Zama makes large-scale homomorphic encryption operational

Although Craig Gentry’s demonstration was groundbreaking, fully homomorphic encryption (FHE) remained very slow and complex to implement. Under the leadership of cryptographer Pascal Paillier, Zama’s R&D team focused on optimising FHE algorithms for practical use cases, particularly in machine learning and blockchain.

When it comes to machine learning, FHE allows training or running models on confidential data while keeping it hidden. Consequently, Zama has developed Concrete ML, an open-source framework compatible with Scikit-learn and PyTorch. This framework allows for the training or inference of models on encrypted data. Concrete ML has the potential to facilitate applications such as encrypted medical data analysis. Another example: Concrete ML can also be utilised for sentiment analysis, ensuring the confidentiality of those involved.

For blockchain, Zama designed Zama Confidential Blockchain Protocol, a complete framework for integrating FHE into blockchain apps. This tech lets you make smart contracts that keep sensitive data, like transaction amounts or votes, encrypted throughout the whole process. For example, for private stablecoins, Zama Protocol can encrypt transaction histories, account balances and transfers, while ensuring regulatory compliance through selective decryption mechanisms for authorised auditors.

This shows how useful FHE can be, but it needs a lot of computing power. This is where Amazon Web Services (AWS) comes in, providing Zama with the most powerful instances on the market to carry out Zama's cryptographic processing.

Fully homomorphic encryption requires very high performance computing capabilities. This is why Zama relies on AWS, which provides it with the most powerful instances currently available.

The team used M6i instances until 2022, which offered up to 128 vCPUs and a good balance between cost and performance. However, the introduction of Hpc7a instances was a game changer. With their fourth-generation AMD EPYC processors, they can provide up to 192 vCPUs, 768 GB of DDR5 memory, and 300 Gbit/s network bandwidth via Elastic Fabric Adapter, all optimised for intensive HPC workloads. ‘Hpc7a is the most powerful machine we have found to date: by moving from 128 cores to 192 cores, we have seen a significant improvement in our performance,’ explains Benoît Chevallier-Mames.

In addition, Zama collaborates with AWS Compute specialists, who examine FHE workloads, a mix of heavy arithmetical operations, memory access, and internode communication. They then recommend an optimal combination of vCPUs, memory, and network placement. Thanks to this collaboration, Zama is fully utilising Hpc7a instances, and it is already preparing for the next generation of HPC instances.

To ensure the integrity of decryption operations, Zama runs AWS Key Management Service (AWS KMS) within isolated environments using AWS Nitro Enclaves. These enclaves create secure partitions within EC2 instances. Only the enclaves can access the private key fragments distributed via the MPC (Multiparty Computation) protocol, preventing any leaks, even by system administrators. By combining FHE and Zama’s MPC protocol with Nitro Enclaves, Zama provides its customers with true end-to-end encryption. The data remains encrypted, even during computation, and the developer retains control over which variables can be decrypted. Since access to the decryption key is impossible thanks to MPC, this architecture significantly improves the solution’s security. It also meets the requirements of highly regulated industries.

Once considered impossible, then impractical, Fully Homomorphic Encryption (FHE) has become a reality. Zama is industrialising FHE by using AWS’s most powerful computing environments. By reducing computing time, Zama is making FHE the new gold standard for industries that place great importance on data protection and compliance.

Founded in 2020, Zama designs open source fully homomorphic encryption (FHE) solutions for machine learning and blockchain. Its Concrete ML and Zama Confidential Blockchain Protocol protect data privacy during computations and transactions.