IBM Researchers Open Source Homomorphic Crypto Library 130
mikejuk writes with news of an advancement for homomorphic encryption and open source: "To be fully homomorphic the code has to be such that a third party can add and multiply numbers that it contains without needing to decrypt it. In other words they can change the data by working with just the encrypted version. This may sound like magic but a fully homomorphic scheme was invented in 2009 by Craig Gentry. This was a step in the right direction but the problem was that it is very inefficient and computationally intensive. Since then there have been a number of improvements that make the scheme practical in the right situations Now Victor Shoup and Shai Halevi of the IBM T J Watson Research Center have released an open source (GPL) C++ library, HElib, as a Github project. The code is said to incorporate many optimizations to make the encryption run faster. Homomorphic encryption has the potential to revolutionize security by allowing operations on data without the need to decrypt it."
Re:Marriage equality (Score:5, Insightful)
Since the first 5 posts are all "homo" jokes, I'm gonna squat here for my on-topic post (heh ... heh ... he said squat).
The main problem I see with the whole idea of homomorphic encryption is it's necessary limitations. If I can get the plaintext results of the difference (subtraction) of the plaintext of two encrypted strings, I can trivially decrypt both if they're English text.
Well no.
here's just one possible way to deal with that. For each string you form two different strings by XOR the string with a random string and the complement of that random string. Now You encrypt each String in the pair with a different key in a homomorphic way.
A third party can now do whatever albelian operations they want on either of these strings but they have no way to combine the two results since the keys are different.
However you are able to do this by doing the operations on both strings then at the very end decrypting them and Xoring the result.
Voila.
Works for voting systems where one person gets to have the keys, and one person gets to maintain the database of encrypted votes. As long as they don't collude, then the data base holder can sum all the ballots up but not know what any ballot is. The key holder can determine the sum but never get access to the individual ballots.
Re:MOD PARENT DOWN (Score:4, Insightful)
Your understanding of what homomorphic encryption is is fundamentally incorrect. If you apply an operator to an encrypted value in a homomorphic system, the result is also encrypted. So, since the initial values and the results are both encrypted, no information is leaked.
Your entire missive above was predicated on the fact that the results of the function would be plaintext, so as the GP so eloquently put it, "Every single thing you said was wrong." Seriously, the first sentence of the wikipedia page [wikipedia.org] makes it fairly clear:
Homomorphic encryption is a form of encryption which allows specific types of computations to be carried out on ciphertext and obtain an encrypted result which decrypted matches the result of operations performed on the plaintext.