All it needs for adoption is a compelling use-case.
So, I can't help but wonder if the current furore over vaccine passports (or inevitable international adoption, depending on your viewpoint) has influenced the timing of this announcement...
People have been concerned about security "in the cloud" for a while now. Of course, implementing a function such as this is one thing, being able to prove that your cloud provider actually uses it (rather than pretends to) will be quite another. Do you really know that the CentOS VM you just set up was actually encrypted and is using this system to run, with the key somehow obtained by a method by which the cloud provider has no access?
(And if you're about to say "But it's obviously not going to be for
...from some Python that implements what appear to be "logic gates"? I have no idea what that code is supposed to do. It's not commented, and there's no explanation for what it does a note that says, well, literally this:
This is an implementation of a symmetric SWHE from section 3.2 of "Computing Arbitrary Functions of Encrypted Data" by Craig Gentry. It contains a small modification (namely, the addition of a modulus parameter to allow a greater-than-2-element plaintext s
Okay, stop thinking of computing at such a high level. You have to work at gate level. The line with the c = is the only part that would happen on a cloud server. Read the linked paper.
. The line with the c = is the only part that would happen on a cloud server. Read the linked paper.
Perhaps you posted the wrong link?
For $100/hr, I'll tutor you.
Yeah, maybe one day if I can't get answers and need the information I'll pay someone, but it's not going to be someone who acts like a douchebag because someone else doesn't understand something they've claimed is possible.
Thus far your attempt to say "Nuh-uh, you're wrong" has been to link to a Python script that says nothing useful whatsoev
That code implements the simplest possible homomorphic encryption and operations you can perform. It's based on a paper that's exceedingly easy to understand and is linked in the summary. It's a far better explanation than you'll find anywhere else.
I'm serious. I'm not trying to shit you. It really works. I know, because.. who the hell do you think learned and wrote it?
Just an instinct, but I would assume that if you are able to work on encrypted data without decrypting it, and without having the keys, then the encryption must be not be truly random, and so would be more easily breakable.
I'd like to learn what the GP is doing. Can you ELI5 rather than posting some incomprehensible code? Some of us are just interested and don't have our masters in computer science.
The idea is that you provide encrypted data, and some description of how to process it, and the math works out such that the computer can process the data -- and generate a sensible, but still encrypted, result without knowing what the inputs or outputs really mean. The ciphertext is generally a lot bigger than the plaintext in order to create mathematical structure that makes the operations on encrypted data sensible, and the operations are far less efficient than the equivalent operation on unencrypted data.
That inefficiency is what has held back FHE to date. This [iacr.org] is a fairly good intro to the subject, but note some of the then-current best results: performing a single bitwise operation might take 13 milliseconds. IBM's announcement implies that they have gone a long way in solving that problem.
it doesn't need a key. it's just math. you can read the analysis and see the proofs for the limited operations you can perform on the encrypted data. from those primitive operations you can build up an arithmetic system.
Full disclosure, I work at IBM on FHE. This is a gross simplification but here goes! The secret data that you want to protect is encrypted by effectively hiding it in a massive polynomial with special modular arithmetic properties based on the private key. Only the person doing the encryption has this key. The FHE foundational operations work on these massive polynomials. So the processor who does the computing only sees huge polynomials. The agent who does the processing of the large polynomials cannot tease out the secret data that is protected (it is simply too spread out throughout these massive numbers represented as polynomials). The magic is that the operations on the polynomials behave in a way that is consistent with having operated on just the secret bits once you a modular arithmetic trick at the end to remove all the "junk" or "noise" that is hiding the real data. Note: There are actually public-type keys involved on the processing side and even some kinds of keys that are only used for internal processes during the computation. But as far as privacy is concerned, only the person who did the encryption (and has the private key) can decrypt the jumble of massive polynomial shenanigans to make sense of it all.
Thank you for taking the time to contribute to this thread, it is great to see people involved in the work actually commenting on Slashdot (and sadly too rare).
Example Use-Case (Score:2)
All it needs for adoption is a compelling use-case.
So, I can't help but wonder if the current furore over vaccine passports (or inevitable international adoption, depending on your viewpoint) has influenced the timing of this announcement...
Re: (Score:2)
People have been concerned about security "in the cloud" for a while now. Of course, implementing a function such as this is one thing, being able to prove that your cloud provider actually uses it (rather than pretends to) will be quite another. Do you really know that the CentOS VM you just set up was actually encrypted and is using this system to run, with the key somehow obtained by a method by which the cloud provider has no access?
(And if you're about to say "But it's obviously not going to be for
Re: (Score:5, Informative)
Uh, the whole point is that you supply encrypted data. If they dont use FHE, you won't get anything useful back. They never get the key.
Re:Example Use-Case (Score:1)
So how does the CPU process the data it if it doesn't have a key?
Re:Example Use-Case (Score:4, Informative)
https://ijsbeer.org:81/a-symme... [ijsbeer.org]
Code for you. Go learn something.
Re: (Score:2)
Re: (Score:2)
Okay, stop thinking of computing at such a high level. You have to work at gate level. The line with the c = is the only part that would happen on a cloud server. Read the linked paper.
For $100/hr, I'll tutor you.
Re: (Score:3)
Perhaps you posted the wrong link?
Yeah, maybe one day if I can't get answers and need the information I'll pay someone, but it's not going to be someone who acts like a douchebag because someone else doesn't understand something they've claimed is possible.
Thus far your attempt to say "Nuh-uh, you're wrong" has been to link to a Python script that says nothing useful whatsoev
Re: (Score:2)
That code implements the simplest possible homomorphic encryption and operations you can perform. It's based on a paper that's exceedingly easy to understand and is linked in the summary. It's a far better explanation than you'll find anywhere else.
I'm serious. I'm not trying to shit you. It really works. I know, because.. who the hell do you think learned and wrote it?
Re: (Score:2)
I should be extra clear: that code is a working example of an explanatory paper on the subject that only supplies pseudocode.
But that paper is THE introduction to the subject.
Re: (Score:3)
I'm sorry, that page lost the original paper link at some point. I apologize.
It's https://crypto.stanford.edu/cr... [stanford.edu]
Re: (Score:2)
And here I was going to ask if you were Craig Gentry. Now here's an idea. Implement some of that in an FPGA/Microcontroller board. [aloriumtech.com]
Re: (Score:2)
It's just one person, why charge a ton?
Also, this is why I'm *not* a consultant normally. I don't like charging people money. Weird character flaw.
Re: (Score:2)
Re: (Score:2)
And you'd be wrong.
Re: (Score:2)
Using "instincts" to predict the capabilities of extant computer algorithms that you're unfamiliar with is absurd folly.
Re: (Score:2)
Code for you. Go learn something.
I'd like to learn what the GP is doing. Can you ELI5 rather than posting some incomprehensible code? Some of us are just interested and don't have our masters in computer science.
Re:Example Use-Case (Score:5, Interesting)
The idea is that you provide encrypted data, and some description of how to process it, and the math works out such that the computer can process the data -- and generate a sensible, but still encrypted, result without knowing what the inputs or outputs really mean. The ciphertext is generally a lot bigger than the plaintext in order to create mathematical structure that makes the operations on encrypted data sensible, and the operations are far less efficient than the equivalent operation on unencrypted data.
That inefficiency is what has held back FHE to date. This [iacr.org] is a fairly good intro to the subject, but note some of the then-current best results: performing a single bitwise operation might take 13 milliseconds. IBM's announcement implies that they have gone a long way in solving that problem.
Re: (Score:2)
Re: Example Use-Case (Score:2)
it doesn't need a key. it's just math. you can read the analysis and see the proofs for the limited operations you can perform on the encrypted data. from those primitive operations you can build up an arithmetic system.
Re:Example Use-Case (Score:5, Informative)
Re: (Score:2)
Sort of a spread-spectrum, hiding information in the noise type of thing.
Re: (Score:2)
Thank you for taking the time to contribute to this thread, it is great to see people involved in the work actually commenting on Slashdot (and sadly too rare).
Re: (Score:2)
Just firing off here without searching so feel free to ignore ... Any similarities to winnow and chafe as set out by the RSA guys?
Re: (Score:2)
Re: (Score:2)
Lol. Was waiting for a comment like this.