A challenge with prior attempts to commercialize and apply homomorphic encryption is that the output of computations on encrypted data is also encrypted, and the output can be decrypted only with the secret key of the data owner. If the data owner wants to share the results of a computation, the data owner previously had to either share the secret decryption key, or decrypt the result and share the result directly.
Sharing secret decryption keys is unacceptable because it may lead to key leakage and whoever has the key can decrypt the source data. Decrypting and then sharing the result may place an unnecessary burden on the key owner to be directly involved with sharing computation output with every allowed recipient. Both of these prior approaches add complication, and a simpler approach was needed.
Members of our technical staff developed a way to effectively address the problem of securely sharing the results of computations without sharing secret keys or requiring the data owner to download the result. Duality developed a recent concept, called Proxy Re-Encryption (PRE), and adapted it for high performance with homomorphic encryption. PRE enables a data owner to cryptographically designate someone as being approved to access encrypted data. We provide an approach to PRE that allows the sharing of encrypted computation results without the sharing of secret decryption keys.
The Duality approach to PRE relies on a designated recipient to share their *public* key with the data owner, either before or after the computation is performed that needs to be shared. The data owner generates a special public key, known both as an “evaluation key” and as a “re-encryption key”. The evaluation key acts as a public key in that it can be widely shared without providing insight into how to decrypt a ciphertext.
When a computation generates an encrypted output, the PRE evaluation key is used by the computation server to perform a Proxy Re-Encryption on the ciphertext with the PRE evaluation key. The resulting ciphertext can then be decrypted using the approved recipient’s secret decryption key only.
We have found in practice that our approach to using PRE for results sharing greatly simplifies one of the primary complexities of using encrypted computing technologies. Not only is PRE helpful in this way, but it is also very practical. Duality’s approach to PRE adds little additional overhead to the standard homomorphic decryption processes, thus making our approach to results sharing very easy to adopt.
