iPhone and Mac data encrypted in use by IBM toolkit
IBM has released new toolkits for macOS and iOS that will make it possible for developers to begin incorporating fully homomorphic encryption (FHE) into their apps and services.
While the company has released toolkits for Apple’s mobile and desktop operating systems on GitHub, it also plans to make them available for Linux and Android soon.
FHE is a technology that allows data to be analyzed and used while still being encrypted. Senior research scientist at IBM Research, Flavio Bergamaschi provided further insight on FHE in a blog post announcing the new toolkits, saying:
“The common methods of storing and sharing sensitive data with colleagues and partners have weak links. Today, files are often encrypted in transit and at rest, but decrypted while in use. This provides hackers and insiders with repeated opportunities to exfiltrate unencrypted data. FHE plugs these holes. It allows the manipulation of data by permissioned parties while it remains encrypted, minimizing the time it exists in its most vulnerable state.”
Fully homomorphic encryption
In an interview with ZDNet, Bergamaschi explained that FHE is well-suited for use in heavily-regulated industries like finance and healthcare where businesses are trying to protect extremely sensitive data.
Implementing FHE will likely require organizations to rewrite parts of the business logic used in their programs but this will lead to impressive security gains where data is encrypted at all times, even when in use.
In order to prove FHE’s value when it comes to secure outsourcing such as when outsourcing computation from the cloud, IBM completed a proof of concept with Brazil’s Bradesco Bank which is the second-largest bank in South America. The goal of this undertaking was to use FHE to securely analyze customer data with the aim of predicting whether someone would require a loan within the next three months.
IBM security researchers used a large data set made up of 360,000 customer IDs with 546 different features each and put a homomorphic encryption layer between the data and the analysts. The results of the proof of concept proved that predictions made using FHE could be delivered with the same accuracy as they could without encryption.
While FHE was first discussed in the late 1970s, it has taken a long time for it to become fast enough for everyday usage. Now though that IBM has released its first set of FHE toolkits, expect developers and organizations to begin incorporating the technology into their software.
Via ZDNet