Public blockchains introduce a myriad of use cases, but for the opportunities created, their public status presents restrictions. At Keep, this is something we’re working to resolve with the use of privacy primitives that work with public blockchains to enable smart contracts to interact with private data in a secure way.

The Keep Network is a functional privacy layer designed to provide deep interactivity with private data across public blockchains. Supporting interoperability amongst data and chains, the Keep Network requires a security mechanism to enable secure storage and computation over secrets.

We do this by combining technologies that together provide an interoperable shield for data, making it both secure and usable across public networks. We’ve implemented the threshold elliptic curve digital signature algorithm (T-ECDSA) with equal parts homomorphic encryption and secure multiparty computation (sMPC). In this post, we’ll look at homomorphic encryption; what it is and why it’s important for the Keep Network.

Computing ciphertext

Homomorphic is translated as “of the same and similar form.” Unlike other cryptography schemes, homomorphic encryption allows computation to be done on ciphertext, providing the same results as if the computation was done on plaintext. Homomorphic encryption does this by adding an evaluation capability for cryptographic operations performed on encrypted data.

Homomorphic encryption may provide high-level protection of the secret. Allowing for privacy-preserving outsourced storage and computation, homomorphic encryption enables new possibilities for services making data sharing more efficient. While someone will ultimately require the data to be decrypted, for the purposes of sharing and computing over sensitive information, it is not necessary. Being able to put data through computation without first decrypting it provides opportunities to use data securely across public networks.

Valuable across a number of functions, this form of cryptography is particularly beneficial to systems requiring high-security guarantees where data can be stored and accessed securely. For example, key-holding parties could search encrypted data on a cloud server using a homomorphically encrypted query, avoiding privacy issues that surround valuable personal information.

Services that analyze our data are another use case for homomorphic encryption, like with credit scores. We can submit our encrypted data to the credit score company, and using homomorphic encryption, they don’t need to decrypt it — it can stay private. In this example, the company can run their credit score algorithm on the data, which operates entirely on ciphertext and produce new ciphertext which also cannot be decrypted. The company sends this ciphertext back to you and with the same key that encrypted your data, you can decrypt it to see your credit score.

A further use case for homomorphic encryption and something many of us use today is facial recognition. When you authorize yourself for online banking via a laptop or mobile phone camera, you take a picture of your face and encrypt it before sending it to the bank. The bank has encrypted facial data so it does not have to access your biometric data without being able to decrypt it — and the bank is not able to decrypt because it does not hold the key. When you try to log into your bank account, you take another picture and decrypt it. This picture is sent to the bank’s server. Now, with the bank having the reference picture, they can compare them and determine whether the person in front of the computer is the owner of the bank account and should be given access. Homomorphic encryption makes this comparison process possible.

For Keep, homomorphic encryption makes public privacy possible. By enabling the use of secrets across public blockchains, interoperability is supported and the usability of blockchain technology is increased.

T-ECDSA with homomorphic encryption

We have implemented T-ECDSA with partially homomorphic encryption and sMPC to build decentralized, trustless signing system component.

The threshold component of T-ECDSA refers to threshold signatures, a signature scheme that enables distributed signing amongst a number of participants. This is a functionality offered by T-ECDSA keeps.

There are different types of homomorphic encryption; fully homomorphic encryption supports an arbitrary number of operations, while somewhat homomorphic encryption supports a limited number of operations. For our T-ECDSA implementation, we used Paillier cryptosystem which is a partially homomorphic encryption scheme. Being able to perform sums of encrypted data, we could implement sMPC operations allowing to generate private T-ECDSA key split over signing group participants and sign transaction hash without revealing private key shares of those participants. I explained this in greater depth during a San Francisco Blockchain Week 2018 talk.

Decentralized signing for interoperability

By removing privacy barriers that inhibit the sharing of public data, homomorphic encryption can enable new services. At Keep, our focus is delivering a network that allows for interoperability across public chains. To do this, a security primitive is needed for the secure storage of data. With homomorphic encryption, T-ECDSA makes this possible, supporting cross-chain communication with decentralized signing and ultimately, the expansion of digital ecosystems.