How a new encryption technique can help protect privacy amid COVID-19

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Dalia Khader, Divisional CISO, Swisslife Global Solution & Husna Siddiqi, Independent Advisory Board Member, UKRI Centre for ART-AI, University of Bath

  • COVID-19 has brought the debate on balancing privacy and public interest to the fore.
  • A technique called ‘homomorphic encryption ‘ could help us strike the right balance.

The debate over balancing public interest and the basic human right to privacy is not new, but in recent months it has reached almost every household due to Covid-19.

In order to manage the global pandemic, there has been an onslaught of Covid-19 applications, including contact tracing and statistical data analysis tools to help identify patterns that may lead to cures or prevention measures.

Quite understandably, this has led to mixed emotions of relief and worry – relief from experts being able to collect and process data in order to curb the virus, and worry that the apps could be used to for the surveillance of people or to reveal sensitive personal data.

The development of these apps with an “accepted level of data protection” is probably the second most important Covid-19 innovation, after vaccines. The key challenge lies in ensuring information protection within these apps, and subsequently assuring society that the purpose is to trace the virus and not people.

What is homomorphic encryption?

Homomorphic encryption is a cryptographic tool that could offer the much needed balance between public interest and privacy.

Encryption of data is like placing the data in a box and locking it such that it can only be opened (i.e. decrypted) by those that hold the key to unlock the contents. In today’s world, information security specialists have defined three key states of data – data at rest, in transit and in use. Using the analogy of the locked box, encryption of data at rest is putting the locked box in a storage facility, while encryption of data in transit is moving the box from one facility to another without revealing the contents. Modern cryptography has done a great job in protecting data at rest and in transit using different encryption algorithms.

“Encryption of data in use” can be more challenging. An example would be placing two numbers in a box and performing a mathematical calculation on those numbers without having to open the box and see the original numbers. Imagine how useful this mechanism would be in performing Covid-19 related risk calculations while protecting personal data.

Computation over encrypted data is known as homomorphic encryption, which has existed since the 1970s in its partial form, hereafter PHE. There are two types of PHE: additive and multiplicative. This means numbers entered in a locked box can be either added or multiplied (but not both) with each other without revealing the original contents. For more complex calculations involving both operations, a full homomorphic encryption, hereafter FHE, is needed. The concept of FHE was barely a dream until the computer scientist Craig Gentry made it a reality in 2009.

Figure 1 illustrates homomorphic encryption using the analogy of boxes, sticks and dynamites that somewhat defy the laws of physics but could help readers visualise the concept.

PHE: The blue boxes and pink boxes in figure 1 are locked and can only be unlocked by those holding the key.

  • When sticks are entered in pink boxes and then multiple pink boxes are connected with each other, the borders between them disappear adding all the sticks together.
  • The blue boxes allow for dynamites to be entered. When boxes of this type are connected together, their internal borders also disappear but the number of dynamites multiply with the number of dynamites in the adjacent box, resulting in number of sticks that equal to the product.

The pink and blue boxes do not connect with each other. This means if we wanted to perform a complex function that involves both addition and multiplication, the process would involve taking out the contents in the midst of the calculation at some point.

FHE: If addition and multiplication needs to be performed without having to take the contents out of the boxes (i.e. enabling end to end encryption during computation), a new type of box needs to be designed which allows for the operation to be set to addition or multiplication as needed.

The table below gives examples of the homomorphic encryption in context of a University gathering Covid-19 research data.

Despite the strong privacy notion provided by FHE, it is not used today due to being computationally inefficient.

The speed ratio between FHE and the calculation of un-encrypted data is actually 450 times greater than the ratio of the average man walking and a passenger aircraft.

Nevertheless, crisis is the mother of innovations. In 2020, the year of Covid-19, recent initiatives led to FHE becoming 1000 times faster than Gentry solution; an excellent indication that we are on the right track.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

EU Civil Protection Mechanism must be sufficiently funded to save lives

The power of digital tools to transform mental healthcare

A Year in China

GSMA Outlines New Developments For MWC19 Shanghai

“Our house is on fire.” 16 year-old Greta Thunberg wants action

FROM THE FIELD: Conversations about Conservation

The Amazon is reaching a dangerous tipping-point. We need to scale solutions now if we have any chance of saving it

How we measure stakeholder capitalism will determine our recovery

UN underscores the need to celebrate indigenous peoples, not confine them

South Sudan famine threat: UN food security agency in ‘race against time’

Parliament seals 2014 EU budget and the spending ceiling until 2020

How COVID-19 is taking gaming and esports to the next level

DR Congo: Restore internet services as ‘a matter of urgency’, urges UN expert

COVID-19 put 1.6 billion children out of school. Here’s how to upgrade education post-pandemic

Historic first, as Tolstoy’s War and Peace lands in Geneva, to mark international centenary

Groundbreaking cancer-fighting drugs now included in updated UN list of essential medicines

What the Women’s World Cup can teach us about capitalism

Why remote working doesn’t have to mean alienated employees

What’s an ‘essential service’? Not knowing could block access to key digital services during COVID

Summer 2019 Economic Forecast: Growth clouded by external factors

One-third of Afghans need urgent humanitarian aid, millions suffer ‘acute food insecurity’

Antitrust: Commission consults stakeholders on a possible new competition tool

Disease slashing global meat output, cereals boom, bananas under watch: FAO

DiscoverEU: 20,000 more young people will explore Europe in 2020

‘No safe way’ into battle-scarred Afghan city of Ghazni to deliver aid as traumatized children search for parents

China-EU Special Report: Chinese Premier Li Keqiang endorses China’s big investment on Juncker’s plan at 10th China-EU Business Summit

This Japanese town has banned urban sprawl

EU to relocate 40,000 migrants across the bloc: first step of a long due substantial reform?

How the inventor of the internet plans to make it safe and accessible for everyone

Auditors say EU spending delivers limited value for money but the timing of their report poses questions

What just happened? 5 themes from the COP24 climate talks in Poland

Human trafficking: stronger measures to protect women, children and migrants

How regenerative agroforestry could solve the climate crisis

Two-thirds of global drug deaths now from opioids: UN drugs report

Agreement reached on new EU Solidarity Corps

Google’s bare truth: Europe’s Chief denies EU accusations but admits they “don’t always get it right”

State aid: Commission approves Luxembourg guarantee measure to further support economy in coronavirus outbreak

Nagorno-Karabakh: EU allocates additional €3 million in humanitarian aid for conflict-affected civilians

State aid: Commission approves €24.7 million of Italian support to compensate Alitalia for further damages suffered due to coronavirus outbreak

This 3D-printed steak could help us reduce meat consumption

Powering through the pandemic

Why your next work meeting should be a ‘walk-and-talk’

4 eco-friendly products put sustainable spins on classic practices, from teacups to hankies

Parliament closes legal loophole to stop excessive Ukrainian chicken imports

FROM THE FIELD: South Sudan’s green shoots, highlight environmental recovery from war

6 ways countries can prepare for the next infectious disease pandemic

UN rights expert ‘strongly recommends’ probe by International Criminal Court into ‘decades of crimes’ in Myanmar

Global Citizen-Volunteer Internships

The Bavarians threaten Berlin and Brussels with immigration crisis

EU Member States test their cybersecurity preparedness for free and fair EU elections

With the right leadership, sustainable finance can help us shift to a low-carbon economy

More people now plan to get a COVID-19 vaccine than in December

How to provide health education and thus create better health systems

Mental health during COVID-19 outbreak: who takes care of health professionals?

IMF: All you want to know about Argentina

ICC Appeals Chamber acquits former Congolese Vice President Bemba from war crimes charges

Skills: Five new cross-border collaboration projects selected for Erasmus+ funding to develop excellence in vocational training in Europe

LGBTQI+ and medicine

Syria: UN chief warns Idlib offensive may set off ‘humanitarian catastrophe’

YouTube stars get creative at UN, to promote tolerance

More Stings?


Speak your Mind Here

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s