So it seems this is a system where the server only does encrypted storage and minimal processing on plaintext that it is allowed to decrypt. I was hoping it was a FHE implementation where the server does computation on the encrypted data. Still waiting for that.
I don't understand the hype around FHE. FHE sounds like a fancy way to say my data is only partially encrypted and we can still gain all the insights we want without technically unencrypting it.
I don't want my encrypted payloads to betray me in any of the ways FHE wants it too.
"what the server can see to support rich queries" is the whole ballgame, right? Anything queryable is metadata that can leak or be subpoenaed... membership, access patterns, query frequency. For the activist/journalist threat idea, that's usually the sensitive part.
“Users verify cryptographic proofs to ensure that servers behave properly.”
If this is one of the defining tenets of this data system, is it not DOA? See also: the PGP key-signing parties that never were…
It’s just waiting for the killer app, the Pokemon Go of cryptographic signing.
So it seems this is a system where the server only does encrypted storage and minimal processing on plaintext that it is allowed to decrypt. I was hoping it was a FHE implementation where the server does computation on the encrypted data. Still waiting for that.
I don't understand the hype around FHE. FHE sounds like a fancy way to say my data is only partially encrypted and we can still gain all the insights we want without technically unencrypting it.
I don't want my encrypted payloads to betray me in any of the ways FHE wants it too.
"what the server can see to support rich queries" is the whole ballgame, right? Anything queryable is metadata that can leak or be subpoenaed... membership, access patterns, query frequency. For the activist/journalist threat idea, that's usually the sensitive part.