User: Password:
Subscribe / Log in / New account

IBM's homomorphic encryption library

IBM's homomorphic encryption library

Posted May 12, 2013 8:23 UTC (Sun) by ras (subscriber, #33059)
In reply to: IBM's homomorphic encryption library by dlang
Parent article: IBM's homomorphic encryption library

> Actually, I was assuming that the attacker is crafting the query, and can see the result, but not necessarily decrypt it.

We would try to ensure only an authenticate entities could ask queries, but it is reasonable to assume the attacker has been clever enough to figure a way around that. And in particular if the attacker is the storage system itself, it does have a way around it.

However "Craft a query" implies to me know what you are asking. The storage has encrypted data, does some homomorphic operations on the data it has and encrypted data it has been sent - ("the query"). This operation yields unencrypted data - which effectively a "yes/no" to send some data it has stored back.

So yes, in the sense that the server can dream up throw random queries at the database and see what it says - it can "craft queries". But since it has no idea what it is asking it is of limited usefulness.

The trigger for my comment is what these people aiming for - a complete and fast set of homomorphic operations, seems like it is a long, long away away. But we don't need that to change the world. All we need are a set of homomorphic operations for querying a database. And even that turns out to be simpler than it sounds - all you need to implement is a homomorphic range query. That sounds plausible to me, so plausible I've made it a personal hobby project.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds