How a new encryption technique can help protect privacy amid COVID-19

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Dalia Khader, Divisional CISO, Swisslife Global Solution & Husna Siddiqi, Independent Advisory Board Member, UKRI Centre for ART-AI, University of Bath

  • COVID-19 has brought the debate on balancing privacy and public interest to the fore.
  • A technique called ‘homomorphic encryption ‘ could help us strike the right balance.

The debate over balancing public interest and the basic human right to privacy is not new, but in recent months it has reached almost every household due to Covid-19.

In order to manage the global pandemic, there has been an onslaught of Covid-19 applications, including contact tracing and statistical data analysis tools to help identify patterns that may lead to cures or prevention measures.

Quite understandably, this has led to mixed emotions of relief and worry – relief from experts being able to collect and process data in order to curb the virus, and worry that the apps could be used to for the surveillance of people or to reveal sensitive personal data.

The development of these apps with an “accepted level of data protection” is probably the second most important Covid-19 innovation, after vaccines. The key challenge lies in ensuring information protection within these apps, and subsequently assuring society that the purpose is to trace the virus and not people.

What is homomorphic encryption?

Homomorphic encryption is a cryptographic tool that could offer the much needed balance between public interest and privacy.

Encryption of data is like placing the data in a box and locking it such that it can only be opened (i.e. decrypted) by those that hold the key to unlock the contents. In today’s world, information security specialists have defined three key states of data – data at rest, in transit and in use. Using the analogy of the locked box, encryption of data at rest is putting the locked box in a storage facility, while encryption of data in transit is moving the box from one facility to another without revealing the contents. Modern cryptography has done a great job in protecting data at rest and in transit using different encryption algorithms.

“Encryption of data in use” can be more challenging. An example would be placing two numbers in a box and performing a mathematical calculation on those numbers without having to open the box and see the original numbers. Imagine how useful this mechanism would be in performing Covid-19 related risk calculations while protecting personal data.

Computation over encrypted data is known as homomorphic encryption, which has existed since the 1970s in its partial form, hereafter PHE. There are two types of PHE: additive and multiplicative. This means numbers entered in a locked box can be either added or multiplied (but not both) with each other without revealing the original contents. For more complex calculations involving both operations, a full homomorphic encryption, hereafter FHE, is needed. The concept of FHE was barely a dream until the computer scientist Craig Gentry made it a reality in 2009.

Figure 1 illustrates homomorphic encryption using the analogy of boxes, sticks and dynamites that somewhat defy the laws of physics but could help readers visualise the concept.

PHE: The blue boxes and pink boxes in figure 1 are locked and can only be unlocked by those holding the key.

  • When sticks are entered in pink boxes and then multiple pink boxes are connected with each other, the borders between them disappear adding all the sticks together.
  • The blue boxes allow for dynamites to be entered. When boxes of this type are connected together, their internal borders also disappear but the number of dynamites multiply with the number of dynamites in the adjacent box, resulting in number of sticks that equal to the product.

The pink and blue boxes do not connect with each other. This means if we wanted to perform a complex function that involves both addition and multiplication, the process would involve taking out the contents in the midst of the calculation at some point.

FHE: If addition and multiplication needs to be performed without having to take the contents out of the boxes (i.e. enabling end to end encryption during computation), a new type of box needs to be designed which allows for the operation to be set to addition or multiplication as needed.

The table below gives examples of the homomorphic encryption in context of a University gathering Covid-19 research data.

Despite the strong privacy notion provided by FHE, it is not used today due to being computationally inefficient.

The speed ratio between FHE and the calculation of un-encrypted data is actually 450 times greater than the ratio of the average man walking and a passenger aircraft.

Nevertheless, crisis is the mother of innovations. In 2020, the year of Covid-19, recent initiatives led to FHE becoming 1000 times faster than Gentry solution; an excellent indication that we are on the right track.

the sting Milestone

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

European Parliament approves more transparency and efficiency in its internal rules

Team Europe contributes €500 million to COVAX initiative to provide one billion COVID-19 vaccine doses for low and middle income countries

A Sting Exclusive: Towards better business opportunities for the EU and its neighbours, Commissioner Hahn live from European Business Summit 2015

European Investment Bank to borrow €70 billion in 2013

Wednesday’s Daily Brief: updates from the Near East and Libya, Ebola in DR Congo, World War remembrance

5 curve-flattening technologies being developed by young people

Governments urged to put first ever UN global migration pact in motion, post-Marrakech

How COVID-19 shows the urgent need to address the cyber poverty gap

From UN Assembly podium, Central African Republic leader appeals for lifting arms embargo

A free press is ‘cornerstone’ for accountability and ‘speaking truth to power’: Guterres

JADE Generations Club 2015: Knowledge vs. competences – Do not wait for the change to happen, but make it happen

The Parliament sets the way for the European Banking Union

EuroLat: serious concern about migration and support to multilateral trade

Commission adopts Recommendation on EU coordinated approach to travel and transport in response to new variant of coronavirus in the UK

The response to the current COVID-19 crisis must make the EU more resilient

Pharmaceuticals in the environment: Commission defines actions to address risks and challenges

3 things to know about women in STEM

Why integrated planning is key to truly transformative electrification

The European reaction to the neo-fascist wind

Burning Amazon rainforests: Darting towards the doom of Human Race

It’s Trump’s anti-globalization and inward-looking rhetoric that perturbs GOP and US

Half the world’s population is still offline. Here’s why that matters

Factory workers are facing a mental health crisis. Here’s how to respond

“The winner is who can accelerate the transition to a new digital era”. The Sting reports live from EBS 2015: a Digital Europe 4.0

The EU Consumer Policy on the Digital Market: A Behavioral Economics View

SMEs and micro firms sinking together with south Eurozone

Do you dare to go to China?

Trump’s withdrawal from the Paris climate deal is bad for US business. Here’s why.

COVID-19: More new virus cases outside China than in, ‘no time for complacency’, says UN health agency

Joint advocacy letter template to sign and ratify the Treaty on the Prohibition of Nuclear Weapons

Why embracing human rights will ensure Artificial Intelligence works for all

Should trade continue to be global after the pandemic?

We can end TB right now. Here’s how

A new roadmap for corporate climate governance

GSMA Announces New Speakers for Mobile 360 Series – Middle East and North Africa

Deal on digitalisation of access to justice will benefit citizens

UN chief calls for Security Council to work with Myanmar to end ‘horrendous suffering’ of Rohingya refugees

The three sins the EU committed in 2015

Venezuela: Parliament recognises Guaidó, urges EU to follow suit

Normal reactions to the abnormality of the pandemic

These countries create most of the world’s CO2 emissions

Entrepreneurship in a newly shaped Europe: what is the survival kit for a young Catalan and British entrepreneur in 2018?

How young people can help respond to the coronavirus outbreak

Where labour costs the most (and least) in the European Union

Libyan national conference postponed, nearly 500,000 children at ‘direct risk’ from fighting around Tripoli

How banks can help companies restructure for growth

Could robot leaders do better than our current politicians?

Nearly three million more displaced year-on-year, warns refugee agency chief, but solutions are within reach

Implementation of EU Facility for Refugees in Turkey: EU mobilises €663 million in humanitarian assistance

US and Mexico child deportations drive extreme violence and trauma: UNICEF

UN condemns ‘heinous’ suicide attack on education centre in Afghanistan

Who holds the key to the future of biotechnology? You do

Only a few months away from the single European patent space

The US is building a bike trail that runs coast-to-coast across 12 states

European Parliament backs CO2 emissions cuts for trucks

Why 2020 is a turning point for cybersecurity

Wind farms now provide 14% of EU power – these countries are leading the way

Colombia: Santos thanks the EU for its support to the peace process

Quality of air in Bucharest-Romania: is it fog or is it smog?

Young people all over the world come together to demand paid good quality internships

More Stings?


Speak your Mind Here

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s