“Easy for both cryptography experts and novice practitioners”
Microsoft has open sourced a homomorphic encryption library developed by its Cryptography Research group, saying it “strongly believes” the technology is ripe for use in real-world applications, as it makes the source code available on GitHub.
Homomorphic Encryption provides the unique ability to compute on data while it is encrypted – Microsoft has been leading a push to develop a standard for the emerging cryptographic technique, which has wide ranging industry potential.
Adoption of homomorphic encryption, for example, would allow users to process encrypted data in the cloud, without either downloading it for decryption on-premises, or providing a decryption key to a third party service provider.
Microsoft’s Simple Encrypted Arithmetic Library (SEAL) (open sourced early last month under an MIT Licence for free use) has already been adopted by Intel to implement the underlying cryptography functions in its neural network compiler nGraph.
Push to Secure a Homomorphic Encryption Standard
The decision comes as the company moves fast to take the lead on the emerging technique. Microsoft launched an initial standardisation workshop in July 2017, with a second following in March 2018.
This rapidly led to the founding of an industry consortium; a third standardisation workshop followed in October 2018.
IBM, Intel and SAP are among the eight industry members of the consortium thus far. Government members include the US’s Space and Naval Warfare Systems Command (SPAWAR) and the National Institutes of Health (NIH). There are 12 academic members, including MIT and Seoul University.
In terms of potential use cases, the latter whitepaper points to today’s high overheads of protecting genomics data; challenges of securing real time data from critical national infrastructure; and the difficulty of striking a balance between risk and utility in information sharing for healthcare industry applications.
Microsoft researchers Kristin Lauter, Kim Laine and Sreekanth Kannepalli said in a joint blog: “In 2015, Microsoft Research released the first version of Microsoft SEAL with the speciﬁc goal of providing a well-engineered and documented homomorphic encryption library, free of external dependencies, that would be easy for both cryptography experts and novice practitioners to use.”
They added: “In 2016, we demonstrated CryptoNets, showing that deep learning on homomorphically encrypted data is indeed feasible, revolutionizing our approach to responsible AI… This is the right moment to put our library in the hands of every developer, so we can work together for more secure, private, and trustworthy computing.”
In addition to having no external dependencies, Microsoft SEAL is written in standard C++, making it easy to compile in many different environments.
Joerg Blumtritt, founder of Datarella, told Computer Business Review: “After ten years of research and development, privacy-preserving computation is finally ready for commercial application. Homomorphic encryption plays a key role in solving the most pressing problem in data protection: getting useful information from data without breaking privacy.”
He added: “The cryptographic libraries that Microsoft and others [have open sourced] are an important step in delivering the foundation for prototyping applications with homomorphic encryption. The effort of setting market standards that also started last year is a second important step in making homomorphic encryption business-ready. We developed several prototype applications, using Microsoft’s libraries among others. Our proof-of-concepts included real-time location-based services and DNA analytics – without revealing location or any specific genomic information.”
Those interested in a deeper dive can see the SEAL manual here [pdf].