Crypto 103: Fully Homomorphic Encryption (FHE)

Crypto 103: Fully Homomorphic Encryption (FHE)

By Michael @ CryptoEQ | CryptoEQ | 10 Dec 2023


You are reading an excerpt from our free but shortened abridged report! While still packed with incredible research and data, for just $20/month you can upgrade to our FULL library of 50+ reports (including this one) and complete industry-leading analysis on the top crypto assets. 

67cbbf4723857b85c151585aa280e6d940346c501cef75bafd7dea02b44b24c9.png

Becoming a Premium member means enjoying all the perks of a Basic membership PLUS:

  • Full-length CORE Reports: More technical, in-depth research, actionable insights, and potential market alpha for serious crypto users
  • Early access to future CORE ratings: Being early is sometimes just as important as being right!
  • Premium Member CORE+ Reports: Coverage on the top issues pertaining to crypto users like bridge security, layer two solutions, DeFi plays, and more
  • CORE report Audio playback: Don’t want to read? No problem! Listen on the go.

 

Introduction to Blockchain Evolution and Challenges

The inception of blockchain technology, primarily through Bitcoin, revolutionized the digital asset space by introducing a permissionless and decentralized financial layer. Ethereum furthered this innovation by implementing smart contracts, thus fostering the development of a myriad of decentralized applications. However, as blockchain technology continues to evolve, it encounters persistent hurdles, particularly in areas of privacy and extensibility, with extensibility encompassing the capacity for computing and handling sensitive data within the blockchain ecosystem.

Privacy and Security Trade-offs in Current Blockchain Frameworks

In their current iteration, blockchain networks operate openly, offering unrestricted access at the cost of compromised privacy and security. To tackle these challenges, cryptographic methodologies, notably multiparty computation (MPC) and zero-knowledge proofs (ZK), have been employed, albeit partially addressing the concerns.

MPC

Multi-party computation is a solution for securing data among several participants in a private manner. It allows many parties, each with their own private data, to verify the final computation without revealing their own secret portion of the data. Each participant in an MPC possesses a piece of confidential information. Typically, one entity owns one part of a cryptographic key that can move funds or change code.

MPCs shard a private key into many segments, with each individual possessing a portion of the private key. When signing a transaction, a subset of MPC nodes must independently sign the transaction and communicate it to the larger group. In order to sign transactions, each participant inputs their secret portion and a public input (the message to be signed) to generate a digital signature. Then, anyone with access to the public key should be able to validate and verify the signatures. Since the key shares are pooled and the signature is generated off-chain, an MPC wallet transaction cannot be distinguished from a typical private key wallet.

MPC wallet

Even if a bridging protocol has a limited quantity of relayer nodes, the relayers can be chosen at random from the pool of candidates to create the multi-party computing (MPC) group. To authorize a cross-chain transaction, the protocol can require a minimum number of relayers to come together and sign the message before any action can be taken. The greater the threshold of an MPC group, the less likely it is that relayer groups will collude.

MPC also guarantees that if a number of parties inside the group decide to disclose information or depart from the protocol's instructions during execution, the MPC will not allow them to coerce the honest parties into outputting an inaccurate result or leaking confidential information. 

Zero-knowledge Proofs

In general, a ZK/validity proof is a cryptographic method of transaction verification in which a prover develops a proof for specific information, and a verifier validates the proof. A ZKP allows someone to publicly verify that they possess specific information without revealing the specifics or details of that information. As a result, Zero-Knowledge cryptographic proofs provide phenomenal privacy features as well as reduce the computing and storage resources for validating the block by reducing the amount of data held in a transaction (since zero knowledge of the entire data is needed). 

The establishment of ZKPs typically involves an initial Setup Phase, a process that can occur once for an entire blockchain or may necessitate repetition for every individual proof. Ideally, ZKP protocols would operate efficiently without demanding an extensive public setup. During this setup phase, the system generates a Prover Key (PK) and a Verifier Key (VK). Despite the suggestive nomenclature, both of these 'keys' are, in fact, public. This initial phase is crucial in setting the foundation and instilling trust for the continued execution of the protocol.

Post-setup, the process orbits around two central figures: the prover and the verifier. The prover receives specific inputs, which generally include the calculation they wish to verify and a 'witness' supporting that computation. This 'witness' term may seem confusing, but it merely represents corroborating evidence for the computation. The "witness" is the knowledge shared (the data) between a prover and a verifier. The prover must prove that they know the witness accurately, and the verifier must be able to assess whether the proponent has knowledge of the witness.

Consider an example where the task involves modular arithmetic, specifically discerning if a particular number is the square of another number. In this instance, the computation would entail 'squaring modulo something,' while the witness would be one of the square roots.

The prover uses these inputs to generate the proof and forwards it to the verifier. Subsequently, the verifier applies the verifier key to ascertain the validity of the proof. By grasping these fundamental concepts, one can begin to demystify the intricate world of ZKPs.

Validity proofs are complex and rely on polynomial commitments. In polynomial commitments, information from each stage of a verification calculation is encoded as polynomials. By checking the polynomial equations, you indirectly ascertain the numerical calculations, but the process for hashing these polynomials is challenging. The top three polynomial hashing algorithms for polynomial commitments are:

  • Bulletproofs (Monero)
  • KZG (Kate) Polynomial Commitments (most ZKRs)
  • FRIs (Polygon)

zkps Source

Shafi Goldwasser, Silvio Micali, and Charles Rackoff invented ZKPs in 1985. Since then, ZKPs have been one of the most actively researched topics in cryptography, thanks to the privacy benefits they offer. Moreover, they have recently had a substantial impact on real-world applications, particularly concerning blockchain technology and cryptocurrencies. ZCash, a pioneering privacy-focused blockchain project, uses ZKPs to create financial transaction anonymity. Specifically, ZCash uses an optimized form of ZKPs known as zkSNARKs, along with shielded transactions that obfuscate transaction details across its public blockchain network, providing anonymity and fungibility. 

ZKP SHORTCOMINGS

The realm of decentralized finance (DeFi) has grappled with the challenge of achieving on-chain confidentiality, with previous efforts largely focusing on zero-knowledge proofs (ZKPs). Despite their potential, ZKPs were not inherently designed to support confidentiality in on-chain DeFi applications. To illustrate this, let's consider the case of Zcash, a cryptocurrency that employs ZKPs for secure transactions.

In Zcash, when a user initiates a shielded transaction, they construct a proof that demonstrates, in essence, their balance remains positive after the transaction. This proof is based on the encrypted history of on-chain transactions and the user’s unseen addresses. The crux of the issue with this approach is its inability to perform top-down logic on the system's state. The state, being a function of a series of ZKPs, remains opaque, thus hindering any system-wide logical operations or queries, such as determining the total tokens in a private pool.

This limitation signifies that zk-based methods cannot support a shared, encrypted state, which is a fundamental component of most DeFi systems. Although advancements have been made in ZKP technology, there are inherent logical limits that cannot be circumvented by cryptographic techniques alone.

Enter FHE…

The Emergence of Fully Homomorphic Encryption

A significant cryptographic advancement that holds promise in addressing the inherent challenges of blockchain is Fully Homomorphic Encryption (FHE). By enabling computations on encrypted data, FHE has the potential to significantly bolster privacy and extensibility within the blockchain sphere.

FHE maintains the overarching logic of a transparent financial system, enabling developers to compute over the system's state as if it were transparent despite the actual state remaining concealed. This advancement is poised to revolutionize approaches to on-chain confidentiality in the DeFi ecosystem.

Fully Homomorphic Encryption (FHE), a concept first proposed in the 1970s, has undergone significant evolution, particularly since 2009. This encryption method allows for operations on encrypted data, enabling both data privacy and utility. FHE's main strength lies in its ability to perform additive and multiplicative computations on encrypted data, a capability that has been a mathematical reality but continues to face challenges in practical application due to performance constraints.

The integration of FHE within the broader privacy-protection landscape involves its combination with Zero-Knowledge Proofs (ZKP), Multi-Party Computation (MPC), and Trusted Execution Environments (TEE). While FHE secures data during computation, it does not inherently verify the authenticity of these computations. This limitation can be addressed by pairing FHE with ZKP, thus ensuring both confidentiality and computation authenticity. Similarly, combining FHE with MPC can enhance efficiency, with FHE handling linear computations and MPC managing non-linear ones.

Understanding the Mechanics of Fully Homomorphic Encryption

Fundamentally, FHE permits operations on encrypted data without necessitating its decryption, a process often referred to as "confidential computing." This approach eliminates vulnerabilities typically associated with data breaches during transitional phases of decryption and re-encryption, thereby enhancing overall data security.

A critical aspect of FHE is its handling of encrypted data, which includes the addition of random noise to ensure security. The encrypted data, thus, comprises the original data plus this noise. However, this approach leads to challenges in computation accuracy, as the noise can accumulate over multiple operations, potentially corrupting the actual data. The rate of noise growth varies based on the encoding technique used. To mitigate this, providing sufficient space for noise expansion is a common strategy, enhancing efficiency but limiting the number of feasible computations. This limitation is particularly pertinent in the context of smart contracts, which often require the capacity for indefinite updates, as seen in cases like ERC-20 tokens.

To address the noise accumulation issue, bootstrapping is a technique employed to reset the noise to a manageable level, thereby enabling ongoing computations. However, bootstrapping is a resource-intensive process, both in terms of memory and computational power, leading to ongoing research focused on optimizing this aspect of FHE.

Fully Homomorphic Encryption presents a diverse array of applications within the blockchain environment, each catering to different aspects of data security and privacy:

  1. Enhancing Data Confidentiality: FHE enables data stored on the blockchain to remain encrypted while still being verifiable. This is particularly useful in creating decentralized identity platforms where encrypted user identity data can be securely stored and verified without compromising privacy.
  2. Secure Computation of Off-chain Data: Through FHE, sensitive off-chain data, such as healthcare records, can be processed while remaining encrypted. This approach ensures privacy preservation during processes like healthcare data onboarding.
  3. Facilitating Cross-chain Interoperability: FHE can simplify the storage of private keys across different blockchains, thereby reducing the complexity involved in bridging various blockchain networks.
  4. Improving Cryptocurrency Governance: The use of FHE in encrypted on-chain voting systems can potentially reduce voter bias and encourage more private participation, as votes on cryptocurrency governance proposals can remain confidential.
  5. Enabling Confidential Transactions: FHE allows for transactions to be computed while encrypted, ensuring the privacy and security of sensitive financial information while maintaining the transparency inherent in blockchain technology.

Security Concerns

In exploring the intricacies of Fully Homomorphic Encryption (FHE) in blockchain technology, we encounter several concerns, particularly regarding the management and security of decryption keys. A notable application of FHE in blockchain is seen in the Secret Network, which proposes a unique solution to the key management dilemma. The approach involves distributing pieces of the secret key among various oracle nodes, utilizing threshold Multi-Party Computation (MPC). This strategy aims to bolster security, but it raises questions about the reliance of FHE security on MPC's security framework. 

Quick Detour on Secret Network

The Secret Network (SCRT) is a Layer-1 blockchain network that was built by leveraging Cosmos technology. There’s been a heightened focus on default data privacy for smart contract executions, giving developers an option to build applications protected immediately. Secret Network uses a concept called programmable privacy, which adds privacy controls to an application on the network.

From a fundamental standpoint, Secret is simply an L1 blockchain network that supports encrypted smart contract transactions. To operate, Secret Network can be viewed from both its trustless and trusted components. Trustless components of SCRT are simply the code executions that don’t need to be privately protected and cover the core mechanics of the network.

secret network 2 Source

Back to FHE Security

FHE offers an advantage over traditional MPC by delegating the bulk of computational work to completely untrusted nodes, reserving the semi-trusted quorum for threshold decryption. This contrasts with MPC, where the quorum is responsible for all computational tasks.

The operational mechanism of this system is as follows:

  • Secret key pieces are generated and distributed among network validators.
  • Each validator performs a portion of the decryption process.
  • The partial decryptions are combined to reveal the fully decrypted data.

This system's security is predicated on the assumption that two-thirds of the validators are honest. However, this necessitates a stable and limited validator set, a critical consideration for maintaining integrity.

In the case of the Secret Network, network validators play a crucial role in consensus building. They are required to assert decisions during consensus time without compromising data privacy. This is achieved through a two-round consensus mechanism. In the first round, consensus is reached on the data to be decrypted, with the oracle decrypting the data upon receiving consistent decryption requests from most validators. Subsequently, validators update the chain state and append the block to the blockchain.

A key challenge is ensuring users cannot decrypt the data of others. For instance, a user could potentially write a contract to decrypt inputs and provide someone else’s encrypted data as input. To counter this, Zero-Knowledge Proofs (ZKPs) are employed. Users must provide a ZKP for every encrypted input they send to the network, proving they possess knowledge of the value they are sending in an encrypted form.

In summary, while FHE on blockchain presents a promising avenue for enhancing privacy and security, it also introduces complex challenges in key management, computational distribution, and ensuring data privacy. Addressing these challenges requires a careful balancing of cryptographic techniques like MPC, threshold decryption, and ZKPs, ensuring a robust and secure blockchain ecosystem.

Conclusion

As blockchain technology continues to mature, the integration of Fully Homomorphic Encryption represents a pivotal technological advancement poised to address critical privacy and scalability challenges. Its capacity to resolve privacy and data-sharing limitations positions it as an invaluable tool in the ongoing evolution of blockchain technology, offering a pathway toward more secure, private, and versatile applications.

How do you rate this article?

125


Michael @ CryptoEQ
Michael @ CryptoEQ

I am a Co-Founder and Lead Analyst at CryptoEQ. Gain the market insights you need to grow your cryptocurrency portfolio. Our team's supportive and interactive approach helps you refine your crypto investing and trading strategies.


CryptoEQ
CryptoEQ

Gain the market insights you need to grow your cryptocurrency portfolio. Our team's supportive and interactive approach helps you refine your crypto investing and trading strategies.

Publish0x

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.