from Hacker News

A very casual introduction to Fully Homomorphic Encryption (2012)

by ergot on 1/21/17, 1:48 PM with 21 comments

  • by mmastrac on 1/21/17, 4:31 PM

    Oh hey, this is something I've actually done some real work on!

    > Just try converting that into a circuit

    Hmm. I think this article is a little behind the times. Loops are not a problem with Homomorphic encryption, as we can create circuits that work exactly like a transistor-based CPU.

    In fact, I've got an implementation of one that I've been working on here: https://github.com/mmastrac/oblivious-cpu

    The trick to making this work is that you may not know how long the computation is going to take, so you need to either add a set number of iterations to run (ie: clock cycles), or send back encrypted updates as you run to give your trusted computer a chance to determine when the calculation has finished.

  • by ajb on 1/21/17, 2:36 PM

    One limitation of Homomorphic encryption, as far as I can see, is that there is no way for the encrypted program to choose to communicate some data in the clear.

    Which means it can't be used to allow an untrusted party to run your encrypted server, and have the server communicate with parties that it doesn't trust. Which is what most servers do. Unless I'm mistaken, or there has been an advance?

  • by maxekman on 1/22/17, 11:27 AM

    This is a very interesting read, highly recommend! I'm currently reading the excellent book Cryptography Engineering [1] and this article definitely adds to my newborn interest in cryptography!

    [1] https://www.schneier.com/books/cryptography_engineering/

  • by based2 on 1/21/17, 4:17 PM

  • by kaffeemitsahne on 1/21/17, 3:19 PM

    Was there ever a followup blogpost?

  • by quickben on 1/21/17, 2:06 PM