IBM releases toolkits for encrypting data while in use

Developers will be granted access to fully homomorphic encryption to plug existing security gaps

Developers will soon be granted access to technology that will allow them to build apps that keep data encrypted while in use, and not just while in rest or transit. 

Fully homomorphic encryption (FHE) is an encryption technology that allows the manipulation of data while it remains encrypted, reducing the time information is at its most vulnerable.

Files are normally encrypted either while in transit or resting, giving hackers the opportunity to exfiltrate unencrypted data.

More than a decade after first making a major breakthrough in its cryptography research, IBM has packaged FHE into a toolkit that's now available for macOS and iOS developers, and in the near future for those using Linux and Android.

FHE also allows administrators to restrict how far files can be decrypted, with portions of files made available to certain users at any given time, with other areas remaining encrypted. 

The technology was first contemplated in the 70s, but a breakthrough was finally made in 2009 where successful FHE was demonstrated by cryptographer Craig Gentry, who produced a now widely-cited paper.

“While the paper was exciting news, many in the industry felt that FHE would remain on the cryptographic shelf because it was too slow for everyday usage due to the complexity of the computation and the enormous computing power it required,” said senior research scientist with IBM, Flavio Bergamaschi.

“Thankfully, a small team at IBM Research took that on as a challenge and a decade later FHE performance has improved to a level that is adequate for certain applications, which will only improve with algorithmic advancements and future hardware accelerators.”

There are a number of use cases for which FHE would hold significant promise, Bergamaschi continued, particularly in industries which are heavily regulated and make use of private and confidential data.

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

Companies that handle financial information and patient health records, for example, would be able to use FHE to share these broadly while still restricting access to all but the most necessary elements of the data.

IBM's toolkits are based on HELib, said to be the world’s most mature and versatile encryption library, which also includes sample programmes to make it easier to write code based on FHE.

“I should point out that these are not perfect or final,” the senior researcher added. “We wanted to quickly put them out to get the technology into the hands of early adopters who want to make these concepts less abstract and more concrete as we look to build up a community of users and use cases.”

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021