Cloud service providers are continuously looking for innovative methods to keep their client’s data safe. IBM’s solution is called fully homomorphic encryption. The method was patented back in August of 2011 by Craig Gentry and Shai Halevi. What exactly is this process?
An entry on Wikipedia regarding the encryption says that “any circuit can be homomorphically evaluated, effectively allowing the construction of programs which may be run on encryptions of their inputs to produce an encryption of their output. Since such a program never decrypts its input, it can be run by an untrusted party without revealing its inputs and internal state.” IBM says that this method uses a mathematical object called “Ideal lattice” which helps encrypt data as soon as it is inputted into the cloud. The method allows does not reveal the original data source.
Recent news articles have prompted cloud service providers to re-evaluate their encryption methods. Consumers and corporations are incredibly concerned about the safety of their data. A widely publicized security breach at Target resulted in millions of credit card numbers being released into the black market. News stories such as these are a corporation’s worst nightmare.
Using fully homomorphic encryption, any data that is extracted or intercepted from the cloud is undecipherable to the person possessing said data. This type of encryption will make public cloud computing a safer alternative for companies who are deciding whether or not to build out a public or private cloud infrastructure. Craig Gentry, the co-inventor of this encryption method, was quoted as saying, “Fully homomorphic encryption will enable companies to confidently share data and more easily and quickly overcome challenges or take advantage of emerging opportunities.” The emerging opportunity for cloud service providers is to be the most secure solution available. If cloud companies begin using encryption models such as fully homomorphic, cloud security analysts will be able to stay one step ahead of hackers and online criminals who target cloud services.