Researchers Propose Method to Make Use of Encrypted Data in the Cloud While Never Exposing It
Microsoft Researchers have proposed a method for Cloud services to operate on sensitive data without exposing it. The idea is to produce encrypted data that can be analyzed. The actual data remains in the control of the owner.
Kristin Lauter, with Vinod Vaikuntanathan and Michael Naehrig, worked on a system that can perform statistical analyses on encrypted data despite never decrypting it. The data can only be interpreted using the key in the possession of the data's owner. She told Technology Review "This proof of concept shows that we could build a medical service that calculates predictions or warnings based on data from a medical monitor tracking something like heart rate or blood sugar."
The Microsoft research builds on the work of IBM Researcher Craig Gentry, who has been working on a lattice-based cryptography method called homomorphic encryption.
The basic problem is that if you encrypt the data coming into a Cloud, the services there can't really do anything meaningful with that data without decrypting it, which defeats the purpose of securing it in the first place. Consider sensitive data such as healthcare information. Homomorphic encryption seeks to remedy that by encrypting the data in a way that allows for mathematical operations to be performed. The analogous operation performed on the encrypted data is known as homomorphism.
Gentry found this wasn't so easy in practice. In 2008, he discovered he could do a few basic operations on the encrypted data before the results became useless. There are many reasons for this. For example, if one is to find a piece of text within an e-mail, this would require chaining together thousands of basic operations. Gentry found that applying a second layer of encryption works, if only to protect the intermediate results when the system broke down.
The example given to Technology Review is what if we wanted to add 1 to 2? The 1 could be encrypted to become the number 33, and the 2 could be encrypted to become the number 54. The combination of the two numbers, 87, could be decrypted to become the number 3. This is a vast simplification, but it shows the potential. Gentry's 200 plus page homomorphic encryption thesis paper can be found here.
Homomorphic encryption has also been mentioned as a means of providing secure electronic voting. Votes could be tallied, yet the privacy and integrity of the voter remains, something that is not always possible with electronic voting systems today.
This is encouraging research. As we move toward Cloud services, we need better security on the data that is outside our reach. By keeping it always encrypted seems a viable method, although back end processing power will need to be strengthened.