Besides keeping data safe, this emerging tech could be a key trust builder for businesses
Another day, another data breach. A key factor in those surging attacks: encryption, or lack thereof.
Last year, 82% of breaches involved data stored in the cloud, IBM reports. The global average cost of a data breach in 2023: almost $4.5 million.
Nigel Smart and his colleagues at Zama aim to do something about that—and ultimately, help businesses build trust. Smart is chief academic officer of the Paris-based cryptography startup, which specializes in fully homomorphic encryption (FHE).
Let me try to explain that mouthful, with help from Smart. Typically, data is encrypted in transit and in storage—say, on a hard drive. But then that data—for instance, a batch of sensitive customer information—must be decrypted for processing. That leaves it vulnerable to theft. By contrast, FHE is end-to-end encryption that secures data while it’s in use. The data itself is accessible only to the holder of the decryption key.
In principle, a superior FHE engine could encrypt a query you type into Google, Smart says: “Google would do the search for you, not know what the response was, send the response to you, and you would decrypt it.”
Zama, which recently raised $73 million in Series A funding, builds FHE solutions for blockchain, the online ledger used to record transactions. Smart gives the example of a blockchain showing client activity for various banks. To prevent them from seeing one another’s accounts, Zama would add a layer on top of the chain that encrypts all the important stuff, while still allowing data processing.
Given its ability to encrypt what people do online, FHE has many potential uses. Confidential credit scoring is one. To combat money laundering, banks could use FHE to share information on criminal transactions without revealing anything sensitive. This encryption method would also make facial recognition secure by removing the need to surrender your biometric data.
Homomorphic encryption belongs to a group of what are known as privacy-enhancing technologies, a term Smart doesn’t like. Of the uses we’ve discussed, the only one that’s really about privacy is biometrics, he notes: “Everything else is about merging data together.”
That’s why Smart and others are promoting “partnership-enhancing technologies” as a better handle. “It’s about enabling new business models or new ways of doing business,” he says, “by encouraging partnerships in a way that you can pool data [so] you get the benefit of pooling data without the negativity.”
It’s a trust thing, Smart adds: “I want to get over that trust barrier, in a way which enables us both to make money, make a decision that is beneficial to society, or whatever.”
Great. So when will homomorphic encryption go mainstream?
We’ll have to wait and see.
The blockchain companies that Zama works with are among the early adopters. Microsoft’s Edge browser also uses homomorphic encryption, to check if the new password you’ve chosen matches one compromised in a breach.
But for now, there’s a big obstacle to broader use. Computing on encrypted versus unencrypted data is maybe 100,000 times slower, Smart explains. This year or next, though, companies could produce accelerator chips that will make encryption tools like Zama’s run much faster.
“Those two things together will enable widespread adoption,” Smart says of the hardware-software combo. “You’ll see it deployed in more and more applications, as these hardware accelerators come on board and get deployed into cloud infrastructures.”
Sounds like a worthwhile partnership.
Nick Rockel
nick.rockel@consultant.fortune.com
This story was originally featured on Fortune.com
