"Researchers Show They Can Steal Data During Homomorphic Encryption"

Researchers at NC State University have demonstrated that it is possible to steal data during homomorphic encryption. Homomorphic encryption has been highlighted as a next-generation data security technology, but the team discovered a vulnerability that allowed them to steal data while it was being encrypted. They were not able to crack homomorphic encryption using mathematical tools. Instead, they performed side-channel attacks in which they monitored a device's power consumption as it encoded data for homomorphic encryption in order to read the data while it was being encrypted. This research suggests that even the next generation of encryption technologies must be protected against side-channel attacks. Homomorphic encryption is a method for encrypting data in a way that prevents third parties from reading it, but this type of encryption still allows third parties and third-party technologies to conduct operations using the data. For example, a user could apply homomorphic encryption to upload sensitive data to a cloud computing system to analyze the data. Programs in the cloud could perform the analysis and then send the results back to the user, but those programs would never be able to read the sensitive data. This method preserves data privacy while allowing users to carry out operations using the data. Although it has been theoretically possible, homomorphic encryption is significantly computing power-intensive. Therefore, researchers are still in the early stages of developing hardware and software to make homomorphic encryption practical. Microsoft is a leader in homomorphic encryption, with its creation of the SEAL Homomorphic Encryption Library to help the broader research community study and develop homomorphic encryption. The team found a way to crack homomorphic encryption using the SEAL Homomorphic Encryption Library via a side-channel attack. They verified the vulnerability contained by the library up through at least version 3.6. As homomorphic encryption research continues, tools and techniques must be developed to protect against side-channel attacks. This article continues to discuss the demonstrated possibility of stealing data during homomorphic encryption through side-channel attacks. 

NC State University reports "Researchers Show They Can Steal Data During Homomorphic Encryption"