- More and more of our data is stored up in the cloud — how can we trust its safety?
- NSF-supported researchers are working to develop forward-thinking encryption technologies.
- Craig Gentry came up with the concept of fully homomorphic encryption that processes data without decrypting it.
If you want to protect valuable information, wouldn't you keep it under lock and key?
Today, modern encryption uses 'keys' to safeguard data on our computers, mobile devices, and communication networks. Encryption converts data into digital gibberish, so it can't be used maliciously. If the message recipient has the right keys, then the data can be decrypted for processing by a computer or mobile device.
But even encrypted data can sometimes be intercepted and accessed. So how can we keep our data safe?
Fully homomorphic encryption
In 2010, Craig Gentry, a graduate student supported by the US National Science Foundation (NSF), thought of a new way to protect data. He called it fully homomorphic encryption — a way to process data without ever decrypting it.
To explain this concept, he invented an imaginary character named Alice who owns a jewelry store. Alice doesn't trust her staff with her expensive gems, so she gets an impenetrable box. Only she has the key.
When Alice wants her employees to make a new piece of jewelry, she locks the materials inside the box and hands it off to her workers. Using special gloves, employees can work on the gems inside the box, but can't get them out.
Once the work is done, Alice opens the box with her key and takes out the finished jewelry. In this way, her workers process raw materials into jewelry without ever truly having access to the materials themselves.
Fully homomorphic encryption basically does the same thing. As data and computation move to the cloud, fully homomorphic encryption would allow your data to be processed without your ever having to allow access to it. For instance, a web application could process your tax return's encrypted financial information without actually seeing any of it.
Cryptographers, including Gentry, are still figuring out how to turn the idea of homomorphic encryption into a practical reality.
Other new approaches to cryptography
Fully homomorphic encryption isn't the only forward-looking cryptographic protocol that researchers are exploring. The NSF is supporting several active areas of study:
- 'Honey encryption,' where wrong guesses of the key produce information that looks accurate but isn't
- 'Functional encryption,' where restricted secret keys enable a key holder to learn about only a specific function of encrypted data and nothing else
- 'Quantum key encryption,' where the quantum nature of atoms protects the data
The goal of all of this research is that one day, it will be possible to ensure security of important information wherever it might be — on our computers, mobile devices, and even in the cloud.