Secure computations from cryptography
FFI-Report
2024
This publication is only available in Norwegian
About the publication
Report number
24/01624
ISBN
978-82-464-3553-4
Format
PDF-document
Size
1.7 MB
Language
Norwegian
Modern cryptography can be used to do secure computations. It enables us to reduce the risk
involved in sharing data with other organisations or persons, regardless of their ability to keep
the information secret.
We have studied three methods:
Secure Multiparty Computations (MPC) If multiple parties have sensitive data, MPC can be
used to collectively do computations on the data, and to release the results to the intended
parties. No party can access more than their own data and the end result. MPC is reasonably
mature, and while it is not yet available off the shelf, it has already seen several
real-life applications.
Fully Homomorphic Encryption (FHE) If one party has sensitive data and another, untrusted
party has the resources to do computations on the data, the former can encrypt the data
using FHE before sending the data to the latter. The other party can then compute and
return the encrypted result without having access to any cleartext. FHE is particularly
useful if the party doing the computations wants to keep their algorithms to themselves.
FHE is well understood in the research community, but it is less applicable in practice due
to very large ciphertexts.
Functional Encryption (FE) The core idea is best explained through an example: The owner of
a large database can encrypt the whole database and distribute it to numerous parties with
different needs and trusts. These can be given keys that allow them to calculate different
properties of the database. Some might be allowed to decrypt all the data, some might
only decrypt some of the data corresponding to their specific access privileges, while
others yet might only be given access to certain statistical aggregate values of the data in
the database without having access to any single data point.
FE is still primarily a topic for basic research.
These methods have some inherent limitations that could affect possible applications, but these
limitations are in most cases also present in non-cryptographic solutions based on a trusted
third-party.
In previous work, we have made a catalogue of possible applications of the techniques above in
the area of national security. In this work we have expanded our exporation of a selection of the
applications, and tried to examine whether the methods above are applicable. The results unveil
both promise and challenges. We observe that they are dependent not solely on technology, but
also on law, organisation, and not least the intention of those who made the rules without being
aware of the possibilities offered by cryptography.