Comment by hmottestad

1 month ago

Homomorphic encryption is something I heard about through a research paper a few years ago.

Back then I understood that an operation like SUM would be able to compute the sum of a list of numbers where each number was encrypted. The way the encryption worked made it possible to add all the values together without decrypting them, and the result ended up being encrypted too in such a way that the owner could decrypt it and have a number with a certain known accuracy.

If Apple is using homomorphic correctly then there should be no way for them to see the data they get from your phone. The other things they mention in the post as ways to prevent leaking of other information through metadata or a side channel.

The fact that this feature was enabled by default isn’t exactly great. Definitely should have been something that the user should have been asked if they wanted to enable after upgrading.

2 comments

hmottestad

pdpi 1 month ago

One specific use Apple is making of homomorphic encryption as of iOS 18 (I think) is for spam callers. You get a phone call, your phone sends Apple the encrypted phone number, they run it against their spam caller database, and you get the encrypted spam/not spam response back. They published a bunch of open source code around this functionality a while back.

https://www.swift.org/blog/announcing-swift-homomorphic-encr...

hmottestad 1 month ago

That's really cool! Thanks for sharing :)