MIT researchers have developed a new approach that could enable operations to be performed on encrypted data without needing to decrypt it first. For instance, a hospital wanting to use cloud computing for AI analysis of sensitive patient records can ensure privacy using homomorphic encryption. This technique allows computations on encrypted data, preventing anyone from accessing the original information. However, existing methods for achieving homomorphic encryption are highly computationally demanding, making them impractical for real-world deployment.

MIT researchers have introduced a new theoretical approach to creating homomorphic encryption schemes that is both simple and relies on lightweight cryptographic tools. By combining two cryptographic methods, they developed a "somewhat homomorphic" encryption scheme, which allows a limited number of operations on encrypted data without decryption. While it doesn't support complex computations like fully homomorphic encryption, this technique is sufficient for many applications, such as private database queries and confidential statistical analysis.

Figure 1. Cloud Computation Data Security Scheme

Although still in the theoretical stage, this new homomorphic encryption scheme has a simpler mathematical foundation that could make it more efficient and applicable in real-world scenarios for protecting user data. Henry Corrigan-Gibbs, a co-author of the research, envisions a future where users could encrypt their ChatGPT prompts, send them to the model, and receive responses without the model ever seeing the content of the queries. While this goal is far from being realized due to the inefficiency of current schemes, the researchers aim to develop encryption methods that move beyond traditional tools, potentially leading to more practical and efficient solutions. Figure 1 shows Cloud Computation Data Security Scheme.

The research team, led by Henry Corrigan-Gibbs, includes co-authors Alexandra Henzinger, an EECS graduate student; Yael Kalai, the Ellen Swallow Richards Professor and professor of EECS; and Vinod Vaikuntanathan, the Ford Professor of Engineering and principal investigator at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL). Their work will be presented at the International Conference on the Theory and Applications of Cryptographic Techniques.

Achieving Security and Flexibility Balance

MIT researchers have been exploring homomorphic encryption since the 1970s, but developing the necessary mathematical framework to securely encrypt a message while allowing computations proved to be highly complex. The first viable homomorphic encryption scheme was not developed until 2009.

According to Henzinger, achieving the right balance between security and computational flexibility has been a challenge, as these two requirements often conflict. Homomorphic encryption works by adding noise to a message during encryption. However, as computations are performed on the encrypted data, the noise grows, and if the operations continue for too long, the noise can overpower the original message.

Corrigan-Gibbs explains that running operations like deep neural networks on encrypted data can cause the noise to grow significantly, making it impossible to extract the original message once the computation is complete. For instance, by the end of the computation, the noise might be a billion times larger than the message.

To address this, there are two main approaches: one is limiting operations to minimize noise, but this restricts how the encrypted data can be used. The other approach is to introduce additional steps to reduce noise, though this requires a substantial increase in computational resources.

Somewhat homomorphic encryption offers a middle ground. It allows secure operations on encrypted data using a specific set of functions, known as bounded polynomials, which prevent excessive noise growth. These functions enable many additions but limit the number of multiplications, preventing the noise from becoming overwhelming.

More Than the Sum of Its Parts

The researchers developed their encryption scheme by combining two simple cryptographic tools. They started with a linear homomorphic encryption scheme, capable of performing only additions on encrypted data, and enhanced it with a theoretical assumption that expands its capabilities to handle more complex functions.

This combination allowed them to perform both additions and a limited number of multiplications on encrypted data. The encryption process involves converting data into matrices that conceal the original information, and performing operations by adding or multiplying these matrices.

Mathematical proofs demonstrate that the scheme guarantees security when restricted to specific bounded polynomial functions. Although the scheme is still theoretical, the next step will be optimizing it for practical use on modern hardware.

The team is also exploring ways to enable more complex operations, potentially advancing toward fully homomorphic encryption. Their success in combining two simple tools has sparked excitement about what other possibilities this approach could unlock.

The research was funded by Apple, Capital One, Facebook, Google, Mozilla, NASDAQ, MIT’s FinTech@CSAIL Initiative, the National Science Foundation (NSF), and a Simons Investigator Award.

Source:MIT News

Cite this article:

Janani R (2025), Security Scheme to Safeguard Sensitive Data in Cloud Computation, AnaTechMaz, pp.133