back to article IBM open sources new approach to crypto

A group of IBM researchers has released a Github project that implements a homomorphic encryption system – a way to work on encrypted data in a file without first decrypting the whole file. Why would anyone want to do that? Partly because if you have to decrypt the file to work on it, it's going to exist as plaintext somewhere. …

COMMENTS

This topic is closed for new posts.
Coat

Sorry, it's Friday

A group of IBM researchers has released a Githib project that implements a homomorphic encryption system .

So we'll see an article on Fox News about how this will undermine family encryption and we should encrypt the way God intended ..

10
1
Bronze badge
Thumb Up

Might be very useful

Friday or not, this might make public shared clusters (aka cloud) more than a term of marketting droid babble for serious users. Non-serious users like "in your face book" dont count. CPU cycles are cheap now, especially as ARM and derivatives continues to develop.

3
0
Anonymous Coward

@Article

"Big Blue even envisages such schemes as offering truly private Internet search."

Governments of the world are not going to be very happy!

0
0

You can try already with JCT : Do calculations on encrypted messages

In 2011, three earlier homomorphic encryption (HE) schemes were added to the open source program JavaCrypTool (JCT), which is part of the CrypTool project (www.cryptool.org) producing the most wide-spread e-learning programs about cryptography and cryptanalysis.

The e-learning program JCT isn't made for speed, but you can see e.g. how to multiply (or add) two encryped messages. If you decrypt the result you get e.g. the product (or sum) of the two according plaintext messages. You can play with own numbers using the following three schemes:

- RSA - Partially Homomorphic Encryption Scheme

- Paillier - Partially Homomorphic Encryption Scheme

- Gentry and Halevi - Fully Homomorphic Encryption Scheme

Another program of this project, CrypTool 2, offers several applications of the Paillier cryptosystem (addition, blinding, voting) in order to play with them directly.

1
0
Silver badge

Re: You can try already with JCT : Do calculations on encrypted messages

Yup. Unless I missed something, this new release is a better-performing alternative to Gentry & Halevi[1], using a similar but somewhat different approach.[2] It's all ultimately derived from Gentry's original work at IBM and his PhD dissertation, and he's worked on these algorithms and most of the ones that have been proposed for fully-homomorphic encryption (as far as I'm aware). So the JCT would be a good way to study the ideas; HElib is useful if you want to try putting it into production.

Neat stuff, in any case. The mathematics might be a bit daunting for non-practitioners, but folks with a CS background ought to be able to puzzle out the ideas in general terms.

[1] Assuming both schemes stand up equally well under attack, which remains to be seen. They rely on the hardness of somewhat different problems, and of course there may always be implementation flaws that expose weaknesses not part of the underlying algorithm.

[2] Actually multiple approaches, according to the abstract for the BGV paper. You can use RLWE without bootstrapping, RLWE with bootstrapping as an optimization, or LWE. These are variations of the Learning With Error problem, which involves approximating one function from a group of functions, given samples of the function's input and output, some of which are incorrect (noise).

1
0
Silver badge
Pint

Under your chair you will find...

Reminds me of a discussion about audio/image/video editors working directly within the encoded and compressed MP3/Jpeg or png/H.26*.* file. As opposed to a wave/bitmap/bitmap frame expanded version.

0
0

When are we going to get Encrypted Mail ?

I'm tired of my email being stored in Utah where the NSA can/will/does look at it anytime they want. Everything we send over the Internet in the USA is being stored there for analysis at a later date.

Having 'encrypted for transmission' built into email programs sure would help me feel safer. Now, no doubt they can un-encrypt it with some little effort, but at least they would have to try. At the present time, they just read 'whatever' they want, at anytime. I have worked with the Feds and I am not feeling safe at all, concerning my freedom of speech in the USA and the governments LACK of respect for privacy.

I don't know what the guy on the street in London feels, but over here, things are not going well.

0
0
Silver badge

Re: When are we going to get Encrypted Mail ?

When are we going to get Encrypted Mail ?

1987.

Having 'encrypted for transmission' built into email programs sure would help me feel safer.

So why not use an email client that supports encryption, digital signatures, and the like? There are plenty of options for many popular MUAs, such as Thunderbird.

Now, no doubt they can un-encrypt it with some little effort, but at least they would have to try.

Oh, there's some doubt, if you use well-tested algorithms and good security practices. While the tinfoil-hat brigade (and Hollywood) would have you believe that the government can decrypt arbitrary messages merely by frowning at the screen while hex dumps flash by and the Charismatic Leader shouts instructions, the more likely situation is that governments do not possess magical decryption techniques. And even if they do, they have better mechanisms for getting your data (or mine), since they can make our lives miserable. Chances are, they don't care about your email, and increasing the work factor even a little bit will send any curious snoops elsewhere for lower-hanging fruit.

1
0
This topic is closed for new posts.

Forums