Is OpenFHE something that can be used on a web server to guarantee anonymity on use and processing?
Thanks.
Is OpenFHE something that can be used on a web server to guarantee anonymity on use and processing?
Thanks.
Sorry for my ignorance, but I really need to know.
Thank you.
OpenFHE works well for any application where FHE is the right cryptography tool. FHE achieves confidentiality/privacy and supports encrypted computations.
It is hard to answer you question w/o learning more about the use case. FHE can be used to encrypt the web request (hiding the content of the web request from the web server), process the web request, and send the encrypted result. But it cannot be used by itself to make the connection between web server and client anonymous. Please clarify the use case.
Thank you for your response.
It is difficult to be clear sometimes and I will attempt to do better.
I wish to create a server where the internal processing is all encrypted and therefore cannot be deciphered by anyone without the key.
Please let me know where further clarification is needed.
Are you saying the server gets an encrypted database from somewhere else and then performs homomorphic computations/analytics over this database? FHE can potentially be used for this (although some computations would be fast, and some would be slow, depending on how deep they are and whether they involve nonlinear functions).
BTW, who would be decrypting the results in this case? What are the privacy goals in this use case? What needs to be private and from whom?
Web servers are often a VPS or co-located device. These are not secure from nefarious operators, including governmental warrants. But even if continually under one’s own control, the warrant risk remains.
Good VPNs do not keep logs, so there is nothing to connect the visitor to the server in any identifiable manner. If the server has a certificate and the visitor has a browser that supports SSL, then the communications are encrypted.
This leaves the actual processing at risk if not encrypted as well. To make servers safe requires that everything the server does be encrypted.
Wikipedia states “Homomorphic encryption is a form of encryption that allows computations to be performed on encrypted data without first having to decrypt it………Homomorphic encryption eliminates the need for processing data in the clear, thereby preventing attacks that would enable a hacker to access that data while it is being processed,…”
The strong implication here is that the totality of the processing is done in an encrypted state. This is what I am looking for.
I can imagine that the LAMP software is unencrypted, which is fine. It is the information, the data, the server processes that must remain in an encrypted state.
FHE is efficient for certain computations like PSI/PIR or some ML statistics, but there are certain computations that are much slower than the plaintext, e.g., those that involve a large number of comparisons (for a large dataset). In other words, FHE would not be the most efficient option if you want to do arbitrary processing of encrypted data in an efficient manner. Typically FHE is chosen in practice for specific applications, and the underlying computations are fine-tuned to make them FHE-friendly.
If you need support for arbitrary computations in an efficient manner, than you might want to look into TEE or confidential computing, but keep in mind that these solutions often do not provide cryptographic guarantees (the data gets decrypted internally in a trusted environment).
Thank you for the suggestions.
It appears that TEE uses keys supplied by the hardware maker, thereby taking away from the user some of the security sought. The concept of confidential computing appears to rely upon TEE and so builds upon a shaky foundation. There has got to be better solutions.