Homomorphic Encryption Protects Data Everywhere

DZone 's Guide to

Homomorphic Encryption Protects Data Everywhere

In this article, we discuss how ShieldIO's use of homomorphic encryption can continue to improve fractal memory management and eliminate key store.

· Security Zone ·
Free Resource


We had the opportunity to meet with AJ Jennings, CEO and Co-founder and Simon Bain, CTO and Co-founder of  Shield.io during the IT Press Tour in San Francisco. AJ and Simon are providing a modern encryption-in-use approach to protect data which:

  • Uses fractal memory management.
  • Eliminates encryption key stores.
  • Solves latency issues while searching encrypted data.

Their solution offers comprehensive, cross-platform enterprise data protection that is database, application, infrastructure, and location agnostic. It has been tested and validated in concert with Oracle, SAP, Google, and Teradata with the most frequent adoption in healthcare (PHI), e-commerce (PII), and financial (PCI) industries.

You may also like: Secure Realm Encryption Key for Android Applications.

Data is the number one under-used corporate asset with an inability to view and gain insights from encrypted data without decrypting it. Additionally, there are increasingly disruptive regulatory data compliance constraints like GDPR and CCPA (California Consumer Protection Act). Regulations force companies, especially small and mid-sized, to spend money they don’t have. Key stores are a continued vulnerability. Outdated data protection methodologies lead to breaches. Database and application modifications leave infrastructure stressed and dissatisfied. Many companies are doing compliance and not security out of necessity.

Data protection has a history of legacy obsolesce with Lucifer Cypher (1971), transparent data encryption (1976), column-level encryption (1980s), data masking (1990s), and tokenization (1990s).

StealthIO is taking a data-centric approach to security by using real-time homomorphic encryption to perform mathematical functions on encrypted data and getting a return on it without decryption. This eliminates latencies associated with searching encrypted data, complexity in deployment, and the vulnerability of the key store, which is fundamental to reducing the available attack footprint of the hacker.

Hackers do not break encryption; they steal encryption keys. StealthIO encrypts down to the database sub-field level using standard AES-256 encryption. It generates ephemeral keys for each encrypted bit using proprietary AI algorithms at random cryptographic combinations. Then it destroys the key eliminating the ability for a hacker to access decrypted data by stealing the key store.

Organizations need to realize that data is money and it should be protected and stored like money. Most people do not have the ability to manage a key store and a database. Stealth IO provides encryption of data at rest, in transit, and in use.

Use cases include:

  • NorCal Healthcare moved their Oracle DB (with PHI data) infrastructure from on-premise to the cloud and secured patient data in transit to ensure no patient data was compromised.
  • A West Coast etailer analyzing customer transaction and loyalty information without decrypted data and running afoul of the CCPA.
  • A large bank is able to secure customer data-at-rest, in-transit and in-use for its cloud migration.
  • A global medical device company is able to gain insights analyzing patient outcome data without exposing patient information.
  • A global insurer is able to analyze actuary data without exposing customer records.

Given the encrypted nature of the data, it is the responsibility of the DBA to test the accuracy and correctness of the data to keep the trust level up.

Key takeaways for ShieldIO:

Eliminated the latency and vulnerability stigma associated with homomorphic encryption and enabled it for real-time, real-world enterprise use.

  • Enabling encrypted data in-use
  • Enabling dev-test environments to use real data without exposing live data
  • Enabling real-time speed of query on a fully encrypted dataset
  • Enabling a simple, fast, and transparent data security implementation through standard database drivers

Further Reading

ccpa, gdpr, homomorphic encryption, key store, pci, phi, pii, security

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}