IBM Claims Breakthrough In Analysis of Encrypted Data 199
An anonymous reader writes "An IBM researcher has solved a thorny mathematical problem that has confounded scientists since the invention of public-key encryption several decades ago. The breakthrough, called 'privacy homomorphism,' or 'fully homomorphic encryption,' makes possible the deep and unlimited analysis of encrypted information — data that has been intentionally scrambled — without sacrificing confidentiality." Reader ElasticVapor writes that the solution IBM claims "might better enable a cloud computing vendor to perform computations on clients' data at their request, such as analyzing sales patterns, without exposing the original data. Other potential applications include enabling filters to identify spam, even in encrypted email, or protecting information contained in electronic medical records."
Wait, what? (Score:2, Interesting)
Re:If they can analyze the data... (Score:2, Interesting)
Re:No More Privacy (Score:4, Interesting)
TFA doesn't seem clear on this point, but what the name of the technique implies is that you can perform the operation, but neither the inputs nor the outputs are ever decrypted. So if you can't see the question, and you can't see the answer, then why would you perform the operation other than at the request of someone who can (i.e. the client)?
That said, I'd like to know a lot more about this before I'd want to trust it. For this to work, I'd think a lot of the data's structure must be preserved. Maybe you can't detect that structure from the encrypted data, but you can probably infer a lot about it by analyzing the algorithms your clients ask you to apply (especially if they're your algorithms - i.e. software-as-a-service type stuff). I'm impressed if this doesn't create vulnerabilities.
Also I suspect this is fundamentally divorced from public key techniques. If I'm able to encrypt values of my choosing and perform operations of my choosing on encrypted values, I'm pretty sure I can work backward to extract the cleartext from the encrypted data the client provides...
Re:If they can analyze the data... (Score:2, Interesting)
They can perform computations on the data, but the answer is still encrypted.
Not really a threat to privacy (Score:2, Interesting)
Basically, IBM has created a set of cryptographic algorithms that allow fully homomorphic encryption. If you don't want your data to be analyzed, all you have to do is use an algorithm that doesn't support it. You'd want to do that anyway, since you'd want to use algorithms that are already considered strong, such as RSA and AES. Although RSA is homomorphic in theory, in practice it is not, since padding is used to prevent other weaknesses.
Re:BAD summary (Score:3, Interesting)
The ablility to add two peices of cyphertext to get some (still unknonw) peice of cyphertext does not increase the "breakability" of the encryption because, just like the rosetta stone, you really need pairs of plaintext and cyphertext to do any real analysis
Nope, absolutely not ... assuming the processor at least knows that the encrypted data represents integers, then he could simply do the following, using your values above :-
D32JFS3 / D32JFS3 = XXXXXXX (he has now established the encrypted data for the value 1).
Then repeat D32JFS3 - XXXXXXX until the result is also XXXXXXX. The count of the repeats has now exposed the value of D32JFS3.
Simplistic example, I know, but the principle exists ...