Is it possible to perform operations on encrypted data, while keeping it secure from all prying eyes (or circuits), even if that data is stored remotely, in the “cloud?” Will our end result still be encrypted, and when we decode it with our private decryption key, will our result be correct? To put it another way, could we allow sensitive data – say private medical information – to be monitored on-line and feel completely secure in the knowledge that no one can access it without our express permission? Can we use a cloud service to store our encrypted data and perform a search on that data without allowing the servers to “see” our search?
Welcome to the world of fully homomorphic encryption. The concept was first proposed in 1978 – long before the advent of remote computing services – by Rivest, Adelman and Dertouzos. (Rivest and Adelman, together with the Weizmann Institute’s Prof. Adi Shamir, invented the RSA scheme used for almost all computer encryption today.) Since then, various researchers have come up with “partly homomorphic” methods, but none of them enabled full homomorphism. Only in 2009 was a fully homomorphic method demonstrated, by Craig Gentry at Stanford. That method, though proof of concept, was much too heavy and slow to be of any practical use.
Gentry published his method as his Ph.D. thesis. But it could be the doctoral work of another recent graduate – Dr. Zvika Brakerski from the Weizmann Institute (a student of Prof. Shafi Goldwasser) – that ultimately enables fully homomorphic encryption to become reality. Brakerski worked with Dr. Vinod Vaikuntanathan, a former student of Goldwasser’s at MIT, who was at Microsoft Research at the time and is currently a professor at the University of Toronto.
In a nutshell: Gentry made some assumptions about the complexity of the math needed to achieve fully homomorphic encryption, and then used “a bit of a hack” (his words) to make it all work. Brakerski and Vaikuntanathan managed to change some of those assumptions (to “weaker” – more plausible and widely accepted – assumptions), simplifying the math and even eliminating the need for some of the hacks. The result, they say, is a method that is hundreds or even thousands of times faster than the original, but still fully homomorphic.
Brakerski, now doing postdoctoral research at Stanford, is continuing to research the math involved in fully homomorphic encryption. In the meantime, software engineers are already applying his insights to the future of data security.
Also today at the Weizmann Institute:
White blood cells that reach into the blood vessel lining looking for “exit signs” and the closest supernova observation in the past 25 years yields new insights into how stars explode.