Security news that informs and inspires

Microsoft Open Sources SEAL Homomorphic Encryption Library


Microsoft has released to open source a cryptographic library that allows users to perform computations on encrypted data without having to decrypt it first.

The library is designed specifically with cloud computing use cases in mind, giving customers a way to interact with encrypted data stored on cloud services without downloading and decrypting it, or having to give the encryption key to the cloud provider. Microsoft’s Simple Encrypted Arithmetic Library (SEAL) is a product of the company’s Cryptography Research group and has been in use for several years now. The move to make it available as an open source library is part of a broader effort to make homomorphic encryption an industry standard.

“As we increasingly move our data to the cloud, there is a clear concern that arises: How can we balance convenience and privacy? We all love to get practical guidance on how to, for example, maximize our investments, improve our workouts, or reach our destinations as efficiently as possible. In exchange, we share personal information with service providers because we have few other options,” Kristin Lauter, Kim Laine, and Sreekanth Kannepalli, of Microsoft’s Cryptography Research group said in a post.

“With traditional encryption schemes, it is impossible to run any computation on encrypted data. So either we store our data encrypted in the cloud and download it to perform any useful operations, which can be logistically inconvenient, or we provide the decryption key to service providers, risking our privacy. Until now. Homomorphic encryption, which allows processing of encrypted data, gives us the ability to use these services without exposing our private information.”

The idea behind homomorphic encryption is a simple one but with a lot of complexity behind the scenes. Soon after the RSA encryption algorithm was published more than 40 years ago, researchers began looking at the problem of being able to perform computations on encrypted data. Various partially successful approaches were proposed in the following decades, but Microsoft’s SEAL library is one of the few fully homomorphic encryption libraries to become widely available. IBM also has released an open source homomorphic encryption library called HElib, which is meant more as a low-level library.

One of the issues that homomorphic encryption schemes have always faced is performance limitations. The algorithms take a lot of time and computing power to perform their operations, which has been a stumbling block for previous efforts. But modern systems have made the operations more feasible.

A number of companies are involved in the homomorphic encryption standardization effort, including IBM, SAP, and Intel. The chip-maker has implemented SEAL already and on Monday Intel released a backend to its nGraph neural network compiler that uses SEAL.

“HE allows computation on encrypted data. This capability, when applied to machine learning, allows data owners to gain valuable insights without exposing the underlying data; alternatively, it can enable model owners to protect their models by deploying them in encrypted form. HE-transformer is a research tool that enables data scientists to develop neural networks on popular open-source frameworks, such as TensorFlow*, then easily deploy them to operate on encrypted data,” Casimir Wierzynski, senior director in the office of the CTO for the artificial intelligence product group at Intel, said.

The SEAL library is available on GitHub.