ICM大会报告——Homomorphic Encryption

Abstract: Is it possible to delegate processing of data without giving away access to it? For example, can I query a search engine, and get a useful response, without telling the search engine what I am searching for? Can I send my encrypted financial information to an online tax service, and get back an encrypted completed tax form?

Using an “ordinary” encryption system, it is virtually impossible for someone without the secret decryption key to manipulate the underlying encrypted data in any useful way. However, some encryption systems are "homomorphic" or "malleable". In a homomorphic encryption system, the decryption function is a homomorphism that commutes with operations like addition and multiplication. This homomorphic property allows anyone to manipulate (in a meaningful way) what is encrypted, without knowing the secret key, by operating on ciphertexts.

This talk will survey basic concepts in modern cryptography and complexity theory, including how to prove the security of a system by reducing it to the (assumed) computational infeasibility of well-known mathematical problems, such as factoring large integers. And it will highlight the main ideas behind recent "fully homomorphic encryption" systems, which allow arbitrarily complex functions to be computed on data while it remains encrypted.