Privacy

40073 readers

846 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

"The entire business model built on harvesting user data could become obsolete" with Fully Homomorphic Encryption (boingboing.net)

submitted 2 days ago by ooli3@sopuli.xyz to c/privacy@lemmy.ml

19 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] UndulyUnruly@lemmy.world 16 points 2 days ago (1 children)

My basic understanding is that the concept of homomorphically encrypted data allows for processing of said encrypted data without the need for prior decryption.

Hence, it enables computations and processing on encrypted data (ciphertext) that yield results matching those from the original data (plaintext) without the data needing to be decrypted at any point.

[–] icelimit@lemmy.ml 3 points 2 days ago (1 children)

How is this then different from just processing plaintext in protecting privacy?

Phone number is encrypted but this tech still allows telemarketers to call in?

[–] FrederikNJS@lemmy.zip 4 points 1 day ago (1 children)

The idea is that you could have your data stored encrypted, such that the entity that is storing your data can't read any of your data, but can still make calculations or updates to your data without ever learning anything about your data.

The use cases seems rather narrow to me, but there are probably many that I just can't think of at the moment.

One idea could be something like a VPN service that wants to store as little data about the customer as possible. They could keep the account balance in an encrypted format. When you then add money to the balance, they can increment your balance by however much you paid, without knowing what your old balance was or what the new balance is. And they could then have another homomorphic function that can check whether your balance is positive. If your balance is positive you are allowed onto the service, if it's not positive you don't get access. And the company wouldn't be able to know whether you had $5 in your account or $5000, just that your balance is currently positive.

So yeah fundamentally it's just being able to store and update some data, while the data is fully encrypted, never decrypting the data, to ensure some form of privacy or confidentiality

[–] icelimit@lemmy.ml 2 points 1 day ago (1 children)

I understand that this is an analogy, but I feel this also weakens the encryption somewhat, as now a potential attacker could do a simple binary search on the encrypted data to deduce the absolute balance.

[–] ChairmanMeow@programming.dev 1 points 1 day ago

Presumably the data is still encrypted with a user-specific key.