

IBM open sources new approach to crypto - aynlaplant
http://www.theregister.co.uk/2013/05/03/ibm_open_source_homomorphic_crypto/

======
jimktrains2
> The encrypted file – if The Register understands the paper correctly –
> embeds actions that are permitted on that file (for example, the ability to
> read and write to parts or all of the file. The Evaluate function is able to
> use the combination of the public key and permitted actions (described as
> circuits) to operate on the file without decrypting it.

I'm pretty sure that this has nothing to do with permissions. Homomorphic
encryption maintains certain properties of the plaintext (through some
isomorphism) to allow pre-defined operations (operations that the isomorphism
are designed for).

Also, why theregister? Why not link to the actual article
(<http://eprint.iacr.org/2011/277>) or the github project
(<https://github.com/shaih/HElib>) They're much, much more informative.

~~~
CervezaPorFavor
The Register article is much easier to read as a news piece, especially for
people unfamiliar with encryption algorithms.

Besides, the article includes links to more technical materials, including the
project page should the reader want to find out more.

~~~
wodow
It's cases like this where it would be useful to be able link to multiple
articles at once (to avoid possible blogspam appearing as the intermediary).

~~~
reeses
Destructuring links? I'm sure Ted Nelson specified those somewhere.

~~~
wodow
Is that a Xanadu term? Looks like a "google whack" at my end at the time of
posting: <http://www.google.com/search?q=%22destructuring%20links%22>

~~~
reeses
I was semi-joking. I would not have been surprised in the least if he had
invented them at some point. Between him and Alan Kay, you've got about 90% of
everything covered. :-)

------
samwillis
Very good previous discussion about HELib from last week for reference:
<https://news.ycombinator.com/item?id=5630917>

------
omati
Is there some simple description of the operations supported and the space and
time complexity of them, as well as their effects on "hidden" parameters of
the ciphertexts anywhere?

All the available documentation seems to focus on the underlying
implementation and mathematical proofs without clearly stating the user-
visible performance behavior.

For example, if I have N encrypted signed B-bit integers (treated as modulo
2^B), and add them all with homomorphic encryption, how much time does that
take and how large is the resulting cyphertext?

What if I have two N-dimensional vectors called v and w of B-bit integers
(treated as modulo 2^B), and want to compute the value v^T . M . w where M is
an NxN matrix?

What if they are floating point instead? Is that supported? Are integers
modulo M supported for any M?

Is the sign(x) operation available or just addition and multiplication?

~~~
cantos
Regarding the last question, if you have an encryption method that can encrypt
0 and 1 and has (efficient) algorithms for multiplying and adding the
plaintexts corresponding to encrypted messages then you can efficiently
compute any boolean circuit.

So any fast algorithm that can be computed without encryption can be computed
efficiently by a homomorphic encryption scheme (in time that is some low
degree polynomial of the time needed for the unencrypted algorithm).

------
DoubleMalt
How about patents? I remember having read that IBM holds patents for
homomorphic encryption. Does the open sourcing also include a royalty free
license to IBMs patents?

EDIT: Just saw GPL2 or later, so choosing GPL3 would mean patent license
included, right?

~~~
kyrias
If they release it under GPL3 then you'd be able to use it even if it's
infriging on IBM's patents, if they release it under GPL2 then no.

~~~
indeyets
I'd put it other way round: If software is infringing on someone's patents
then it is illegal to license it under GPL3.

~~~
scott_w
The above poster was specifically referring to IBM's patents. IBM licensing
this code under the GPL also extends a patent license for all of their own
patents. This comes from the word "contributors" in section 11.

They obviously can't grant a patent license for patents they don't hold, but
that's life.

------
_stephan
Does anyone know whether one can host open source crypto code on GitHub
without risking violations of the US Export Administration Regulations? One
issue could for example be that GitHub doesn't block access from countries
under US embargo, AFAIK.

~~~
TomMasz
Yes you can. BIS effectively decontrolled open source encryption software a
few years ago, essentially admitting that attempts to control the export of
something that was already available world-wide was a waste of time.

~~~
throwaway125
There are still some restrictions on exporting cryptography. For example,
under US law you can't export strong crypto to Iran, North Korea, and a few
other countries.

[http://en.wikipedia.org/wiki/Export_of_cryptography_in_the_U...](http://en.wikipedia.org/wiki/Export_of_cryptography_in_the_United_States#Current_status)

~~~
TomMasz
Actually you can, you just need a license. That you'll never get one is
assumed, however. You need a license to export anything to the AT (Anti-
terrorism) countries but for some items you _probably_ can get the license, at
least for certain items to certain end users.

