Is it possible to delegate the ability to process your data without giving away access to it?

This is the (rephrased) opening line of this rather breakthrough research paper by author Craig Gentry at IBM. Although it’s over one year old, this paper is in some ways more relevant now than ever.

With cloud computing becoming ever more mainstream, the paper introduces a fully homomorphic encryption (FHE) scheme that allows “full” manipulation of data without a secret key or the need for performing the decryption operations in the traditional way.

The author walks through each piece of the scheme and tries to explain the key concepts, using the analogy of Alice, the jewelry store owner who wants her employees to create a piece of jewelry without direct access to the locked box that contains the raw materials.

The assumption is that the readers of the paper have an intermediate to advanced level of understanding of common cryptographic operations. The paper walks through the current process for all known FHE schemes, which involves constructing a bootstrappable, somewhat homomorphic encryption scheme, and running the Evaluate algorithm on its decryption algorithm.

While this is still quite an expensive operation, the author shows that with some more work, the scheme can become practical, and can have many applications, ranging from privacy in the cloud to database access for employees.

Work is actively underway to extend the research and present functional and practical demonstrations of refined schemes that possess the FHE characteristics.