IBM said the new technology would provide the ability to protect and process data simultaneously by Linux distributions that run on IBM Z and x86 architectures.
It said the technology, initially suggested by mathematicians in the 1970s and first demonstrated in 2009, provided a different way to protect data privacy.
IBM's Flavio Bergamaschi and Eli Dow said in a note accompanying the announcement that so far it had not been possible to keep data protected and processed at the same time.
"Today’s announcement takes our commitment to Linux and security a step further to add data in-use security capabilities – the missing link of end-to-end encryption.
"Our initial release targets enterprise developers on distributed platforms as well as day-one support on IBM Z to enable our clients, those that the world trusts daily with our most sensitive data, to experiment easily with FHE."
They said IBM had invented FHE in 2009 and it had been touted as the “holy grail” of cloud security.
"The idea is simple: you can now process sensitive data without providing unencrypted access to that sensitive data. In short, you can’t steal information when you can’t understand it (even when it’s in plain sight).
"To give you a practical example, insurance companies can run analysis on patient healthcare data, without any personal identifiable information being visible to the insurer."
Bergamaschi and Dow said initially FHE was too slow for practical use, but 11 years later the cryptography had reached an inflection point where its performance now made it usable.
"What once took hours and days and required a PhD in computer science, can now be done in minutes by enterprise developers," they added.
The duo said since starting their early work with clients like Brazil’s Banco Bradesco, they and their colleagues had concentrated on making FHE usability a priority.
"In January 2020 we released HELib version 1.0.0 after only one year of beta releases and today it’s the most mature and versatile encryption library, packed with sophisticated autonomous housekeeping tasks freeing developers to concentrate on the algorithmic design of their applications," the pair added.
"Since then, we released two other minor versions with improvements, bug fixes and sample programs making it easier to write FHE-based code. More enhancements are planned for the next months."
In June, IBM published FHE toolkits for macOS and iOS on GitHub and the reaction was overwhelmingly positive.
"Similar to the macOS and the iOS toolkits, the Linux version includes an easy-to-follow and simple demonstration of a privacy preserving search against an encrypted database using the English names of countries and their capital cities across Europe," Bergamaschi and Dow said.
"Selecting the country will perform a search of the matching capital. Unlike the macOS and iOS toolkits which are based on Xcode, the Linux toolkit is distributed as a Docker container in your choice of supported distributions."
They said the best place to get started was by joining their Slack community. Clients who were interested in on-going training, knowledge transfer and joint development were advised to sign up for a subscription to the FHE 2020 – Research Engagement Program.
"You may also be interested in this introductory webinar we recently hosted," they added.