More on the topic
Homomorphic encryption schemes are divided into partially homomorphic and fully homomorphic.
Partially homomorphic schemes allow performing a single operation on the encrypted data, such as addition or multiplication, while fully homomorphic schemes allow performing both addition and multiplication. Partially homomorphic properties are found in the classic RSA and ElGamal cryptosystems (both are not quantum-resistant
) based on the integer factorization and discrete logarithm problems, respectively.
The first fully homomorphic scheme was proposed in 2009 by C. Gentry. It was based on complex lattice theory problems and used a noise accumulation technique to protect data, "refreshing" whenever the noise grows too large. This scheme was first implemented in 2010 by N. Smart and F. Wertkauteren – a simple bitwise operation took nearly 30 minutes to perform. Later on, C. Brakerski, C. Gentry, V. Vaikuntanahan and others proposed several new designs for fully homomorphic schemes significantly improving their efficiency. In particular, a complex scheme implementing the AES cipher was homomorphically calculated in 2 seconds.