Zama: Shaping the Future of Homomorphic Encryption for Machine Learning

Whether you’re conducting a simple Google search or engaging with ChatGPT, most online services lack privacy and can access your input.

This might not be a significant concern when you’re merely searching for cat images, but the stakes rise higher when malicious actors try to obtain your personal information, such as your credit card data. Ideally, you would want to avoid exposing this sensitive information altogether, while still allowing legitimate services to access it when necessary. 

Zama was founded by Rand Hindi and Pascal Paillier in late 2019 to make this a reality, leveraging homomorphic encryption, a form of encryption that allows computations on encrypted data. It has the potential to unlock machine learning for domains like finance and healthcare, where data is extremely sensitive and cannot be safely evaluated with current methods. With homomorphic encryption, a service can work with encrypted data as needed without gaining access to the raw data. 

Zama raised a 42M growth round in the spring of  2022, led by Protocol Labs and joined by existing investors Vsquared Ventures, Metaplanet, Lunar Ventures, and Plug and Play Ventures. 

Learn more about the future of homomorphic encryption for machine learning from our interview with the co-founder and CEO, Rand Hindi: 

Why Did You Start Zama?

Since completing my Ph.D. in bioinformatics, applying machine learning in the early days to biological problems, I’ve been interested in working with data and keeping it safe and private.

After leaving academia, I started my first company, Snips, enabling developers to add a voice assistant to their products, with a focus on making everything private by default. That’s when I learned about homomorphic encryption, a super cool technology that can potentially make everything private by default. After Sonos acquired Snips, I joined forces with my co-founder Pascal to turn homomorphic encryption from an academic curiosity into an actual product, particularly to make machine learning more privacy-preserving. 

How Does Homomorphic Encryption Work?

When someone uses ChatGPT today, OpenAI can, in principle, see the user’s data, such as which query was used. With homomorphic encryption, you can encrypt the query so that OpenAI does not know what you have written.

Homomorphic encryption allows the processing of encrypted data in a way that preserves mathematical properties. So, you no longer see the raw data but can still perform calculations on it.

It works a bit like translating an English text into a language only you understand. It still has structure, so one can, for instance, make computations such as counting the number of letters. But others have no idea what it means, and would need something like Rosetta Stone to translate it back into English. What homomorphic encryption does is like translating without giving away the Rosetta Stone. 

Researchers theorized about homomorphic encryption as far back as the 1970s. However, no one knew how to develop a Turing-complete encryption scheme that allowed computation on the encrypted data in a functionally complete way—a necessity to perform arbitrary computations on the encrypted data without needing to decrypt it first.

A research breakthrough came in 2010. Before 2010, homomorphic encryption was too slow, difficult to use, and limited to additions and multiplications. This breakthrough made homomorphic encryption faster, easier to use, and exact in terms of mathematical results. It is now able to support any complex mathematical operations, making it ‘Turing-complete’. It sets homomorphic encryption apart from other techniques in confidential computation and has allowed the technology to develop enormously, becoming ready to support the first real-world applications.

Many use cases only make sense when you have encryption, so homomorphic encryption can be a game-changer for these. Take, as an example, confidential smart contracts. Right now, everything on a blockchain is public, so everyone can see what goes in, and people need to agree on what they see to verify a transaction. With homomorphic encryption, you could keep the contents private and address use cases that require confidentiality. Also, you could have people agree on the result of an encrypted computation, hiding what you have voted for, making it futile for anyone to pressure or bribe them. 

In the longer term, one of the largest opportunities for homomorphic encryption is in machine learning, for instance, to train models on encrypted data, which can allow people to harness sensitive medical or financial data without needing access to the raw data. It doesn’t have to be as fast as unencrypted machine learning, but it should be fast enough so that the time to go back and forth to a server becomes the main bottleneck. 

Homomorphic encryption is still too slow for that. It currently takes significantly longer to process encrypted data compared to unencrypted data. But with specialized chips entering the data centers, we’ll soon be able to accelerate homomorphic encryption significantly. Therefore, we will partner with hardware companies and build our encryption technology on top. For us, it doesn’t matter if it’s FPGAs or even photonic processors as long as they can achieve a massive 100x speedup.

Our long-term vision is that people won’t have to care about privacy anymore. Everything will be private by default. People won’t even notice homomorphic encryption working in the background to keep their data safe. It might just be a small logo in your browser and a change in your transfer protocol from https to httpz that indicate that everything is encrypted.

How Did You Evaluate Your Startup Idea?

Our strategy was to start with an open-source approach, attracting developer interest while actively improving the encryption technology and waiting for computing hardware to become more powerful. Like other deep tech startups, we didn’t plan on making any money the first few years but focused on hard R&D to evolve our technology and get developers to use it.

We have built the largest community in homomorphic encryption and are starting now to commercialize our technology, for instance, for blockchain applications, to enable confidential smart contracts with minimal integration efforts. Blockchain is already slow and expensive, and there is no other solution available to address this use case, so it’s a great initial go-to-market. We have already signed major deals, bringing in hundreds of millions in revenue for the coming years. Once hardware acceleration becomes more advanced, we’ll also be able to expand further into AI use cases, which will be an even bigger opportunity. 

What Advice Would You Give Fellow Deep Tech Founders?

My first startup had been a success as we got deployed on many devices and made some money, but it wasn’t exactly the success I had hoped for. So I made a list of what I should do differently the second time, and by all metrics, Zama has already become a much bigger success. 

One of the key learning is to focus your efforts on solving one core problem: don’t reinvent the wheel if you don’t have to. Focus on what makes your coffee taste better! At Zama, we have only one thing to do, and that’s to make homomorphic encryption work. For everything else, we try to use what exists as much as possible. It removes a lot of friction—don’t get too creative with anything that is not core. 

At early stage in deep tech, there’s no point in selling something that doesn’t work yet. There’s a balance between doing consulting projects and making your technology work within bespoke, non-scalable projects and taking too long to get to the market and getting beaten by the competition. Focus on making your technology work for a first scalable use case and then raise more money to expand. 

Starting a company for the first time is the most challenging. As you build trust with people over time, fundraising will become easier, and as you get good investors onboard, they will introduce you to other good investors. It’s a virtuous cycle, and you never stop fundraising. Generally, focus on deep tech investors who understand what you’re doing or at least have the patience to see your technology develop. Don’t waste your time on pitching generalist investors—deep tech is not lean! 

Work on the Future of Encryption

Zama is hiring; check out all the open positions* 

We believe people should not care about privacy. Not because it doesn’t matter, but because it shouldn’t be an issue! If this mission resonates with you, join us in making the internet encrypted end-to-end.

Want to know more? Everything we do is open-source. You can check out our code on GitHub* and read our developer documentation*.