The WhatsApp of secure computation
A key term when discussing encryption these days is end-to-end (E2E) encryption. The idea with E2E encryption is that data is kept confidential between the encryptor and the intended receiver. This might seem an obvious requirement, but not all so-called secure systems offer this level of protection.
Take for example SMS messages on your phone. The communication between your mobile phone and the local radio mast is indeed encrypted, but from that point on—until the message reaches the radio mast close to the receiver’s mobile phone—the SMS message is sent in the clear. The mobile phone company could, in theory, read your messages.
A similar issue occurs in email: you can connect to Gmail or Outlook, or iCloud using a secure connection, but usually the email is stored in the clear on the Google, Microsoft, or Apple server. Again, this means that these email service providers could read your sent and received emails.
In some sense, SMS and email are legacy, old fashioned systems. Today, more and more people are communicating via instant messaging systems such as WhatsApp and Signal. These systems provide excellent security, particularly E2E encryption. It is mathematically impossible for the service provider to read any of your messages, even though you rely on the service provider to relay them.
This deals with the issue of securing data during transit, or transmission. But what about data at rest?
Here, we must consider how to store data encrypted on a hard disk or how it should be handled when it is written to a database. For such systems, E2E encryption means that only the person who stores the data should be able to read the data. In effect, its design requires that stolen data cannot be read or manipulated. E2E encryption of data at rest is provided by the operating system or hard disk itself and combined with a suitable method for key management.
Having dealt with E2E encryption of data during transit and at rest, we now turn to the more esoteric case of E2E encryption of data during computation.
It may seem strange that you can perform computations on encrypted data in the first place. But advances over the last 10 years have resulted in systems that can indeed compute on encrypted data, i.e. without needing to see the data. These advances are made possible by Fully Homomorphic Encryption (FHE).
In FHE, the first party enters data into the system by encrypting it. Then, a second party can perform arbitrary computation on the data without seeing it. Finally, a third party—or even the first party—can decrypt the output of the computation. In this context, the second party (the party doing the computation) has no access to the underlying data. This is analogous to the situation for data in transit, in that the party relaying the data should have no access to its contents.
FHE is designed so that the second computing party learns nothing about the underlying data, so we can say that FHE provides E2E encryption for data during computation, just as WhatsApp provides E2E encryption for data during transit.
Organizations and individuals now consider it a fundamental aspect of messaging security that no-one can read one’s private messages; especially the service provider who is providing the messaging application. Organizations and individuals no longer trust Big Tech with their private messages.
Yet when companies, both big and not-so-bit tech, process private data we currently think it perfectly acceptable that they can do so and see the data as they process it. As trust in such company’s access to private data goes down, and yet the potential use-cases and benefits from technology such as artificial intelligence, blockchain, and personalized medicine increase, we need to find a way of unlocking the value in data without needing to make the data public. FHE provides such a mechanism.
We shouldn’t have to worry about privacy anymore: this should be a feature already built in by default into all applications.