• icelimit@lemmy.ml
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    3 months ago

    How is this then different from just processing plaintext in protecting privacy?

    Phone number is encrypted but this tech still allows telemarketers to call in?

    • FrederikNJS@lemmy.zip
      link
      fedilink
      arrow-up
      3
      ·
      3 months ago

      The idea is that you could have your data stored encrypted, such that the entity that is storing your data can’t read any of your data, but can still make calculations or updates to your data without ever learning anything about your data.

      The use cases seems rather narrow to me, but there are probably many that I just can’t think of at the moment.

      One idea could be something like a VPN service that wants to store as little data about the customer as possible. They could keep the account balance in an encrypted format. When you then add money to the balance, they can increment your balance by however much you paid, without knowing what your old balance was or what the new balance is. And they could then have another homomorphic function that can check whether your balance is positive. If your balance is positive you are allowed onto the service, if it’s not positive you don’t get access. And the company wouldn’t be able to know whether you had $5 in your account or $5000, just that your balance is currently positive.

      So yeah fundamentally it’s just being able to store and update some data, while the data is fully encrypted, never decrypting the data, to ensure some form of privacy or confidentiality