It can save a life, figure out someone’s predisposition to developing cancer, solve a crime from a long time ago or find long-lost relatives: genome sequencing has come a long way since the human genome was first sequenced in the early 2000s. Fast-forward to today, and this process of determining someone’s complete genetic code is becoming ever more routine. Thousands of COVID-19 survivors, for instance, are now getting their genome mapped, in a bid to help researchers understand how specific genetic makeup could affect a person’s susceptibility to the coronavirus.
But while peeking into someone’s DNA often does help prevent, diagnose and treat many diseases, obtaining the genetic fingerprint also exposes that individual’s personal information encoded in the genome. This is the conundrum around the future of precision medicine. Suddenly, you’re sharing all six billion base pairs of genes with the people sequencing your genome. Whatever the goal, genome mapping and sequencing jeopardizes our privacy.
But it doesn’t have to be like that. There is a way to completely obscure someone’s DNA records (and, to be clear, sensitive data sets in general) while still keeping the data useful: by encrypting it. Say hello to fully homomorphic encryption (FHE). A mouthful perhaps, but in reality a rather simple type of next-generation cryptography that is so secure that even future quantum computers won’t be able to crack it.
Encryption we commonly use today doesn’t make our data totally safe. Whenever one needs to run any computations, for example to carry out necessary medical genetic testing on a sequenced genome, the data have to be decrypted. However briefly, the data become susceptible to theft and leaks.
With FHE, though, the data never get decrypted. The information is encoded in such a way that it remains encrypted all the time—when it’s being transmitted or when it’s in storage, and also during any computations. The data stay cryptographically jumbled to preserve privacy while they are being processed, and so that even the people handling the data can’t know the contents. So even if the data do get stolen or leaked, they will remain safely encrypted. The recipient simply has to decrypt the results with a special secret key, and that move doesn’t reveal any information about the source.
Even when quantum computers become powerful enough to break modern cryptography, easily cracking typical encryption algorithms, they won’t be able to break homomorphic encryption. This is because FHE is based on the mathematics of lattices—repeating, multidimensional gridlike collections of points. Lattice-based encryption schemes hide data inside such a collection, some distance away from a point. Calculating just how far away an encrypted message is from a lattice point is extremely difficult for both a quantum and a traditional computer.
Scientists first started working on homomorphic encryption in the 1970s, but it stayed pure research until a decade ago. In 2009, computer scientist Craig Gentry developed the first FHE scheme as part of his doctoral dissertation. The following years, while he worked with collaborators at IBM Research, the technique kept getting refined, getting faster and more precise. Preserving genomic privacy is just one possible use of FHE. It can be used to preserve any sensitive data, be they medical records or financial information.
Homomorphic encryption also addresses the problem of sharing data—critical because of Europe’s GDPR regulations, a country’s specific privacy laws or even a company’s own regulations. For instance, take a bank. If two departments were to share their data, one dealing with insurance and another one with investment, there would be data aggregation, giving data analysts access to all the data. With FHE, the analysts wouldn’t have a clue what the data are about.
Last year, a Brazilian bank, Banco Bradesco, partnered with IBM for a trial of the FHE technology on real financial data. The researchers showed that it was possible to perform predictions on encrypted data, hiding the data during processing. First, they encrypted the existing machine learning–based prediction model and ran predictions with the same accuracy as without encryption. Then they retrained the model using new encrypted data and showed that it was possible to use homomorphic encryption to preserve the privacy of the data, never exposing any client information.
Currently, the computational requirements of FHE are a lot greater than with typical modern encryption, making the process much, much longer. But the technology keeps improving, and in the near future is likely to become fast enough for many different applications. When that happens, it should become the default crypto option for sensitive data, especially medical and genomic. Because at the end of the day, there’s nothing more important than the data about our genetic makeup and that of our children—the information about what makes us “us.”