted and turned into ciphertext. Without the development of a homomorphic solution, sending and receiving of data is essentially the only function that can be accomplished with encrypted data. The greatest concerns were the level of computing that is necessary to process the encrypted request on the encrypted data and whether an encryption scheme of this nature could be secure enough for practical use.

With the advent and continual expansion of cloud computing, coming up with a viable homomorphic encryption method is crucial. Otherwise, the risk is too high to entrust data to a cloud-computing provider when those data must remain secure. If the provider has access in any way to the data in their decrypted form, the data can too easily become compromised. Gentry has proved that it is a viable theory, though the amount of time that the computations take and the potential ease with which the encryption can be broken are concerns.

Gentry's system outlines how to create an encryption scheme that will allow data to be securely stored in a cloud environment where the owner of the data can utilize the computational power of the cloud provider to perform functions on the persistently encrypted data. He does this in a three-step process. An encryption scheme is constructed that is "bootstrappable," or consists of a somewhat homomorphic encryption scheme that can work with its own decryption circuit. Next, an almost-bootstrappable public key encryption scheme is built using ideal lattices. Finally, the schemata are modified to be more simplistic, enabling them to be bootstrappable while maintaining their depth.

This method creates a completely homomorphic encryption scheme, but it remains relatively impractical. Homomorphic encryption has evolved to be mostly secured against chosen plain-text attacks but securing against chosen ciphertext attacks remains a problem. In addition to the security issue, the fully homomorphic schemes are so large and complex that the time factor has precluded their use in most applications. Somewhat homomorphic encryption systems have been developed to address at least the time factor, using only the most efficient portions of a completely homomorphic encryption scheme.