Once upon a time there was… crypto!(graphy)

As you might already be aware, we employ sophisticated cryptographic techniques to ensure the high levels of security and privacy our solutions demand. Cryptography is essentially the science of safeguarding secrets from unauthorized access or alteration. It began with relatively simple strategies, such as rearranging the characters of a message in a pattern known only to the sender and receiver. Over time, it has evolved to include complex practices like symmetric and asymmetric encryption, hash functions, and various other algorithms.

By the way, ‘crypto’ a few years back referred exclusively to cryptography. However, with the advent of Bitcoin, its meaning has shifted in popular usage and media. So, don’t get confused when reading this post 😊.

Beyond the ‘standard’ cryptographic protocols that are widely used (often without users’ awareness, like when transferring tokens from a non-CEX wallet which involves digitally signing a transaction using your private key – the one secured by your 12-24 word passphrase written on paper), we’ll delve into some of the more advanced protocols that we utilize 😉.

Let’s start with the Homomorphic Encryption

Homomorphic encryption is a form of encryption using some types of cryptographic algorithms, that supports the mathematical operations of the encrypted data, In such a way that these operations are also applied in the encrypted contents. Therefore, it is possible to operate several cyphertext (e.g., multiply), obtaining as a result another cyphertext containing the encrypted result of the operation of the cyphertext contents (e.g., the product of the data contained in the operated cyphertexts). So, the result of the operation is obtained after decrypting this latter cyphertext. That way, it is possible to operate information without disclosing it, since the data remains encrypted and only the result is decrypted. This means that data can be encrypted and sent to a third party for processing it without ever exposing the original data or the result, except to the holder of the decryption key.

The benefit of this approach is that it enables secure data processing in untrusted environments, ensuring privacy and confidentiality of the data. This capability is crucial in scenarios such as in handling medical records, financial information, secret information and other sensitive data, as sensitive data can be processed without giving the service provider access to the actual data (e.g. the cloud provider).

Depending on the type mathematical operations supported by the encryption algorithm, we can distinguish between partially or fully homomorphic encryption. Partially homomorphic encryption (PHE) only supports one type of operation, such as addition (additive homomorphism) or product (multiplicative homomorphism). Fully homomorphic encryption (FHE) supports more than one (e.g., addition and product).

FHE or Full Homomorphic Encryption

As explained before, Full Homomorphic Encryption (FHE) extends the concept of homomorphic encryption by enabling arbitrary computations on encrypted data using different operations. Furthermore, FHE is not limited by the number of operations that can be implemented, otherwise it will be considered as Somewhat Homomorphic Encryption (SHE). This means that with FHE, it’s possible to perform complex processing tasks on encrypted data, such as formulas combining the addition and multiplication of cyphertext, without ever decrypting them. The key benefit of FHE is its versatility and the broad spectrum of applications it supports, from secure voting systems and confidential medical research to encrypted search and secure data sharing between organizations.

However, Full Homomorphic Encryption faces significant challenges, primarily related to the performance and computational efficiency of the algorithms supporting it (e.g., Lattices). The process of performing operations on encrypted data is much more computationally intensive than operating on plaintext, leading to slower performance and increased processing time. For instance, it is important to prove that the operation of the cyphertext does not manipulate the final results or can be used to compromise the secrecy of the information encrypted (for instance, using Zero-Knowledge Proofs). Additionally, the complexity of FHE algorithms makes them challenging to implement and requires substantial computational resources, which can be a barrier to widespread adoption. Despite these challenges, ongoing research and improvements in algorithm efficiency are gradually overcoming these hurdles, making FHE more practical for a wider range of applications.

Now that you are fully homomorphic-aware, let’s talk about another common concept  that is important for implementing advanced cryptographic protocols and that are so used for scalability in blockchain:

Our friends the Zero Knowledge Proofs or ZKPs

Zero-Knowledge Proofs (ZKP) are cryptographic methods allowing one party (the prover) to prove to another (the verifier) that a statement is true without revealing any secret information beyond the validity of the statement itself. For instance, to proof that the content of a cyphertext is within a range of values (that someone has more than 18 years) without revealing the content of the cyphertext (the year of birth). ZKPs offer enhanced privacy and security, enabling secure authentication and verification processes without exposing sensitive data. As mentioned before, they are also important when implementing operations over cyphertext, as no one is manipulating the encrypted data because it is not visible.

Benefits include preserving privacy in transactions, reducing the risk of private data leakage, and enabling trustless systems in distributed environments (e.g., blockchain technology). However, challenges include complex implementation, significant computational resources for certain protocols, and scalability issues. As technology advances, ongoing research aims to address these challenges, making ZKPs more accessible and efficient for widespread use.

An to finalize this intro, let me talk about a family of mechanisms that are not so common (or to be honest, very rare) in the blockchain world:

Steganography, or hiding secrets in plain view

Steganography is the practice of concealing messages or information within other non-secret data, such as text, images, videos, or audio files, making the hidden information imperceptible to the casual observer.

The primary benefit of steganography lies in its ability to hide the existence of communication, enhancing security by keeping the message invisible to everyone except the intended recipient. It’s particularly useful in bypassing censorship and ensuring privacy.

However, challenges include the risk of detection through sophisticated analysis techniques, limited data capacity for hidden messages, and the need for both sender and recipient to agree on the method used for hiding and recovering the information. Despite these challenges, steganography remains a valuable tool in the arsenal of data privacy and security methods.

We hope that you enjoyed this “summary” and that we were able to teach you something new. Happy to get your comments and insights!