> The two hops, the two companies, are already acting in partnership, so what is there technically in the relay setup to stop the two companies from getting together—either voluntarily or at the secret command of some government—to compare notes, as it were, and connect the dots?<p>The OHTTP scheme does not _technically_ prevent this.
It increases the number parties need to cooperate to extract this information, hoping it would be caught somewhere in the pipeline.
It's cool how neural networks, even convulutional ones, are one of the few applications that you can compute through homomorphic encryption without hitting a mountain of noise/bootstrapping costs. Minimal depth hurrhah!
I was going to make my usual comment of FHE being nice in theory but too slow in practice, and then the article points out that there’s now SHE (somewhat homomorphic encryption). I wasn’t aware that the security guarantees of FHE could be relaxed without sacrificing them. That’s pretty cool.<p>Is there any concrete info about noise budgets? It seems like that’s the critical concern, and I’d like to understand at what point precisely the security breaks down if you have too little (or too much?) noise.
More here: <a href="https://www.swift.org/blog/announcing-swift-homomorphic-encryption/" rel="nofollow">https://www.swift.org/blog/announcing-swift-homomorphic-encr...</a>
There is another reason which I dislike this which is that now Apple has reason for "encrypted" data to be sent randomly or at least every time you take a picture. If in the future they silently change the photos app (a real risk that I have really emphasized in the past) they can now silently pass along a hash of the photo and noone would be the wiser.<p>If an iPhone was not sending any traffic whatsoever to the mothership, at least it would ring alarm bells if it suddenly started doing so.
I love homomorphic encryption, but why can't they just do a neural search locally?<p>- iOS Photos -> Vectors<p>- Search Query "Dog photos" -> Vectors<p>- Result (Cosine Similarity): Look some dog photos!<p>iPhones have plenty of local storage and compute power for doing this kind of thing when the phone is idle. And cosine similarity can work quickly at runtime.
Its using Concrete from Zama.<p>I didn't like their license because it's BSD-3-Clause-Clear but then they state:<p>"Zama’s libraries are free to use under the BSD 3-Clause Clear license only for development, research, prototyping, and experimentation purposes. However, for any commercial use of Zama's open source code, companies must purchase Zama’s commercial patent license"<p>So Its not free, you need to pay for patent license, and they don't disclose how much.<p>I recommend OpenFHE as an alternative Free open source solution.
I know its C++ and not Rust, but no patent license and it can do the same thing the blog post wants to do, it even has more features like proxy-reencryption that I think Concrete can't do.
This would be even more exciting if there were some way to guarantee your phone, the servers, etc. are running untampered implementations, and that the proxies aren't colluding with Apple.
I never even knew images could be searched this way on a phone and the iPhone users in my family don't either.<p>A huge privacy-bruising feature for nothing in our case.
Is the Apple Photos feature mentioned actually implemented using Wally, or is that just speculation?<p>From a cursory glance, the computation of centroids done on the client device seems to obviate the need for sending embedded vectors of potentially sensitive photo details — is that incorrect?<p>I’d be curious to read a report of how on-device-only search (using latest hardware and software) is impacted by disabling the feature and/or network access…
I'm not an expert in homomorphic encryption by any stretch (and I'm arguably the target audience for this blog post — a curious novice), but there's one thing I don't quite get from this post.<p>In the "appeal to cryptographers" section (which I really look forward to being fulfilled by someone, hopefully soon!), HE is equated to post-quantum cryptography. <i>As far as I know,</i> most current post-quantum encryption focuses on the elimination of Diffie-Hellman schemes (both over finite fields and over elliptic curves) since those are vulnerable to Shor's algorithm.<p>However, it's clear from the code samples later in the post (and not explained in the text, afaict) that a public key gets used to re-encrypt the resultant value of a homomorphic add or multiply.<p>Is this a case of false equivalence (in the sense that HE != post-quantum), or is it more the case that there's some new asymmetric cryptography scheme that's not vulnerable to Shor's?
There is an app that does the photo search locally on iPhones and it feels nothing short of magic: <a href="https://queryable.app/" rel="nofollow">https://queryable.app/</a>
This is a neat topic I want to get into more myself<p>Searching encrypted stuff is what I wondered about, in the past I had to decrypt everything before I could use the standard sql search LIKE<p>Funny post today about cosine similarity
You don't need to search much more to find out how to spy or track your boyfriend's phone.
Given that males are more likely than women to cheat and that cheating rates are higher than ever, it makes sense that you would want to understand how to track your partner's phone. To spy on your lovers or anybody else, please mail her. Infocyberrecoveryinc@gmail.com
This is so cool! I first learned about homomorphic encryption in the context of an election cybersecurity class and it seemed so pie-in-the-sky, something that would unlikely be used for general practical purposes and only ever in very niche areas. Seeing a big tech company apply it in a core product like this really does feel like a step in the right direction towards taking back some privacy.
> You are Apple. You want to make search work like magic in the Photos app, so the user can find all their “dog” pictures with ease.<p>What if you're a user and you don't care about searching for "dog" in your own photos, you might not even use the Photos app, but apple still scans all your photos and sends data off device without asking you?<p>Perhaps this complicated dance works, perhaps they have made no mistakes, perhaps no one hacks or coerces the relay host providers... they could still have just asked for consent the first time you open Photos (if you ever do) before starting the scan.
> <i>This should be fine: vectorization is a lossy operation. But then you would know that Amy takes lots of pictures of golden retrievers, and that is a political disaster.</i><p>This downplays the issue. Knowing that Alice takes lots of screenshots of Winnie the Pooh memes means that Alice’s family gets put into Xinjiang concentration camps, not just a political disaster.<p>(This is a contrived example: iCloud Photos is already NOT e2ee and this is already possible now; but the point stands, as this would apply to people who have iCloud turned off, too.)
> There is no trust me bro element.
> Barring some issue being found in the math or Apple’s implementation of it<p>Yes, is you bar the "trust me bro" element in your definition, you'll by definition have no such element.<p>Reality, though, doesn't care about your definition, so in reality this is exactly the "trust me bro" element that exists<p>> But we’re already living in a world where all our data is up there, not in our hands.<p>If that's your real view, then why do you care about all this fancy encryption at all? It doesn't help if everything is already lost