Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Encryption IBM Security Technology

IBM Releases Fully Homomorphic Encryption Toolkit For iOS and MacOS (zdnet.com) 46

New submitter IBMResearch shares a report from ZDNet: IBM's new toolkit aims to give developers easier access to fully homomorphic encryption (FHE), a nascent technology with significant promise for a number of security use cases. "Today, files are often encrypted in transit and at rest but decrypted while in use, creating a security vulnerability," reports ZDNet. "This often compels organizations to make trade-offs and go through long vetting processes in order to ensure they can keep their valuable data protected while still gaining some value out of it. FHE aims to resolve that issue."

"While the technology holds great potential, it does require a significant shift in the security paradigm," the report adds. "Typically, inside the business logic of an application, data remains decrypted, [Flavio Bergamaschi, FHE pioneer and IBM Researcher] explained. But with the implementation of FHE, that's no longer the case -- meaning some functions and operations will change."

The toolkit is available today in GitHub for MacOS and iOS, and it will soon be available for Linux and Android.
This discussion has been archived. No new comments can be posted.

IBM Releases Fully Homomorphic Encryption Toolkit For iOS and MacOS

Comments Filter:
  • I predict there will be a shitload of "oopsie I forgot" moments if this ever enters mainstream use.

  • by gweihir ( 88907 ) on Friday June 05, 2020 @05:39PM (#60150716)

    Cracking the base problem was an impressive feat, but the question now is how long actually a multiplication, an exponentiation or a comparison takes. (Linear operations are usually not a problem, if I remember the details correctly.)

    • by Anonymous Coward

      The individual operations are fast, the issue before was that your noise parameter got big too fast.

      Yes, I'm the guy who's been posting about this shit (the ONLY one posting about this shit, it seems) for the past 10+ years. I'm glad Slashdot finally ponied up an article about it...

      • The rest of us that care about it simply read the papers or cracked open our _Communcations of the ACM_ mags to read about it.
      • by gweihir ( 88907 )

        Thanks.

        Do I see this right that it is "limited" to any operation based on binary circuits? (I did some research in secure multi-party computations wayyyy back and have not kept up with things.)

        Also, does the noise limit circuit depth or can this do arbitrary depth computations?

    • Over the last 20 years or so, cryptographers have developed crypto systems which can be mathematically proven to be secure. There are various definitions of "secure", and we can prove that a crypto system is or is not secure to given degree, a given definition.

      Contrast this with the earlier practice of hoping that nobody figures out how to attack it. Now, we can prove there is no attack possible, under appropriate definitions.

      Because homomorphic encryption is by its nature "malleable", not only is it lackin

      • Your example assumes operator invertibility and privileges to execute that invertible computation against the encrypted material. The expected use case for homomorphic encryption shouldn't provide either of those features.
        • The expected use case for homomorphic encryption shouldn't provide either of those features.

          In other words, it can be perfectly secure as long as you don't try to apply it to any real-world problem.

          Not having access to simple math limits the possible applications considerably. Can you name a sample 'expected use case' that makes sense under such constraints?

        • > Your example assumes operator invertibility and privileges to execute that invertible computation

          The expected use case is performing the same types of operations you'd perform on any data base. Operations like addition. Addition is invertible.

          > and privileges to execute that invertible computation against the encrypted material

          The most talked-about use case is cloud computing, with the idea that the encryption prevents the cloud provider from reding your data. Or, any hacker in the cloud environme

      • Yeah, but math is always based on themselves unproven axioms. So in actual reality, it isn't "proven" at all, unless science comes in, and gets you your six sigma statistical reliabiliy of observations *following* your prediction there!
        Which is what Gödel's uncompleteness theorem was all about.

        • GÃdel's uncompleteness theorem says there are things which are true and cannot be proven. It does NOT say "nothing can be proven". It says that at least one thing cannot be proven.

          As for science, science is concerned with what physical objects do in the real world. 1+0=1 doesn't HAVE to correspond to anything in the real world. There are no physical objects in the world involved with that statement. Plus is DEFINED for that to be true. That is, the definition of the symbol "+" is such that x + 0 = x

          • Ps there is a way "around" Godel. Nothing is Godel's theorem stops you from defining a system in which the unprovable statement is something like:
            1=1

            In such a system, we can prove anything else in the system, but we can never prove that 1=1. Yet, we can look at 1=1 and say "duh, yeah obviously that's true". :)

  • It involved a guy who was on the run from federal law enforcement for siphoning money from Richard Nixon's checking account. He was asked to recover a device which could decrypt any encryption algorithm. Even the Russians were involved [imdb.com]. In the end, it was all about who controls the information. Very prescient.

  • Everything is encrypted, all the time, but readable at the same time?
    Weird, or I have been taking in too much Corona.

    • It means that you can perform certain operations on the data, without being able to know what the starting value is. The simplest example is addition/subtraction, and there is a trivial example of a system like this:

      Imagine a database that has two columns: name and balance. In a homomorphic system the name column would be encrypted, but the balance would not start with 0, but rather would start with a value derived from the name column.

      So users without the ability to decrypt the name column would still be a

  • Someone tell Alex Jones! Keep your homo off my ipad!

  • ... a fully heteromorphic encryption toolkit for iOS and MacOS, they'll lose the Christian IT community.

  • Awaiting a Twitter storm of outrage about homomorphism in 3...2...1

Make sure your code does nothing gracefully.

Working...