"Researchers Demonstrate They Can Steal Data During Homomorphic Encryption"
A team of researchers from North Carolina State University and Dokuz Eylul University demonstrated the first side-channel attack on homomorphic encryption, which could be used to leak data while the encryption process is in progress. They were not able to crack homomorphic encryption using mathematical tools, so they used side-channel attacks instead. They monitored power consumption in a device that is encoding data for homomorphic encryption in order to read the data as it is being encrypted, thus demonstrating that even next-generation encryption technologies are in need of protection against side-channel attacks. Their paper titled "RevEAL: Single-Trace Side-Channel Leakage of the SEAL Homomorphic Encryption Library" reveals a power-based side-channel leakage of Microsoft SEAL prior to version 3.6 that implements the Brakerski/Fan-Vercauteren (BFV) protocol. Microsoft has been a leader in homomorphic encryption, developing the SEAL Homomorphic Encryption Library to help the broader research community conduct homomorphic encryption research and development. SEAL versions 3.6 and later use a different sampling algorithm, according to the researchers, who warn that newer versions of the library may be vulnerable to another weakness. This article continues to discuss the team's demonstration of the first side-channel attack on homomorphic encryption.