Alice needs to get non public information from Bob, validate it (let’s say check that birth day is between 1900 and now) and forward it to Charlie. There’s an end to end encryption between Alice and Bob and Alice and Charlie.
If the computer Alice uses is some remote machine, can Alice avoid leaking the non public information she is handling to whoever has access to the machine she uses?
My undestanding is that the moment the data is decrypted in the machine’s memory it’s at the mercy of whoever has physical access to that machine. Is that correct? If so. Does that mean that for handling non public information I should never use cloud solutions and rely only on physical machines that I own?
I see there’s “Homomorphic encryption”. But I understand that if, as in my example, I have to validate that a number is btween x and y it’s equivalent to the number being known?
There’s a somewhat similar question here: encrypting data while in memory
But it does not focus on these questions and is implementation specific.