As data moves to the cloud, security has become increasingly important. Fully homomorphic encryption (FHE) has been developed in labs and is nearly ready to emerge to enable artificial intelligence and machine learning use cases for that data. Microsoft and Intel have been proponents of homomorphic encryption, which follows the data across systems. In December, IBM released its first FHE services, which include educational materials, prototyping environments for companies that want to experiment and support.
VentureBeat reports that FHE offers the ability to compute on data while it’s still encrypted, unlike classic forms of encryption that either protect data at rest or data in transit. IBM director of strategy and emerging technology Eric Maass stated that, “with FHE, the ability to actually keep the data encrypted and never exposing it during the computation process, this has been somewhat akin to a missing leg in a three-legged crypto stool.”
VB notes that, “companies are potentially interested in FHE because it would allow them to apply AI to data, such as from finance and health, while being able to promise users that the company has no way to actually view or access the underlying data.”
FHE takes a lot of compute power, which is why researchers haven’t been able to seriously pursue it until recently. Maass reported that it took 30 minutes to process a single bit in 2011 but, by 2015, “researchers could compare two entire human genomes using FHE in less than an hour.”
“IBM has been working on FHE for more than a decade, and we’re finally reaching an apex where we believe this is ready for clients to begin adopting in a more widespread manner,” Maass said, adding that the next challenge will be widespread adoption because there are “very few organizations here that have the skills and expertise to use FHE.”
IBM researcher Omri Soceanu “ran an FHE simulation involving health data being transferred to a hospital,” in which an AI algorithm analyzed DNA for genetic issues — and which took only .069 seconds. Rather than having to decrypt the patient data first, with FHE, “the data is sent encrypted and remains so while being analyzed, and the results are also returned in an encrypted state.”
VB notes that the system “was put in place using just a dozen lines of code, a big reduction from the hundreds of lines of code that have been required until recently.” “We wanted to allow our customers to take advantage of all the benefits of working in the cloud while adhering to different privacy regulations and concerns,” said Soceanu.
Maass stated that IBM Security’s first commercial FHE service is “aimed at helping our clients start to begin to prototype and experiment with fully homomorphic encryption” to learn how to build FHE-enabled applications and then to give them tools and hosting environments to run their applications.
IBM believes that FHE will initially be “attractive to highly regulated industries, such as financial services and healthcare.” It also “hopes these new security models will drive wider enterprise adoption of hybrid cloud platforms.” IBM has also released open-source FHE toolkits.