Innovative ‘emerging’ technologies are rarely straightforward. The path to market creation and broad commercial use, especially for a technology that is transitioning from the realm of research to commercial applicability, is lined with the challenges such as constructing shared terminology, understanding business relevance, and defining scope. At the heart of it all: a whole lot of market education, writes Enveil Founder Dr Ellison Anne Williams.
It is in this space that we find homomorphic encryption (HE), a transformational technology with the potential for significant impact across a number of data-driven use cases. A pillar of the Privacy Enhancing Technologies (PETs) category, HE protects data while it’s being used or processed by allowing computations to occur in the encrypted or ciphertext domain. These powerful capabilities have led to HE being referred to as the “holy grail” of cryptography and are the reason why it has been the subject of much research and academic pursuit for nearly four decades. Once computationally impractical for use at scale, recent performance and utilization breakthroughs have prompted exploration and adoption of the technology in a number of market verticals.
When paired with market factors such as digital transformation, positioning data as the backbone of the global digital economy, and data privacy moving from a ‘nice to have’ to a ‘must have’ for enterprise leaders, these advances and usage have led to a surge of activity within the HE landscape.
Yet, those of us who work in the space (full disclosure: my company is an HE solution provider) continue to see confusion around both the technology and its pursuit. This topic was the subject of some discussion at the recent 2021 Secure and Private Compute Summit, the first event focused entirely on commercial applications of technologies, like HE, that protect Data in Use. Event participants included potential HE customers in industries like healthcare and financial services, as well as vendors and researchers. While all play an important role in advancing the technology and its broader impact, the contributions each make to the HE community are distinct. To help clarify the nuance of the landscape, it’s helpful to compare the developing market to constructing a home.
This HE market analogy includes three primary components: HE Libraries, HE Research/Services, and HE Solutions. While they may sound similar to those unfamiliar with the space, there are significant differences in their role and contributions. Think of it this way: an HE solution is the house; HE services are the plans; HE libraries are the raw lumber.
As building blocks, homomorphic encryption libraries provide the basic cryptographic components for enabling the capabilities, but it takes a lot of highly specialized work including software engineering, innovative algorithms, and enterprise integration features to get to a usable, commercial grade product. Companies who build and maintain these libraries typically do so via research teams. Some of the more notable HE libraries include Microsoft SEAL and IBM’s HElib. As with all types of encryption, open source libraries are the safest, most transparent way to utilize HE algorithms. As any security practitioner would tell you, proprietary crypto is fundamentally a bad idea and if anyone is trying to sell it to you, you should run in the other direction.
Read the full article at The Stack.