With the growing use of sensitive personal information, which also corresponds to the term “personally identifiable information (PII)” in information and communications technology (ICT) environments, the requirements for privacy protection are also increasing as a basis for collecting, processing, storing, and exchanging this data in various information systems. At the same time there is a high level of risk, that is, both damage to and misuse of this type of information, and thus there have been significant efforts to protect privacy for a long time. This is where crypto protection appears more and more, along with technological solutions, as a means of preventing the identification of subjects whose data is processed and/or exchanged.
Homomorphic encryption appears as a very acceptable crypto-protection solution with a high level of security, which enables the processing and exchange of data in an encrypted form. This achieves anonymity in relation to the data since the processing and transmission is carried out over the data in an encrypted form. As the requirements for data privacy and protection continue to grow, interest in this approach to personal data protection also grows, and homomorphic encryption appears as a solution that many practitioners in the field of data protection, especially those in the business and public sectors, strive not only to learn about but also to apply.
Protecting privacy through homomorphic encryption offers a certain level of help with this, providing readers with basic insights into homomorphic encryption, the problem environment, and certain practical solutions that have proven to be successful in this area. However, keep in mind that, despite the successful application of homomorphic encryption, there are still many questions related not only to technological solutions but also legislation that will surely be answered in the near future. For this reason, the content of this book appears as one of a series of sources that will contribute to the improvement of both homomorphic encryption systems and their compliance with legislation. Essentially, the content refers to an approach for determining the initial standards and compliance of an interconnection of application solutions, which was launched by Microsoft Research several years ago. Through specialized workshops, initial compliance was reached in the design, development, and application of homomorphic encryption and the determination of the homomorphic encryption security standard.
This is the basis for the book’s structure and content. The first two (of four) sections provide a basic description and explanation of the homomorphic encryption model as a security category and the homomorphic encryption security standard, as well as possible areas of application and applied solutions from practice. The editors had the difficult task of harmonizing and balancing chapters by different authors, while also achieving comprehensibility and attractiveness for different groups of readers.
Section 1’s approach to the basic principles and features of homomorphic encryption directly shows the operational attributes with very practical examples. It provides informed readers with operational actions over encryption through logical operations on the ciphertext. The basics of the decryption cipher algorithm for some of the established homomorphic encryption schemes are also shown, and for each individual scheme, basic insights and operations on the ciphertext are given.
A separate section on the proposed homomorphic encryption standard follows, which seeks to unify existing knowledge in the development and application of certain schemes in order to achieve the highest possible level of compliance in data protection and privacy, especially for the public service, business, and financial sectors. This approach focuses on determining recommended encryption schemes, the most common being Brakerski-Gentry-Vaikuntanathan (BGV) and Brakerski/Fan-Vercauteren (B/FV). The authors also cover Gentry, Sahai, and Waters (GSW) as a possible scheme in the standardization of a homomorphic evaluation of the decryption procedures (bootstrapping). This is a significant presumption since bootstrapping mechanisms vary across schemes. In addition to the basic parameters of the scheme, the need to determine the basic security parameters is observed as an insight into the design of a unique solution for homomorphic encryption-based privacy protection. Thus, the second chapter of this section, “Recommended Security Parameters,” looks at the need for, as well as the reasons and problems associated with, determining the computational problems for the security of homomorphic encryption schemes. Recommended security parameters, based on a recognition of the strongest known attacks on data security through the determination of the size of the parameters, are presented in a range that is acceptable for homomorphic encryption.
The last two sections cover the basic indicators and problems of privacy protection and data security through practical examples, that is, the application of homomorphic encryption. In doing so, one section focuses on the features and specifics of requirements for data security in a networked systems environment through cloud and blockchain technologies that enable joint computation over distributed datasets. This primarily applies to the fields of healthcare, education, science, and networked business systems in which large amounts of personal data are collected, processed, and exchanged, while at the same time maintaining a high level of requirements for the protection of data privacy. Although blockchain technology has all the features of data exchange through various networked entities and through unknown levels of security measures in the processes of transferring and processing personal data, it has unfortunately not been separately considered. However, this does not mean that related technological processes are not recognized. On the contrary, through the recognition of networked data silos where sensitive data is exchanged and processed through cloud systems, the value of the homomorphic encryption model in solving security requirements has been recognized. Along with explanations of possible protection scenarios in transmission systems via protected and insufficiently or unprotected networks, the advantages of applying homomorphic encryption are presented.
The last section continues with a possible solution to the secure outsourcing of computation in public services and business transactions. Individual groups of authors present some practical application solutions, for example, HappyKidz as a parenting mobile application, PRIORIS as a system for monitoring intentions or preventing suicides, HEalth as a possible solution for the protection of privacy and sensitive data in the process of exchanging private datasets, and potential areas of application such as the protection of children on the Internet and privacy protection in prescription drug management systems.
In a time of increased interest in privacy protection for networked information systems and network applications, new and secure solutions are sought, and this edition undoubtedly contributes to understanding not only the features of homomorphic encryption but also possible areas of application and privacy protection efficiency. Although it is a compilation of texts by many authors, it is a successfully structured presentation of the basic idea: the need for greater use of homomorphic encryption and the establishment of a basic set of standardized forms in order to develop compatible application solutions in the future.
The content can be sufficiently interesting not only for professionals in the field of security and privacy, but also for readers who have sporadically encountered the term “homomorphic encryption” (although certain parts of the content will not be fully understandable at first due to technology jargon). However, to a certain extent, the introductory parts of the individual chapters present the basics of the homomorphic encryption approach in a very clear and comprehensible manner, and in this way it can be used as an additional textbook in some curricula. Based on the present need to use homomorphic encryption methods and solutions, this title will certainly help many specialists in the initial steps of developing security mechanisms for data security and privacy.
