Comment by dachrillz

6 months ago

A very basic way of how it works: encryption is basically just a function e(m, k)=c. “m” is your plaintext and “c” is the encrypted data. We call it an encryption function if the output looks random to anyone that does not have the key

If we could find some kind of function “e” that preserves the underlying structure even when the data is encrypted you have the outline of a homomorphic system. E.g. if the following happens:

e(2,k)*e(m,k) = e(2m,k)

Here we multiplied our message with 2 even in its encrypted form. The important thing is that every computation must produce something that looks random, but once decrypted it should have preserved the actual computation that happened.

It’s been a while since I did crypto, so google might be your friend here; but there are situations when e.g RSA preserves multiplication, making it partially homomorphic.

15 comments

dachrillz

Reply
littlecranky67  6 months ago

I get how that works for arithmetic operations - what about stuff like sorting, finding an element in a set etc? This would require knowledge of the cleartext data, wouldn't it?

  • barisozmen  6 months ago

    You can reduce anything happening on the computer to arithmetic operations. If you can do additions and multiplications, then it's turing complete. All others can be constructed from them.

    • littlecranky67  6 months ago

      While correct, that doesn't answer the question at all, though. If I have my address book submited into an FHE system and want to sort by name - how do you do that if the FHE system does not have access to cleartext names?

      4 replies →

  • j2kun  6 months ago

    Comparisons can be implemented by approximating a < b with

        0.5 * (sign(a - b) + 1)

    And the sign function can be approximated by a polynomial that uses only additions and multiplications and products with constants.

    Other FHE schemes have support for small-bitwidth lookup tables that makes supporting comparison more direct.

JohnFen  6 months ago

> If we could find some kind of function “e” that preserves the underlying structure even when the data is encrypted

But isn't such a function a weakened form of encryption? Properly encrypted data should be indistinguishable from noise. "Preserving underlying structure" seems to me to be in opposition to the goal of encryption.

xhrpost  6 months ago

This made me wonder if there is such a thing as homomorphic compression. A cursory search says yes but seems like limited information.

  • Tryk  6 months ago

    What do you mean by homomorphic compression?

    Given that the operations you can execute on the ciphertext are Turing complete (it suffices to show that we can do addition and multiplication) then it follows that any conceivable computation can be performed on the ciphertext.

    • xhrpost  6 months ago

      Oh this is outside the context of encryption. My curiosity was, is there such a compression function that permits operations on the compressed data without first decompressing it?

      1 reply →