Fully Homomorphic Encryption (FHE) is a subject that is gaining more and more traction these days. But from all the talk and news articles and exciting developments, too few people still understand what FHE actually is, what it does, and how it can be used. If you’re one of them, don’t worry, you’re not alone. Let’s have a little background lesson and then look at how FHE is shaping the future of data science and machine learning.
To start with, it’s not a stretch of the imagination to say that FHE is the holy grail of cryptography. FHE allows you to perform computations on encrypted data without first decrypting that data. The resulting computations are left in an encrypted form which, when finally decrypted, result in an identical output to that produced had the operations been performed on the unencrypted data. Simply put, FHE enables processing data without decrypting it. This means companies can offer their services without ever seeing their users’ data — and users will never notice a difference in functionality.
If you’re a developer and you don’t know much of the gory details on how FHE works — and trust us, there are plenty of gory details — your first stop would be to look into the existing set of FHE libraries. Each of them have various degrees of usability, many of them are open source, and each has its own degree of readiness. At the same time, most of them are experimental in nature. You may be able to test or play around with code, but you might not be able to do anything useful or long-term sustainable. That’s where Zama’s Concrete Framework is revolutionary. With Concrete, developers can easily build fast homomorphic applications.
The underlying key technology in an effective Fully Homomorphic Encryption scheme like Concrete is something called ‘programmable bootstrapping’. It enables the homomorphic evaluation of any function of a ciphertext, with a controlled level of noise. A ciphertext is what encryption algorithms, or ciphers, transform an original message into. We’ll talk more about bootstrapping below, but for now it is sufficient to say that with Concrete, you’re able to easily use FHE in an application without having to be a professional cryptographer. You’re given the tools upfront and then you’re free to start developing.
How FHE will change the world
It’s common to come across web-based services that work off cloud solutions. Think of any service where you book something online or through an app, or a website where you share your data with a third party. These kinds of solutions are all around us and you probably use many of them every day. The companies providing these solutions offer a value-added service by aggregating data, but the downside to this is that the company can also see (and use to nefarious ends, if they wish) that data. In short, you don’t have a strong guarantee of the privacy or security of your data, even if the service provider promises otherwise. Every day, thousands and even millions of pieces of identifiable data are leaked or stolen. However, by using homomorphic encryption from the beginning, what you send to the service provider is encrypted with your own private key. The whole world might be colluding against you, but if you’re the only one with the private key, nobody can have access to your data.
Likewise, homomorphic encryption is an interesting proposition for companies and service providers themselves. Homomorphic encryption doesn’t prevent a company from carrying out its stated purpose; it simply prevents them from using that data to devious ends. You can still send your information to a third party using FHE, and that party can provide you the service you expect it to provide, but they can do this without needing to know that the data belongs to you as an individual. Using FHE thus allows a company to guarantee to its customers that their data is truly encrypted end to end and is secure by design.
Application to Machine Learning
Tall buildings. Metal everywhere. Self-driving cars that fly. Endless rows of flashing digital billboards. Robot cops and Matrix-like simulators. These are the images many of us have when we think of a future world where drones and droids dominate. This kind of narrative has been reinforced by everything from Hollywood blockbusters to mainstream media outlets. But at Zama, we see things differently.
When we picture the future, we don’t see a place where machines have taken over and where your privacy as a human being has been reduced to a currency, essentially used as a bargaining chip. Instead, we imagine a world where privacy is fiercely defended; a place where data security is paramount.
It is easy to understand why machine learning — part of the broader field of artificial intelligence — and privacy are often perceived to be at odds. The basic idea behind machine learning is to observe a set of data and learn from that data, uncovering processes and patterns in the process. Many people fear that machines may one day ‘learn too much’ or become too powerful, but in fact machine learning enables the development of numerous applications: regression, classification, recommendation, clustering, anomaly detection, and so on. The reality is that machine learning is already widespread, used in everything from driving assistants to language translation apps and face recognition software.
Clearly, the type of data machine learning deals with is often very sensitive or personal. The data processed through machine learning can also be used in many different ways from ‘less’ harmful uses such as targeted advertising to blatantly devious uses such as blackmail. But it doesn’t have to be this way.
What makes FHE stand out is that unlike traditional encryption algorithms that only protect data while it is in transit or at rest, meaning that the data has to be decrypted for it to be processed, FHE allows data to be computed whilst still encrypted. This makes Fully Homomorphic Encryption a perfect fit for machine learning.
The specific kind of machine learning we want to highlight involves neural networks. A neural network is a collection of units called artificial neurons. These are inspired by real-life neurons, the basic working units of the brain. Like human neurons, artificial neurons are a specialized ‘cell’ designed to transmit information. Each cell can transmit a signal to other neurons. After the neuron receives the signal, it processes it, and then can signal it to other connected neurons. Neural networks can be trained and used to do many things such as to detect disease patterns, classify objects, and aid in image recognition.
It’s possible to use FHE to evaluate these deep neural networks. One of the major challenges with any homomorphic encryption scheme is that at some point, the noise present in the ciphertext (data encrypted through an algorithm) becomes so prevalent that it levels out. We use the technique called bootstrapping, mentioned above, to refresh the ciphertext. The faster the bootstrapping process, the better for its application in machine learning. To that end, Concrete implements a variation of a fast FHE scheme called TFHE. This is important because many people wrongly assume that homomorphic encryption is too slow to be practically useful. In fact, we’ve already shown great progress in making FHE useful and practical.
Practical use cases examples
Preventive Medicine
Imagine knowing in advance what you need to do to stay healthy throughout your life. This is increasingly possible with AI, but requires sharing all your health data — everything from your DNA, to your medical history, to your lifestyle habits. With FHE, you could send all this data while keeping it encrypted, and the AI would respond with encrypted health recommendations that you alone have the ability to see.
Facial Recognition
From science fiction to the palm of your hand, facial recognition is now a part of our everyday experience. We use facial recognition to enter buildings, to unlock our phones, to tag people in pictures and soon to login to websites everywhere. This however requires someone to have your biometric fingerprint, which in the wrong hands can be used to impersonate you, and cannot be replaced by a simple password. With FHE, you could authenticate yourself securely, without anybody being able to steal your biometric data.
Voice Assistants
Every time your family speaks to a voice assistant, they send personal information to the companies behind them, increasing the risk that someone can steal this data. With FHE, you could send encrypted voice queries to AI assistants, who would have no way of knowing what you just asked, while still being able to respond. It wouldn’t matter that you have a microphone in your house, because nobody would be able to listen to what you say!
And we’re not stopping there.
We envision a future where all data is truly encrypted from end to end, and we also recognise that there are a number of real-world applications for FHE that exist today. Now we’re expanding our research into how to extend the reach of homomorphic training of neural networks, and moreover how to apply that research to machine learning tasks. We’re calling on the developer community to join our efforts.
If you’re interested in learning more, you can read our technical whitepaper here or, better yet, get started developing now using Concrete.
Get the latest news about homomorphic encryption and what we do at Zama: subscribe to our newsletter.
Zama is growing! We will be hiring up to 100 new people. To help make a safer internet faster, we’re looking to fill the following roles: jobs.zama.ai.
We’re open source — follow Zama on Github here: github.com/zama-ai.