What is homomorphic encryption, and why should you care?

While it's still 4-5 years away from large scale deployment, the need to securely and confidentially process many types of data means that the typical data encryption employed today just won't cut it for the future. Homomorphic encryption can solve many challenges in confidential computing, but also presents a major challenge to build.

A protected padlock with checkmark amid a field of abstract data.
Matejmo / Getty Images

The amount of data captured by enterprises continues to grow astronomically. Indeed, data warehouse are filled with huge amounts of confidential data like personally identifiable information, company financial records, Intellectual Property (IP), corporate strategic documents, etc. Common practice is to encrypt that data while in storage and during transport, but that is not always a guarantee that the data is safe from exposure. It does offer a reasonable level of protection from less sophisticated attackers, as capturing the encrypted data and running a massive computing system that tries to break that encryption through brute force operations is difficult. The brute force method is very inefficient and mostly available only to special sophisticated operations (e.g., state sponsored massively large resourced systems). It also isn't very effective at extracting data in volume as it's a time consuming process that can't keep up with real time data creation. But there is a loop hole many hackers have exploited to obtain potentially large volumes of encrypted data that is available to them unencrypted.

The challenge with the current state of data computation is that the only way encrypted data can be processed in a typical computing system, either on-premise or in the cloud data center, is by first decrypting that data, placing it in local memory and then running the computing application against it. Once the operation is completed, the data may then again be encrypted before going back to storage. This process also requires that the computing system has the appropriate keys for doing the decryption. This presents a serious problem since once that data is decrypted during processing it is available for attack and exfiltration from the computing system by different exploits and system anomalies. This is a primary target of many hackers who are able to extract volumes of data by infiltrating the compute stack and continuously retrieving unencrypted data from operating memory. Or even easier is for hackers to just steal the decryption keys and have immediate access to all the data through decryption on their own systems.

What's needed is a better way to work with sensitive data, and in fact, almost all data is becoming sensitive as new data regulations become operative, like GDPR, HIPPA, and various other data protection regulations. Further, there are many classes of data analysis, especially in AI/ML processes, that require sensitive data to be provided from many different sources (e.g., aggregated healthcare data, individual financial records), but that also needs to remain confidential. In an ideal world, compute operations should be able to be done without ever decrypting the data, thus preventing exposure of any sensitive data to hackers, even if they were able to gain access to the processing or storage elements. Enter homomorphic encryption and computing.

What is homomorphic computing?

Homomorphic computing operates on the principal that all data must remain encrypted through all operations within the processing system. While it's possible to do so in current systems, the throughput for operations could be slowed by a factor of 10 orders of magnitude or more, making it unacceptable in large scale operations. That means that a new generation of computing system must be designed that can process the encrypted data streams, and do so in a way that doesn't significantly slow down the compute cycle. Building a system to execute general purpose programs on encrypted data requires a totally new platform in both hardware and software, and it's not a simple thing to do.

Doing it a massive scale

A true homomorphic processing system, in order to be equivalent in execution speeds to current 64-bit processors running against unencrypted data, would have to have a massive compute width of up to 1024 bits! Further, since this compute is being done in a highly parallel fashion, the interconnections must be equally as wide and be extremely fast. And of course memory needs to be designed to compliment this wide and fast path. And finally the software algorithms need to be adapted to this new environment. While we currently have many parallel processing systems, like GPUs and AI/ML accelerators, the latency in stringing a large number of these systems together and interconnecting them would make the compute cycle unacceptable. Therefore, current processors are not a good solution for at-scale homomorphic computing implementations. Further, encryption algorithms need to be redesigned to take advantage of this massive parallelism. As a further complication, working on encrypted data makes for unacceptable "noise" that can create errors. With larger word sizes of 1K bits, the amount of noise introduced in the computing cycle is reduced and makes processing much more accurate.

Moving towards productization and standards

Making this real will take massive engineering efforts as well as necessitating the creation of standards. To make this a reality, Intel is partnering with Defense Advanced Research Projects Agency (DARPA) in its Data Protection in Virtual Environments (DPRIVE) program. As part of the program Intel expects to develop an accelerator for fully homomorphic encryption. To work on the needed software infrastructure required, Microsoft is also a program partner and leading the commercial adoption by testing it in its Microsoft Azure and the Microsoft JEDI cloud environments, with the US government participation.

As part of DPRIVE, Intel will design an application-specific integrated circuit (ASIC) accelerator for fully homomorphic encryption, potentially reducing processing time by five orders of magnitude over current CPU implementations. And Microsoft will utilize its expertise in cloud infrastructure, software stacks and fully homomorphic encryption, to potentially reduce processing time by two orders of magnitude, and to accelerate the commercialization of this technology when ready. Once accomplished, homomorphic encryption will go a long way towards enabling free data sharing and collaboration of sensitive data, while promoting privacy throughout the data life cycle. Beyond the development of the core technologies needed, Intel and Microsoft will work with international standards bodies to develop international standards, a necessary step to guarantee wide adoption.


But don't expect commercial systems soon

There will be multiple phases to the DPRIVE program and major milestones to hit along the way. But the program itself is 42 months long and ends in 2024, and it is likely to take another 1-2 years beyond the program for commercialization to take place. That means homomorphic encryption systems probably won't be available until 2025/26, and perhaps later. Still, the potential benefits of homomorphic, if successfully implemented, will dramatically change the way sensitive data can be processes and confidential computing can be implemented.

Bottom line: Homomorphic encryption is currently an academic exercise and an advanced engineering project. But it presents a major advancement in securing sensitive data from exposure. With the backing of major players like DARPA, Intel and Microsoft, it is likely to become a reality, but probably not for 5 years. Once deployed at scale, I expect to see a major shift for many industries that need to do a better job of protecting their data from exposure and hacking. Enterprises should be monitoring this technology for the next few years to gauge its progress, and plan on implementing it once it's available at scale.