Frequently Asked Questions

When you’re solutioning around transformative technologies and leading the formation of an entirely new commercial market as we are, you’re bound to encounter some questions. We asked several members of our team to address a few frequently asked questions

What are Privacy Enhancing Technologies and how do you use them?

Privacy Enhancing Technologies, or PETs as they are sometimes called, are a powerful family of technologies that enhance and preserve the security and privacy of data throughout its lifecycle. These technologies are transformational because the capabilities they enable aren’t making something else better; they are making something entirely new possible.

Our ZeroReveal solutions, which leverage one of the pillars of the PETs category, homomorphic encryption, make PETs practical, scalable and performant for real business use cases today. Data is the backbone of the digital economy and we enable organizations to utilize that data for business purposes while ensuring privacy and regulatory barriers are respected.

What is homomorphic encryption?

By its most basic definition, homomorphic encryption (HE) secures Data in Use by allowing computations to occur in the encrypted or ciphertext domain. If encryption is a vault protecting sensitive data, traditional practice requires taking that data out of the vault every time it needs to be used or processed (perform a search, apply analytics/machine learning, etc.). This exposure leaves the data and the operation vulnerable. HE allows these actions to take place within the vault, ensuring the interaction and the corresponding results remain protected.

A focus of research for more than four decades for its transformative potential, computational barriers kept HE relegated to the academic/research arena or some enigmatic government spaces. However, breakthroughs in recent years have now made it practical for a wide-range of commercial and mission applications, delivering HE from exclusive academic darling to commercial game changer. HE is often hailed as the 'holy grail' of crypto for its paradigm-shifting potential to revolutionize how and where organizations can securely and privately leverage data assets.

Do you sell proprietary crypto?

No – and if someone is ever trying to sell you proprietary crypto, we suggest you run in the other direction.

Our breakthroughs are in the utilization of homomorphic encryption. We take those cores HE building blocks, which allow you to either add or multiply in ciphertext, and use them to create products that address real business and mission problems. Our solutions enable users to encrypt a search, analytic, or machine learning model and allow them to be processed without ever decrypting the content of the search or its corresponding results.

Our products can leverage any type of HE – that can, and often does, include open source HE libraries such as Microsoft SEAL.

I’ve read academic research on homomorphic encryption – are you a research firm or an HE library?

Neither actually. We build solutions that creatively and efficiently leverage homomorphic encryption to solve real business and mission problems. In contrast, HE research is focused on advancing the core mathematical HE cryptographic components. We applaud those doing HE research, and view their work as complementary to our work at Enveil.

There is a significant difference between an HE library and an HE-powered solution. You can think of an HE solution as the house, while an HE library is one of the raw materials, like brick or lumber. HE libraries provide the basic cryptographic components for enabling the capabilities and are often created and maintained by HE researchers, but it takes a lot of additional work, including software engineering, innovative algorithms, and enterprise integration features, to get a usable, commercial grade product. Vendors providing HE solutions have already built the house, often leveraging various HE libraries, so while some remodeling may be required to ensure that the solution addresses specific needs, the heavy lifting is done.

Is HE performant enough for commercial use?

When homomorphic encryption was first theorized, it was simply not practical. Performing even the most basic operation in ciphertext would take days and an amount of compute power that made it unreasonable for use at scale. But that is no longer the case. Advances in the underlying HE technology, as well as efficiencies relating to its use that we have pioneered, mean that HE can now operate at the speed of business for a number of use cases. Encrypted searches can be performed over hundreds of millions of data records and returned within seconds rather than days or even weeks (yes, it started out that slow). In fact, commercial and government entities are using HE operationally at scale today. Not working toward using it — actually using it in production environments to solve real problems.

Does your solution protect all my data, all the time?

No, we exclusively focus on protecting data while it's being used or processed, what we call Data in Use. This is different from other common forms of encryption, such as protecting Data at Rest on the file system, or Data in Transit as it moves through the network. You can think of Data in Use as the interaction with the data – we encrypt the search, analytic, or machine learning model itself, as well as the corresponding results throughout the processing lifecycle. Using Enveil, organizations can securely derive insights, cross-match, and search third-party data assets without ever revealing the contents of the search itself or compromising the security or ownership of the underlying data.

Do I need to pool or centralize my data in order to use ZeroReveal?

No, we specifically designed our software to support a decentralized approach to data sharing and collaboration since we know that requirements to move or pool sensitive assets are often deal breakers for our customers. Enveil ZeroReveal allows all participating organizations to retain positive control and ownership of their sensitive data assets at all times. We will never ask you to move data to a centralized data lake or repository, an approach that differentiates us from many of our competitors. We enable customers to perform encrypted processing over data where it is and as it is today.

How does ZeroReveal help customers address regulatory challenges?

In an increasingly regulated ecosystem, data sharing limitations often impede critical business functions and restrict data sharing and collaboration across jurisdictions and between organizations. By never decrypting searches, watchlists, or analytics during processing, Enveil ZeroReveal allows entities to securely and privately share and collaborate while retaining positive control of their data assets. Enveil allows this collaboration to occur in a secure, decentralized manner while protecting organizations against the risk of data breaches, regulatory penalties or brand and reputational damage.

Do I need to re-encrypt my data in order to use ZeroReveal?

Nope. Enveil is built to enable encrypted processing over data wherever it sits – in the Cloud, on Prem, or in a third-party data repository. Enveil sits above the data, allowing organizations and jurisdictions to maintain control of their data assets while leveraging existing storage methods, access, and audit controls. Enveil ZeroReveal is a lightweight, proxy-layer software system designed to work at the speed of business within existing customer workflows. The deployment model is optimized for highly distributed, decentralized multi-party, or hybrid cloud deployments.

How is ZeroReveal used in the federal space?

Most of our federal work centers around enabling users to perform trusted compute in what they consider to be untrusted locations. By keeping search terms, analytics, and machine learning models encrypted during processing, Enveil allows operators and analysts to securely derive insights, cross-match, and search untrusted data assets. This can be done across multiple data sources – even when using sensitive or classified indicators. Enveil protects not only the content of the interaction, but also the interests, intent, and TTPs of the party performing the search or analysis. This allows data to be leveraged in ways that were never before possible for use cases such as secure cross-domain and tactical edge collaboration.

Answers From Our Team

Members of our team to weigh in on frequently asked questions about Privacy Enhancing Technologies and our homomorphic encryption-powered solutions.

Homomorphic Encryption
Myths & Misconceptions

There can be a lingering degree of skepticism about whether homomorphic encryption is ready for broad commercial use. We’re tackling four common misconceptions about HE that should be considered by anyone interested in utilizing this transformative technology.

Myth #1: Homomorphic Encryption Is Not Ready For Commercial Use

When homomorphic encryption (HE) was first theorized, it was simply not practical. Performing even the most basic operation (something as simple as 1+1) in ciphertext would take days and an amount of compute power that made it unreasonable for any broad applicability. But that is no longer the case. Advances in the underlying technology, as well as efficiencies relating to its use, mean that HE can now operate at the speed of business for a number of use cases.

Encrypted searches can be performed over millions of data records and returned within seconds rather than days or even weeks (yes, it started out that slow). Commercial and government entities are using HE operationally at scale today. Not working toward using it, but actually using it in production environments to solve real problems. One of the areas where early adopters have emerged is the financial services industry, for anti-money laundering applications.

Myth #2: Working with Homomorphic Encryption Means Everything Needs to be Encrypted

Homomorphic encryption uniquely enables encrypted processing, allowing encrypted searches/analytics to be performed over both encrypted and unencrypted data. While HE-encrypted operations can be run over encrypted data, in many use cases, that level of protection is unnecessary. Take, for example, investors performing research to inform decision-making regarding a possible merger or acquisition. They likely turn to standard industry tools, including data aggregators, for the most current information available. Is the underlying data within these third-party environments sensitive? Not at all — investors just need to tap into existing information to learn about the company and its market positioning.

However, is the content of the search and reason behind the query sensitive? Absolutely. Exposing interest in a specific company could expose intent, potentially signaling to other interested parties and jeopardizing the investor’s bargaining power.

Myth #3: To Collaborate Using Homomorphic Encryption, Data Needs To Be Pooled

One of the most exciting use cases for HE is in the area of secure data sharing and collaboration. By allowing third parties to securely and privately work together, HE enables collaboration that was not previously possible. One of the key elements that has prevented such efforts from moving forward in the past is the need to pool sensitive data assets in order to make them accessible to a collective group. This is impractical for a number of reasons, at the core of which is an understandable unwillingness of organizations to increase their own risk and liability by giving up ownership of their assets.

While some implementations of HE suggest data must be pooled and encrypted in a centralized location, it is rarely practical or desirable. When HE is used specifically to protect the interaction with the data (i.e. the query or analytic), it can be done in a decentralized manner that allows all contributors to maintain control and ownership of their data assets.

Myth #4: A Homomorphic Encryption Library Is A Homomorphic Encryption Solution

While it can be confusing for those unfamiliar with the space, there is a significant difference between an HE library and an HE-powered solution. Think of it this way: an HE solution is the house; HE libraries are the raw lumber.

Homomorphic encryption libraries provide the basic cryptographic components for enabling the capabilities, but it takes a lot of work including software engineering, innovative algorithms, and enterprise integration features to get to a usable, commercial grade product. Companies who build and maintain these libraries do so via research teams. Vendors providing HE solutions have already built the house and often leverage HE libraries — while some may require remodeling to ensure the product addresses specific needs, the heavy lifting is done. When investigating offerings in the space, it is important organizations know what they are getting: raw building blocks, plans, or a house.

Request a Data Sheet

Interested in learning more about one or more of the use cases above? Let us know.
Enveil is a pioneering Privacy Enhancing Technology company protecting Data in Use. Enveil’s business-enabling and privacy-preserving capabilities for secure usage, collaboration, and monetization protect data while it's being used or processed – the 'holy grail' of data encryption. Defining the transformative category of Privacy Enhancing Technologies (PETs), Enveil’s homomorphic encryption-powered ZeroReveal® solutions allow organizations to securely derive insights, cross-match, search, and analyze data assets without ever revealing the contents of the search itself or compromising the security or ownership of the underlying data.
Copyright © 2022 Enveil