Computing with Secrets, but Keeping them Safe

A novel technique could see future Web services work with sensitive data without ever being able to read it. Several implementations of a mathematical proof unveiled just last year will allow cryptographers to start making the proposal more practical.

In 2009 Craig Gentry of IBM published a cryptographic proof that was that rare thing: a true breakthrough. He showed that it was possible to add and multiply encrypted data to produce a result that--when decrypted--reveals the result of performing the same operations on the original, unencrypted data. It's like being able to answer a question without knowing what the question is.

Called "fully homomorphic encryption," it has been dubbed the holy grail of cryptography. Addition and multiplication are the building blocks of computation, and being able to compute data without decrypting it would allow new levels of security. For example, someone could send an encrypted database of medical records to a cloud computing provider, secure in the knowledge that they could use the service to work on the data as usual without ever decrypting it. The results of a search could be sent to the data's owner, who could decode it on his own system. The same approach could secure webmail or online office suites.

From Technology Review
View Full Article