← Back to context

Comment by amatecha

1 month ago

The server must know what it's matching at some point, to be able to generate a response:

> The server identifies the relevant shard based on the index in the client query and uses HE to compute the embedding similarity in this encrypted space. The encrypted scores and set of corresponding metadata (such as landmark names) for candidate landmarks are then returned to the client.

Even with the server supposedly not knowing the identity of the client, the response could simply include extra metadata like some flag that then triggers an instant send of that photo to Apple's (or law enforcement's) servers unencrypted. Who knows?

[0] https://machinelearning.apple.com/research/homomorphic-encry..., during the period of generating

8 comments

amatecha

Reply
fragmede  1 month ago

> The server must know what it's matching at some point, to be able to generate a response

The entire point of homomorphic encryption is that it doesn't.

The homomorphic encrypted Wikipedia lookup example is pretty neat.

https://news.ycombinator.com/item?id=31668814

  • newZWhoDis  1 month ago

    The setup for “that wasn’t real homomorphic encryption!” is in, when in 2-4 years it comes out that they were doing this exact thing.

    The entire concept of a homomorphic encryption system is a land mine outside of obscure academic discussions. In practice systems marketed to the public as “homomorphic encryption” will result in user data exfil mark my words.

  • amatecha  1 month ago

    Oh, if that's the case, they really could have explained that better. The language used in Apple's article doesn't explain that the server cannot know the query or result (it implies as such, but doesn't make this clear, nor explain how/why)

    • lloeki  1 month ago

      > they really could have explained that better. The language used in Apple's article

      This one?

      https://machinelearning.apple.com/research/homomorphic-encry...

      I find that description perfectly clear for someone who doesn't already know what homomorphic encryption means:

      > One of the key technologies we use to do this is homomorphic encryption (HE), a form of cryptography that enables computation on encrypted data (see Figure 1). HE is designed so that a client device encrypts a query before sending it to a server, and the server operates on the encrypted query and generates an encrypted response, which the client then decrypts. The server does not decrypt the original request or even have access to the decryption key, so HE is designed to keep the client query private throughout the process.

      Later:

      > HE excels in settings where a client needs to look up information on a server while keeping the lookup computation encrypted.

      And there's more perfectly layman-understandable in PIR and PNSS sections, complete with real-life examples and simple diagrams.

      One just has to read the goddamn thing, which apparently is an insurmountably tall order these days for content that is more than 250 characters.

      3 replies →