All it needs for adoption is a compelling use-case.
So, I can't help but wonder if the current furore over vaccine passports (or inevitable international adoption, depending on your viewpoint) has influenced the timing of this announcement...
People have been concerned about security "in the cloud" for a while now. Of course, implementing a function such as this is one thing, being able to prove that your cloud provider actually uses it (rather than pretends to) will be quite another. Do you really know that the CentOS VM you just set up was actually encrypted and is using this system to run, with the key somehow obtained by a method by which the cloud provider has no access?
(And if you're about to say "But it's obviously not going to be for
Full disclosure, I work at IBM on FHE. This is a gross simplification but here goes! The secret data that you want to protect is encrypted by effectively hiding it in a massive polynomial with special modular arithmetic properties based on the private key. Only the person doing the encryption has this key. The FHE foundational operations work on these massive polynomials. So the processor who does the computing only sees huge polynomials. The agent who does the processing of the large polynomials cannot tease out the secret data that is protected (it is simply too spread out throughout these massive numbers represented as polynomials). The magic is that the operations on the polynomials behave in a way that is consistent with having operated on just the secret bits once you a modular arithmetic trick at the end to remove all the "junk" or "noise" that is hiding the real data. Note: There are actually public-type keys involved on the processing side and even some kinds of keys that are only used for internal processes during the computation. But as far as privacy is concerned, only the person who did the encryption (and has the private key) can decrypt the jumble of massive polynomial shenanigans to make sense of it all.
Thank you for taking the time to contribute to this thread, it is great to see people involved in the work actually commenting on Slashdot (and sadly too rare).
Example Use-Case (Score:2)
All it needs for adoption is a compelling use-case.
So, I can't help but wonder if the current furore over vaccine passports (or inevitable international adoption, depending on your viewpoint) has influenced the timing of this announcement...
Re: (Score:2)
People have been concerned about security "in the cloud" for a while now. Of course, implementing a function such as this is one thing, being able to prove that your cloud provider actually uses it (rather than pretends to) will be quite another. Do you really know that the CentOS VM you just set up was actually encrypted and is using this system to run, with the key somehow obtained by a method by which the cloud provider has no access?
(And if you're about to say "But it's obviously not going to be for
Re: (Score:5, Informative)
Uh, the whole point is that you supply encrypted data. If they dont use FHE, you won't get anything useful back. They never get the key.
Re: (Score:1)
So how does the CPU process the data it if it doesn't have a key?
Re:Example Use-Case (Score:5, Informative)
Re: (Score:2)
Sort of a spread-spectrum, hiding information in the noise type of thing.
Re: (Score:2)
Thank you for taking the time to contribute to this thread, it is great to see people involved in the work actually commenting on Slashdot (and sadly too rare).
Re: (Score:2)
Just firing off here without searching so feel free to ignore ... Any similarities to winnow and chafe as set out by the RSA guys?
Re: (Score:2)