I see. My earlier proposal defends you against an adversary who steals your computer, but not against one who has root access without your knowledge.
In that case it is sufficient to have secure function evaluation. This is conceptually much easier than homomorphic encryption (having been discovered some 25 years earlier) and is currently much more practical (ie, practical at all). I don’t know much about existing implementations.
I see. My earlier proposal defends you against an adversary who steals your computer, but not against one who has root access without your knowledge.
In that case it is sufficient to have secure function evaluation. This is conceptually much easier than homomorphic encryption (having been discovered some 25 years earlier) and is currently much more practical (ie, practical at all). I don’t know much about existing implementations.