1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News IBM develops crypto-peeking tech

Discussion in 'Article Discussion' started by CardJoe, 26 Jun 2009.

  1. CardJoe

    CardJoe Freelance Journalist

    Joined:
    3 Apr 2007
    Posts:
    11,343
    Likes Received:
    292
  2. mclean007

    mclean007 Officious Bystander

    Joined:
    22 May 2003
    Posts:
    2,035
    Likes Received:
    15
    Surely the whole point is they CAN'T - this is about a technology that allows the manipulation of encrypted data without decryption. At the most basic level, this might involve an encryption system that preserves the ordinality of numbers - so E(3) (the result of encrypting the number 3) is less than E(5), E(10) < E(20) etc., and for any x < y, E(x) < E(y). That way you could sort encrypted data without decrypting it.

    As a simple example, you could do this with a very simple but very weak encryption algorithm and very poor data efficiency (encrypted files would be larger than plaintext) - pick a large number as your key (k). Then to encrypt, E(x) = x * k + a random integer between 0 and (k-1). Because an attacker doesn't know k, he can't decrypt. The use of the random number prevents an attacker deducing k by factoring E(x). To decrypt, just round down E(x)/k to give an integer, x. This is flawed because the encryption is ludicrously weak, and also because if you encrypt two equal plaintexts there is no way to predict which will give a higher value after encryption, so sorting would not preserve the order of equal values, but it is an illustration.

    I don't know what sort of operations you'd want to perform on encrypted data, but I guess sorting might be one of them. Addition and subtraction might be another. In any event, it will entail a different encryption algorithm to the usual suspects (RSA, AES etc.).

    I look forward to reading about this in more detail.
     
  3. mjm25

    mjm25 New Member

    Joined:
    19 Jan 2009
    Posts:
    507
    Likes Received:
    28
    ^ wow. not sure i understood more than 30 percent of that
     
  4. _DTM2000_

    _DTM2000_ New Member

    Joined:
    9 Feb 2005
    Posts:
    244
    Likes Received:
    0
    “enabling a layperson to perform flawless neurosurgery while blindfolded, and without later remembering the episode”

    Hmm, sounds like an episode of Dollhouse.
     
  5. B1GBUD

    B1GBUD ¯\_(ツ)_/¯ Accidentally Funny

    Joined:
    29 May 2008
    Posts:
    3,345
    Likes Received:
    417
    Agreed, now my head hurts.... thanks
     
  6. mclean007

    mclean007 Officious Bystander

    Joined:
    22 May 2003
    Posts:
    2,035
    Likes Received:
    15
    Sorry, I tend not to explain myself very well! Basically the idea is to allow some (presumably fairly basic) manipulation of encrypted data without needing to decrypt it and re-encrypt it. I'm sure it has applications, not sure exactly what!
     
  7. Jenny_Y8S

    Jenny_Y8S Guest

    Very sceptical of the security within this one. Searching is one area where encryption is a barrier to function and for good reason.

    I build fundraising systems for some of the big name charities and you have to be clever to work around the FACT!! that you cannot search within encypted data without either A) compromising your encryption methods or B) decrypting everthing before you search.

    Any technique that allows basic manipulation (even sorting) poses a potential risk of exposing the contents or content distribution of your encrypted data.

    It also has it's flaws, as you will see here: http://portal.acm.org/citation.cfm?doid=1536414.1536440
     
  8. nicae

    nicae New Member

    Joined:
    25 Nov 2008
    Posts:
    128
    Likes Received:
    0
    I understood your first post. It was very clear, actually. Thanks!

    It's your FACT!!s that are being challenged by this man's discovery.
     
  9. thehippoz

    thehippoz New Member

    Joined:
    19 Dec 2008
    Posts:
    5,780
    Likes Received:
    174
    homo encryption huh
     
  10. boggsi

    boggsi New Member

    Joined:
    30 Aug 2005
    Posts:
    117
    Likes Received:
    0
    A quick look at wikipedia sheds plenty of light on this subject. Homomorphic encryption in the past has existed but only allowed one of two operations on the encrypted data, addition or multiplication. I'm assuming this IBM breakthrough allows both.

    To do this as an example, if you were the only one that could decrypt information from your bank. Homorphic encryption would allow you to pass this encrypted data on to a third party and they could for example add up all the debits and credits returning you a balance. But they would do this purely with the encrypted information from your bank and return the answer to you encrypted in the same way. They would never need (or be able to) to decrypt and see the actual amounts of money you transacted.

    Obviously this is a limited example, but you can imagine the possibilities for third parties processing your personal information without ever having access to its actual details.
     
Tags: Add Tags

Share This Page