Airbus Ventures-backed Ravel Technologies has revealed that they’ve developed “several” (patent-pending) advancements in the field of Fully Homomorphic Encryption, the long sought-after Holy Grail of encryption security.
Before we go any further, let’s set some definitions, shall we? I'm going to assume you’re already familiar with at least one variant of encryption or another, what it is, what it does, and why it's needed. Right, moving on.
One particular variation of this security, known as Homomorphic encryption, allows personal data to be utilised/acted upon while never having to be decrypted and re-encrypted. I.e. it never leaves the encrypted state.
Breaking this down even further, we have Partially Homomorphic Encryption (PHE) and Fully Homomorphic Encryption (FHE). PHE allows for one particular action to be performed on the encrypted data an infinite number of times. Secure, yes. Limited in functionality? Very much yes.
As an example, let’s say a healthcare provider secures patient records on a cloud service, i.e. a third-party provider. In order to maintain patient privacy, any and all of these records are encrypted while sitting on this database, thus preventing any nefarious outside actor, including the third party, from gaining access.
However, any time a record needs to be updated, there are two possible solutions, either the record needs to be transferred back to the healthcare provider's trusted environment, make the changes, re-encrypt the file(s), and send them back to the cloud. Or, the far riskier option, decrypt the data whilst it’s in the cloud, make the update, and then re-encrypt the file. I think you can see where the vulnerabilities lie here.
Where FHE gains its Holy Grail reputation is in the fact that encrypted data sitting in the cloud can be worked on, updated, etc. all without the need to transfer to a trusted environment OR leave the encrypted state.
My example cited one line or entry in one file, but what if you are processing millions, if not billions of files and lines and entries on a daily or hourly basis? Clearly, FHE is the only way to go, but as you can imagine the process involves a tremendous amount of computing power, and performance has been, shall we say, a bit lackluster.
In Ravel's own words:
Homomorphic encryption has to be efficient enough to power database and machine learning applications over mainstream CPU-based cloud infrastructure. This is why we have built with RHE a versatile fully encrypted toolbox answering industry imperatives.
We benchmarked four key functions against major competitors to illustrate the magnitude of our quantum-leap breakthroughs. The competitors selected for this comparison are fully homomorphic libraries that implement the bootstrap in less than one second.
As demonstrated above, what Ravel has accomplished is the ability to offer FHE in a low latency and high throughput format, all but eliminating the Achilles heel that has held up mass adoption. And the implications will touch every industry we know. Least of which, blockchain infrastructures, a technology that financial institutions are increasingly reliant upon.
“As we experienced during our Proof of Concept, Ravel has demonstrated that its technology can enable secure and efficient processing for high volumes of encrypted data,” commented BNP Paribas Group CIO Bernard Gavgani. “They are well on their way to solving data sharing and analytics challenges in banking and finance for brands worldwide.”