Follow Slashdot stories on Twitter


Forgot your password?
Encryption IBM Math Security

IBM Claims Breakthrough In Analysis of Encrypted Data 199

An anonymous reader writes "An IBM researcher has solved a thorny mathematical problem that has confounded scientists since the invention of public-key encryption several decades ago. The breakthrough, called 'privacy homomorphism,' or 'fully homomorphic encryption,' makes possible the deep and unlimited analysis of encrypted information — data that has been intentionally scrambled — without sacrificing confidentiality." Reader ElasticVapor writes that the solution IBM claims "might better enable a cloud computing vendor to perform computations on clients' data at their request, such as analyzing sales patterns, without exposing the original data. Other potential applications include enabling filters to identify spam, even in encrypted email, or protecting information contained in electronic medical records."
This discussion has been archived. No new comments can be posted.

IBM Claims Breakthrough In Analysis of Encrypted Data

Comments Filter:
  • Wait, what? (Score:2, Interesting)

    by spiffmastercow ( 1001386 ) on Thursday June 25, 2009 @02:25PM (#28469625)
    Okay, maybe I'm a noob when it comes to encryption, but I was under the impression that if you were able to read the encrypted email, you were probably able to read the encrypted recipient address too. Is there something I'm missing here?
  • by Isarian ( 929683 ) on Thursday June 25, 2009 @02:46PM (#28469945)
    So I may have missed something from the article, but are all forms of public-key encryption vulnerable or just certain algorithms?
  • Re:No More Privacy (Score:4, Interesting)

    by mea37 ( 1201159 ) on Thursday June 25, 2009 @02:53PM (#28470073)

    TFA doesn't seem clear on this point, but what the name of the technique implies is that you can perform the operation, but neither the inputs nor the outputs are ever decrypted. So if you can't see the question, and you can't see the answer, then why would you perform the operation other than at the request of someone who can (i.e. the client)?

    That said, I'd like to know a lot more about this before I'd want to trust it. For this to work, I'd think a lot of the data's structure must be preserved. Maybe you can't detect that structure from the encrypted data, but you can probably infer a lot about it by analyzing the algorithms your clients ask you to apply (especially if they're your algorithms - i.e. software-as-a-service type stuff). I'm impressed if this doesn't create vulnerabilities.

    Also I suspect this is fundamentally divorced from public key techniques. If I'm able to encrypt values of my choosing and perform operations of my choosing on encrypted values, I'm pretty sure I can work backward to extract the cleartext from the encrypted data the client provides...

  • by Anonymous Coward on Thursday June 25, 2009 @02:55PM (#28470117)

    They can perform computations on the data, but the answer is still encrypted.

  • by bk2204 ( 310841 ) <> on Thursday June 25, 2009 @03:15PM (#28470425) Homepage

    Basically, IBM has created a set of cryptographic algorithms that allow fully homomorphic encryption. If you don't want your data to be analyzed, all you have to do is use an algorithm that doesn't support it. You'd want to do that anyway, since you'd want to use algorithms that are already considered strong, such as RSA and AES. Although RSA is homomorphic in theory, in practice it is not, since padding is used to prevent other weaknesses.

  • Re:BAD summary (Score:3, Interesting)

    by daveime ( 1253762 ) on Thursday June 25, 2009 @04:47PM (#28471987)

    The ablility to add two peices of cyphertext to get some (still unknonw) peice of cyphertext does not increase the "breakability" of the encryption because, just like the rosetta stone, you really need pairs of plaintext and cyphertext to do any real analysis

    Nope, absolutely not ... assuming the processor at least knows that the encrypted data represents integers, then he could simply do the following, using your values above :-

    D32JFS3 / D32JFS3 = XXXXXXX (he has now established the encrypted data for the value 1).

    Then repeat D32JFS3 - XXXXXXX until the result is also XXXXXXX. The count of the repeats has now exposed the value of D32JFS3.

    Simplistic example, I know, but the principle exists ...

I was playing poker the other night... with Tarot cards. I got a full house and 4 people died. -- Steven Wright