Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Making Use of Sensitive Data in the Cloud Without Ever Decrypting It

Researchers Propose Method to Make Use of Encrypted Data in the Cloud While Never Exposing It

Microsoft Researchers have proposed a method for Cloud services to operate on sensitive data without exposing it. The idea is to produce encrypted data that can be analyzed. The actual data remains in the control of the owner.

Researchers Propose Method to Make Use of Encrypted Data in the Cloud While Never Exposing It

Microsoft Researchers have proposed a method for Cloud services to operate on sensitive data without exposing it. The idea is to produce encrypted data that can be analyzed. The actual data remains in the control of the owner.

Encrypting Data in Cloud EnvironmentsKristin Lauter, with Vinod Vaikuntanathan and Michael Naehrig, worked on a system that can perform statistical analyses on encrypted data despite never decrypting it. The data can only be interpreted using the key in the possession of the data’s owner. She told Technology Review “This proof of concept shows that we could build a medical service that calculates predictions or warnings based on data from a medical monitor tracking something like heart rate or blood sugar.”

The Microsoft research builds on the work of IBM Researcher Craig Gentry, who has been working on a lattice-based cryptography method called homomorphic encryption.

The basic problem is that if you encrypt the data coming into a Cloud, the services there can’t really do anything meaningful with that data without decrypting it, which defeats the purpose of securing it in the first place. Consider sensitive data such as healthcare information. Homomorphic encryption seeks to remedy that by encrypting the data in a way that allows for mathematical operations to be performed. The analogous operation performed on the encrypted data is known as homomorphism.

Gentry found this wasn’t so easy in practice. In 2008, he discovered he could do a few basic operations on the encrypted data before the results became useless. There are many reasons for this. For example, if one is to find a piece of text within an e-mail, this would require chaining together thousands of basic operations. Gentry found that applying a second layer of encryption works, if only to protect the intermediate results when the system broke down.

The example given to Technology Review is what if we wanted to add 1 to 2? The 1 could be encrypted to become the number 33, and the 2 could be encrypted to become the number 54. The combination of the two numbers, 87, could be decrypted to become the number 3. This is a vast simplification, but it shows the potential. Gentry’s 200 plus page homomorphic encryption thesis paper can be found here.

Homomorphic encryption has also been mentioned as a means of providing secure electronic voting. Votes could be tallied, yet the privacy and integrity of the voter remains, something that is not always possible with electronic voting systems today.

This is encouraging research. As we move toward Cloud services, we need better security on the data that is outside our reach. By keeping it always encrypted seems a viable method, although back end processing power will need to be strengthened.

Advertisement. Scroll to continue reading.
Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.