How to process data without giving access to it?
Homomorphic Encryption
Tell Me More

Story

A use case of our technology.

PeacefulHealth is a small health insurance company that partnered up with Cloudly, a cloud service provider. To protect privacy of its clients' data, PeacefulHealth encrypts information before storing it with Cloudly. However, PeacefulHealth also wants Cloudly to process clients' data upon request. "Process" could mean, for example, do statistical analysis of data, or search and retrieve information relevant to a particular client, etc. Traditionally, this is done by submitting a request to Cloudly for processing information. Cloudly will then decrypt the database (or part of it), process unencrypted data as requested and provide a response to PeacefulHealth.

With our technology, Cloudly would process data without decrypting any part of the database and send the result(s) to PeacefulHealth for decryption.

The advantages of our technology are:

  • Data holder can store information in encrypted form, so even if storage provider has a security breach, intruders will not get a hold of the actual data.
  • Storage provider never has access to the actual (unencrypted) data.
  • Storage provider does not know search parameters when queried. This is called private information retrieval.

Technology

Homomorphic Encryption

Homomorphic Encryption is a form of encryption under which the encryption function E commutes with one or another arithmetic operation. If it commutes with both the usual arithmetic operations, then E is called fully homomorphic encryption (FHE):

E(m1+m2) = E(m1) + E(m2)

E(m1*m2) = E(m1) * E(m2)

Private Information Retrieval

A useful feature of a fully homomorphic encryption is that it allows for private information retrieval, i.e., retrieving information from an encrypted database without the storage provider knowing what information was queried for.

Third Party Search

Another useful feature of our FHE scheme is that it allows for multiparty operations on an encrypted database. In particular, a third party can do search on an encrypted database without revealing to anybody what they are looking for.

Press

Infoshield and LifeNome Partner Up

Two NYC companies develop first homomorphic genetic data exchange standards for genomics applications to protect users' genomic data against cyber-threats and ensure privacy of sensitive genetic information. Infoshield LLC and LifeNome Inc. have partnered up to create query-enabled homomorphic encryption standards for genotype and phenotype data for cloud-based genetic applications.

"As the need for genetic data based applications grows and app stores like Helix, 23andMe or Sequencing.com gain ground, the encrypted storage and query of genetic data and phenotypical data becomes a critical pre-requisite for all companies involved in the storage and exchange of genetic data", says Dr. Ali Mostashari, the CEO of LifeNome Inc., a wellness genomics company headquartered in NYC. "Our partnership with Infoshield, a pioneer in practical homomorphic encryption, is a critical step for our company as well as for the entire personal genomics industry".

LifeNome and Infoshield have already tested the encryption standards on LifeNome's genomics API platform and intend to deploy a full solution by early summer 2017. Supported by its partnership with LifeNome Inc., Infoshield aims at providing their homomorphic encryption solution as an industry standard to the many existing and emerging companies within the personal genomics space within the next 12 months.

Our Team

Delaram photo

Delaram Kahrobaei

Dr. Delaram Kahrobaei is a doctoral faculty at the PhD program in computer science at the CUNY Graduate Center and Professor of Mathematics at NYCCT, the City University of New York, where she is the director of the center for logic, algebra, computation (C-LAC). She is a co-founder (with V. Shpilrain) and the President of Infoshield. The company was recently funded by an NSF I-Corps grant on big data encryption. Dr. Kahrobaei is serving or has served as PI or co-PI on several projects funded by NSF and ONR (Office of Naval Research).

Douglas Graham photo

Douglas Graham

Douglas Graham has led four early stage companies as CEO and each successfully obtained funding and then a subsequent exit and in each security was an essential component. In addition as a Managing Director at KPMG he led many engagements that involved challenging development of complex solutions including NetAid that involved a network of 1,700 computers with very high security distributed across five continents that was built and launched in 90 days. He also developed the CyberSecurity practice for KPMG and advised Deloitte on coordinating and relaunching their CyberSecurity practice worldwide. He has built several major PKI systems including one for Coca Cola and another that deregulated the wholesale electricity market. He also served as Chairman, CEO and President of an $8.5 billion bank and has served on public, private and non-profit boards. He joined Infoshield as the CEO in 2015.

Vladimir photo

Vladimir Shpilrain

Vladimir Shpilrain is a Professor of Mathematics at the City College of New York and Doctoral faculty at the CUNY Graduate Center where he is co-organizing the Algebra and Cryptography seminar and the New York Group Theory Seminar. His research interests include information security, combinatorial and computational group theory, and complexity of algorithms. He is serving (or has served) as PI or co-PI on several projects funded by NSF, NSA, and ONR (Office of Naval Research). In 2012, he was also awarded a prestigious Fulbright scholarship. Prof. Shpilrain is the managing editor of an international research journal titled “Groups, Complexity, and Cryptology” published by Walter de Gruyter. This journal is the primary publishing medium for new ideas in non-commutative cryptography. Prof. Shpilrain is also the founder of a series of international conferences on Geometric and Asymptotic Group Theory with Applications (GAGTA). These conferences emphasize applications of group theory to cryptography.