How encrypted is your encryption? It’s a question that 99.99% of people can’t answer because 99.99% of the world aren’t cryptographers. They don’t code messenger apps, develop encryption algorithms or secure enterprise infrastructure. Like the efficacy of air bags or the optimal speed at which to run a particle accelerator, most of us just have to trust the experts when they say it works.

We’ll get to what the experts say on encryption shortly, but first let’s summarize what we do know about end-to-end encryption (E2EE). End-to-end encryption is a method of data encryption where only the communicating users can read the messages. In an E2EE system, the data is encrypted on the sender’s device and only decrypted on the recipient’s device. This prevents third parties, including the service provider that transmits or stores the data, from being able to decrypt or access the messages. 

Used in everything from email to cloud storage, E2EE is the backbone of the internet. It underpins much of our digital communications, allowing us to converse and transact in privacy without sensitive data being shared with the world. But as with most technologies, there are many standards used to implement E2EE and the encryption strength varies greatly. Despite its reassuring name, there are instances where end-to-end encryption can be broken and messages read. Thankfully, there’s a solution to this problem and it comes in the form of Fully Homomorphic Encryption (FHE). 

Cryptography is a minefield of acronyms and abbreviations, but FHE is one to remember. You’ll be hearing it a lot in future as this powerful privacy technology is rolled out.

The Trouble With E2EE

If you’ve ever sent a message over Signal or Telegram, written an email, or uploaded your holiday snaps to iCloud, you’ve used encryption. It’s so seamlessly integrated into our devices and software that we use E2EE all the time without even realizing it. While end-to-end encryption has facilitated all the internet tasks we take for granted today, from digital banking to buying a pair of sneakers, E2EE has its shortcomings.

One of the greatest problems with E2EE encryption is that it’s implemented on a trust basis. When companies claim to use end-to-end encryption, we have no way of knowing just how true that claim is. We usually don’t know which encryption algorithm they’re using and whether it’s susceptible to brute forcing or contains vulnerabilities. We don’t know whether it’s truly end-to-end or merely implemented at the point of transmission. And we don’t know whether platforms have built in any back doors at the request of law enforcement. Essentially, E2EE comes down to “Just trust me bro.”

Why E2EE Is Stronger With FHE

Fully homomorphic encryption (FHE) is a form of encryption that allows computations to be carried out on ciphertext. It generates an encrypted result which, when decrypted, matches the result of operations performed on the plaintext. This means that data can be processed while still encrypted, without ever needing to be decrypted.

As you can imagine, this is a big deal because it eliminates reliance on third parties, such as messaging platforms, not to misuse data. Even if their system contained a backdoor, the data would be fully encrypted and uncrackable, eliminating the possibility of things such as man-in-the-middle attacks. With FHE, a provider can return the results of a search such as for an encrypted file in the cloud without needing to see the underlying data.

Naturally, the potential use cases for FHE are vast, encompassing any situation in which E2EE is used. It’s also got significant potential in the development of blockchain networks, since FHE allows data to be transmitted over public networks, making its validity verifiable but keeping the financial data private. This capability is currently being leveraged by Fhenix, which has developed a fully homomorphic encrypted virtual machine that supports confidential smart contracts.

Fhenix’s fhEVM operates like Ethereum’s EVM but using encrypted data, opening the door to an array of powerful financial and healthcare applications. The fact that FHE is also lighter than other blockchain-based encryption technologies such as zero-knowledge proofs also makes it less resource intensive, which is desirable on public blockchains when every byte of data matters. Elsewhere, FHE is used by major enterprises such as IBM and GPU.netm, who recognize its unique properties and versatility.

Making Encryption Work for Everyone

One of the problems with the current security landscape is that there are so many competing standards, with different vendors using different solutions or even coding their own. This makes it extremely hard for consumers to tell how secure their data is, since they can’t easily ascertain which type of E2EE is in place and how well it’s implemented. While this is a problem that FHE cannot solve, as more companies switch to fully homomorphic encryption, the uptake will help to enhance data security across the board. It’s too much to expect that all major platforms will switch to FHE, but growing demand for the technology augurs well for the future of web security.

The main takeaway from FHE is that it eliminates the risk of data leaks by keeping data encrypted throughout the transmission and computation process. Since data remains encrypted even during processing, it is protected from adversaries who might attempt to access or steal plaintext data. It should also be noted that FHE provides compliance benefits too, since it can help organizations meet regulatory requirements for data privacy and security by minimizing exposure of sensitive data.

Healthcare providers can securely process medical records and genomic data without compromising patient privacy. Banks and financial institutions can analyze encrypted data without risking exposure and ML models can be trained on encrypted data, preserving the confidentiality of the training data and potentially the model itself. E2EE is a wonderful invention that we take for granted. FHE takes that breakthrough and makes it better, ensuring that end-to-end encryption lives up to its name.