
IBM Fully Homomorphic Encryption Toolkit for Linux - theBashShell
https://github.com/IBM/fhe-toolkit-linux
======
dowem
Hi Hackers! This is Eli (one of the authors of the toolkit). I wanted to make
sure you all know you can check out the code. It is freely available on GitHub
as linked by the OP. The press this weekend in places like Ars talks about
trials, which we did and those were awesome, but the real story right now is
the toolkits are out there for anyone to get access to the tech. I love that
it was shared here. Several posts on Ycombiantor have come up as a result.

I just wanted to say that I think we packaged some cool demos in the toolkit.
One is the privacy preserving search we debuted in the MacOS toolkit we put
out a few weeks ago, and this one also has a fully encrypted neural network
inference over credit card fraud data. If you like encryption, or like the
idea of encrypted machine learning check it out! We built all the special
dependencies for you, along with an integrated IDE setup to run the examples
trivially. The encrypted ML example also uses a brand new, fresh out of the
IBM research kitchen, encrypted machine learning library that makes it work.

This stuff is not fiction it is real and you can run it today if you want! Our
toolkit is based on Docker and comes in Ubuntu, Fedora, and CentOS. You can
even pull the docker images from Docker Hub. IF you want to see more of this
effort show us some love on GitHub and Docker Hub by smashing that star
button! Instructions are in the readme. Most people who know docker can get up
to speed and running in less than 10 minutes. [https://github.com/IBM/fhe-
toolkit-linux/](https://github.com/IBM/fhe-toolkit-linux/).

Monitoring the entirety of the internet for good questions and comments is not
one of my superpowers. If anyone has questions get in touch with us on slack
directly. The development team is here to help. Questions are great, we are
trying to get together an FAQ. Hit us up on Slack here:
[https://app.slack.com/client/T0133ARBGBV#/](https://app.slack.com/client/T0133ARBGBV#/).
We want your feedback, questions, and ideas to help spread the word.

P.S. Thanks to user Darkstryder and throw0101a who commented below! You did
some nice explanation for KaiserPros question, and shared some nice links for
this community!

~~~
hedora
The story yesterday said you support addition, multiplication, and enough for
Turing completeness.

Surely, that means you also support equality tests. With that, it’s easy to
build a lookup table, and the whole thing devolves to a glorified Caesar
cipher. (With a permutation function instead of a rotation.)

What security guarantees does this library provide? What’s the attacker model?
I see nothing about this on the front page of your github repo, or in the
press releases.

Edit: For instance, can it tolerate chosen plaintext attacks? In a naive
scheme:

If an attacker can get the cipher text for “1”, then they can compute 1+1=2,
giving them the ciphertext for 2, and then, inductively, all the natural
numbers.

~~~
pravus
Not the author but hopefully I can shed some light on security aspects based
on my current understanding.

The premise of FHE is that you send both data and code encrypted to a 3rd
party system for execution and you can assume that an attacker has control of
it. The attacker will see a series of seemingly random steps that mutate
seemingly random data and send an encrypted response that can only be verified
by the client. You don't have the answer in advance but you have a way of
validating that the calculation was performed correctly as asked and the
answer can be trusted. A statistical attack can be avoided since the client
has the option to rotate the encryption keys without the 3rd party's knowledge
although I'm not an expert so any mathematical comment is welcome.

My knowledge here is limited, but the short summary is that if done correctly
FHE just looks like random execution on random data and that's what eliminates
most attacks.

------
KaiserPro
What kind of operations can one actually do on the encrypted data? I'm
struggling to understand what the use cases are

(I saw the one about machine learning, but thats broad and vague.)

~~~
Darkstryder
To give an answer a bit more technical than the others, theoretically a
encryption scheme is considered _fully homomorphic_ if it can support an
arbitrary number of additions and multiplications on its inputs (bits or
integers). In a lot of fully homomorphic encryption (FHE) schemes bits are
represented through big matrices that are in part random and part
deterministic. You can add and multiply these matrices and it will naturally
add and multiply the encrypted bit inside as well, but you need the secret key
to decrypt the matrix and learn if it contains a one or a zero.

From these operations (add and mul) you can create a NAND gate using the
formula 1 - A * B (assuming A and B are matrices containing encrypted bits)
and create any arbitrary boolean circuit from there. These circuits works on
the encrypted data without the need to decrypt it.

(there is an additional step called bootstrapping that most schemes require in
order to allow circuits of unlimited depth but I won’t get into that in such a
short answer)

~~~
KaiserPro
Excellent, thank you!

Seeing that one can NAND things, everything makes a lot more sense.

------
ColanR
I don't have a great understanding of the algorithms here, but I have a
question.

If I had some data encrypted with these tools, which I made public for
multiple entities to process, is it possible for me to allow them to add data
to the encrypted system? i.e., is there a way for multiple entities to add
more data to the encrypted data (and do calculations with the encrypted
contents) while only one party is able to extract the results of the whole
resulting collection of data?

~~~
Darkstryder
It is possible. Encrypting a piece of data requires the public key but not the
secret key. Therefore you can give your public key to all of these multiples
entities, they encrypt data and do computation on it, and only you can decrypt
the resulting computation using your secret key.

I have to say that a related question I have is how to get the opposite :
making sure the third party only used the inputs I gave them and did not
replaced them with their own, and making sure they processed these inputs
through the exact program I gave them and not an altered version of it.

I have rough ideas about how one could do something like this but if anybody
had a reference to literature on the topic, that would be great.

------
shiado
My only hope for homomorphic encryption is that it doesn't cause a new era of
invasive DRM and anti-circumvention methods.

~~~
mmm_grayons
Would you please elaborate on how you believe this might happen? I can't see
how this would enable a "stronger" DRM scheme, as the video/audio/whatever
would still have to be decrypted.

~~~
shiado
That's true. I stand corrected. And having just entered the term 'homomorphic
encryption' into Google patents it would appear the space is not very active
at all.

