holomorphic encryption:
Enc(m1) + Enc(m2) = Enc( m1 + m2)
Enc(m1) x Enc(m2) = Enc( m1 x m2)
So, an untrusted entity can compute addition or multiplication without decryption.
https://en.wikipedia.org/wiki/Homomorphic_encryption
Fully homomorphic encryption (FHE)
From Wikipedia:
Fourth-generation FHE[edit]
In 2016, Cheon, Kim, Kim and Song (CKKS)[35] proposed an approximate homomorphic encryption scheme that supports a special kind of fixed-point arithmetic that is commonly referred to as block floating point arithmetic. The CKKS scheme includes an efficient rescaling operation that scales down an encrypted message after a multiplication. For comparison, such rescaling requires bootstrapping in the BGV and BFV schemes. The rescaling operation makes CKKS scheme the most efficient method for evaluating polynomial approximations, and is the preferred approach for implementing privacy-preserving machine learning applications. The scheme introduces several approximation errors, both nondeterministic and deterministic, that require special handling in practice.[36]
A 2020 article by Baiyu Li and Daniele Micciancio discusses passive attacks against CKKS, suggesting that the standard IND-CPA definition may not be sufficient in scenarios where decryption results are shared.[37] The authors apply the attack to four modern homomorphic encryption libraries (HEAAN, SEAL, HElib and PALISADE) and report that it is possible to recover the secret key from decryption results in several parameter configurations. The authors also propose mitigation strategies for these attacks, and include a Responsible Disclosure in the paper suggesting that the homomorphic encryption libraries already implemented mitigations for the attacks before the article became publicly available. Further information on the mitigation strategies implemented in the homomorphic encryption libraries has also been published.[38][39]
No comments:
Post a Comment