<p><pre><code> (c(mod p)) (mod 2) = (p * q + 2 * r + m (mod p)) (mod 2) = 2r + m (mod 2) = m
</code></pre>
This breaks if 2*r > p. Even if you choose r to be small during encryption, the r values accumulate with each homomorphic operation and will eventually be too big. The only restriction stated is that r is "from a different interval than the private key one". This should be made more clear.
Top of article mentions 'In the previous post...' (which is an intro to homomorphic encryption)<p>That post is <i>here</i>: <a href="https://radicalrafi.github.io/posts/homomorphic-encryption/" rel="nofollow">https://radicalrafi.github.io/posts/homomorphic-encryption/</a>
Homomorphic encryption is interesting from a mathematics perspective, but in practical terms it seems like an awful lot of effort being invested to move even more computing off of your own devices and onto the "cloud."
I used HE in my informatics b.sc. thesis to do privacy preserving surveillance: Store data on multiple servers and need server majority to reconstruct (non-HE), perform face recognition on encrypted data and then use (S?)HE to query a database if that face is in it - of course without the db learning about the content of the face data.
So, turns out just throwing some math on the problem works (I just applied some previous work; you know what they say about the shoulders of giants) and gives you the advantages of surveillance with less potential for abuse - but the necessary computational power is absurd :(<p>(And yeah, HE "noise" is a pain)
is this the same technology that Numerai uses... or is it multi party computation (<a href="https://mortendahl.github.io/2017/04/17/private-deep-learning-with-mpc/" rel="nofollow">https://mortendahl.github.io/2017/04/17/private-deep-learnin...</a>) ?
I am unclear on this - it looks like it operates 1 but at a time, so if I have a sequence of encrypted bits I can do freq analysis. Clearly that is not the case, so what bone headed misunderstanding am I making?