IBM announced significant developments in homomorphic encryption. This could bring trustworthy confidential computing into the mainstream.
What is Confidential Computing?
Many organizations say that they can't use the cloud. For example, they can't put their private data in someone else's data center.
Now, if you only use cloud storage, then all is fine. First, encrypt the data on pron-premises. Then, store nothing but ciphertext in the cloud.
But what if you want to process your data? That is literally cloud computing? First, you need to decrypt your data in the cloud. Next, do the calculations. Then, finally, encrypt the result.
Or at least that is the traditional way.
Confidential computing means doing calculations while maintaining the data's confidentiality. New CPU architectures have provided some methods. However...
Hardware Solutions Have Had Problems
The past few years have brought many unpleasant surprises about hardware security problems. A big one is related to Intel's Software Guard Extensions or SGX.
Intel built some security-related machine instructions into some recent CPUs. Both user programs and the OS kernel can use them to define enclaves and private regions of memory. However, even the OS kernel can not read or write a user-defined enclave.
The plan would be to read encrypted data from the disk, storing it in the enclave. Then, decrypt it within the protected enclave. Next, do the calculations on the sensitive data. Then, finally, re-encrypt it and transfer it back to the disk.
At least, that was the plan. Researchers have found several ways to expose enclave data. Many are variations on speculative execution attacks. Others are side-channel attacks.
Another possible hardware solution is AMD's EPYC Secure Encryption Virtualization or SEV. This supports Google's Confidential VMs, virtual machines doing confidential computing in the Google Cloud.
I have created a list of hardware vulnerabilities. I attempt to keep track of developments. But, unfortunately, it's hard to keep up!
Hardware solutions for confidential computing have a poor track record. Pure cryptography seems more promising.
How Fast is Cryptography Developing at the Moment?
In October 2019, a team led by Google announced a significant step forward in quantum computing. The team's quantum processor finished a task in 200 seconds. They estimated that the DOE's state-of-the-art supercomputer would take 10,000 years to finish the same task.
Meanwhile, NIST has a Post-Quantum Cryptography program well underway. In July 2020, they announced the Round 3 candidates for the coming standard.
This may be like the late 1970s. Public-key cryptography, Diffie-Hellman key agreement, RSA encryption, and DES all appeared during the period 1975-1977. Of course, that was before my time, but it's a famous three years.
How to Implement a Homomorphic Encryption Scheme?
Early work on fully homomorphic encryption placed extreme limits on the computation. For example, you could calculate on ciphertext input if your problem were limited to addition. Or a modulo operation. Or an Exclusive-OR operation. It was possible but not helpful.
Open-source homomorphic encryption is now practical in the real world. See the above links to IBM's announcements for toolkits on Linux, MacOS, and iOS.
How Difficult is Homomorphic Encryption?
The software is available to be downloaded and used. So it's easy for developers.
However, its computational complexity remains an issue. It's hard for computers. It's not as terribly slow as the initial solutions were. But homomorphic encryption still makes even simple calculations significantly slower.
The good news is that its performance is acceptable for some popular uses.
For example, machine learning on big data sets containing sensitive information. That problem tolerates approximate answers, meaning that a speed/accuracy trade-off makes the technology practical.
There's still a long way to go in the way of performance for many computing jobs, but the recent developments are a significant advance.
What to Know, and Where to Go Next?
The CISSP and CCSP exams now include questions about homomorphic encryption. However, it's just a "big picture" recognition of the topic. If you know, "Homomorphic encryption means calculations on encrypted input yielding encrypted output," that should be plenty. Learning Tree's courses for CISSP Training and CCSP Training cover all you need to know for those exams. Additionally, look into CompTIA Cloud+ Certification Training for managing workload migrations and ensuring cloud security.
To check recent developments and see who is doing what, see the HomomorphicEncryption.org website. An open consortium of industry, academia, and government runs it.
If you want to go further, an excellent survey paper covers the topic, explaining the terminology and concepts.
This piece was originally posted on January 19, 2021, and has been refreshed with updated styling.