20 comments

[ 0.25 ms ] story [ 57.2 ms ] thread
> The encrypted file – if The Register understands the paper correctly – embeds actions that are permitted on that file (for example, the ability to read and write to parts or all of the file. The Evaluate function is able to use the combination of the public key and permitted actions (described as circuits) to operate on the file without decrypting it.

I'm pretty sure that this has nothing to do with permissions. Homomorphic encryption maintains certain properties of the plaintext (through some isomorphism) to allow pre-defined operations (operations that the isomorphism are designed for).

Also, why theregister? Why not link to the actual article (http://eprint.iacr.org/2011/277) or the github project (https://github.com/shaih/HElib) They're much, much more informative.

The Register article is much easier to read as a news piece, especially for people unfamiliar with encryption algorithms.

Besides, the article includes links to more technical materials, including the project page should the reader want to find out more.

It's cases like this where it would be useful to be able link to multiple articles at once (to avoid possible blogspam appearing as the intermediary).
Destructuring links? I'm sure Ted Nelson specified those somewhere.
>> The encrypted file – if The Register understands the paper correctly – embeds actions that are permitted on that file (for example, the ability to read and write to parts or all of the file. The Evaluate function is able to use the combination of the public key and permitted actions (described as circuits) to operate on the file without decrypting it.

> I'm pretty sure that this has nothing to do with permissions. Homomorphic encryption maintains certain properties of the plaintext (through some isomorphism) to allow pre-defined operations (operations that the isomorphism are designed for).

I've read 'permitted' as 'operations that can be performed on the ciphertext when using this encryption scheme'. While it might be ambiguous, I don't think they're incorrect in saying that.

If it's on The Register then they almost certainly don't understand the source material.
Regardless of whether they were right, I really appreciate that they added the "... – if The Register understands the paper correctly – ..." clause.

So many technical articles just get the facts wrong and pass them off as correct. I appreciate the honesty in this case.

How about patents? I remember having read that IBM holds patents for homomorphic encryption. Does the open sourcing also include a royalty free license to IBMs patents?

EDIT: Just saw GPL2 or later, so choosing GPL3 would mean patent license included, right?

If they release it under GPL3 then you'd be able to use it even if it's infriging on IBM's patents, if they release it under GPL2 then no.
I'd put it other way round: If software is infringing on someone's patents then it is illegal to license it under GPL3.
The above poster was specifically referring to IBM's patents. IBM licensing this code under the GPL also extends a patent license for all of their own patents. This comes from the word "contributors" in section 11.

They obviously can't grant a patent license for patents they don't hold, but that's life.

Does anyone know whether one can host open source crypto code on GitHub without risking violations of the US Export Administration Regulations? One issue could for example be that GitHub doesn't block access from countries under US embargo, AFAIK.
Yes you can. BIS effectively decontrolled open source encryption software a few years ago, essentially admitting that attempts to control the export of something that was already available world-wide was a waste of time.
There are still some restrictions on exporting cryptography. For example, under US law you can't export strong crypto to Iran, North Korea, and a few other countries.

http://en.wikipedia.org/wiki/Export_of_cryptography_in_the_U...

Actually you can, you just need a license. That you'll never get one is assumed, however. You need a license to export anything to the AT (Anti-terrorism) countries but for some items you probably can get the license, at least for certain items to certain end users.
Is there some simple description of the operations supported and the space and time complexity of them, as well as their effects on "hidden" parameters of the ciphertexts anywhere?

All the available documentation seems to focus on the underlying implementation and mathematical proofs without clearly stating the user-visible performance behavior.

For example, if I have N encrypted signed B-bit integers (treated as modulo 2^B), and add them all with homomorphic encryption, how much time does that take and how large is the resulting cyphertext?

What if I have two N-dimensional vectors called v and w of B-bit integers (treated as modulo 2^B), and want to compute the value v^T . M . w where M is an NxN matrix?

What if they are floating point instead? Is that supported? Are integers modulo M supported for any M?

Is the sign(x) operation available or just addition and multiplication?

Regarding the last question, if you have an encryption method that can encrypt 0 and 1 and has (efficient) algorithms for multiplying and adding the plaintexts corresponding to encrypted messages then you can efficiently compute any boolean circuit.

So any fast algorithm that can be computed without encryption can be computed efficiently by a homomorphic encryption scheme (in time that is some low degree polynomial of the time needed for the unencrypted algorithm).