# News IBM develops crypto-peeking tech

Discussion in 'Article Discussion' started by CardJoe, 26 Jun 2009.

Joined:
3 Apr 2007
Posts:
11,346
316
2. ### mclean007Officious Bystander

Joined:
22 May 2003
Posts:
2,035
15
Surely the whole point is they CAN'T - this is about a technology that allows the manipulation of encrypted data without decryption. At the most basic level, this might involve an encryption system that preserves the ordinality of numbers - so E(3) (the result of encrypting the number 3) is less than E(5), E(10) < E(20) etc., and for any x < y, E(x) < E(y). That way you could sort encrypted data without decrypting it.

As a simple example, you could do this with a very simple but very weak encryption algorithm and very poor data efficiency (encrypted files would be larger than plaintext) - pick a large number as your key (k). Then to encrypt, E(x) = x * k + a random integer between 0 and (k-1). Because an attacker doesn't know k, he can't decrypt. The use of the random number prevents an attacker deducing k by factoring E(x). To decrypt, just round down E(x)/k to give an integer, x. This is flawed because the encryption is ludicrously weak, and also because if you encrypt two equal plaintexts there is no way to predict which will give a higher value after encryption, so sorting would not preserve the order of equal values, but it is an illustration.

I don't know what sort of operations you'd want to perform on encrypted data, but I guess sorting might be one of them. Addition and subtraction might be another. In any event, it will entail a different encryption algorithm to the usual suspects (RSA, AES etc.).

3. ### mjm25What's a Dremel?

Joined:
19 Jan 2009
Posts:
507
28
^ wow. not sure i understood more than 30 percent of that

4. ### _DTM2000_Minimodder

Joined:
9 Feb 2005
Posts:
249
1
“enabling a layperson to perform flawless neurosurgery while blindfolded, and without later remembering the episode”

Hmm, sounds like an episode of Dollhouse.

5. ### B1GBUD¯\_(ツ)_/¯ Accidentally Funny

Joined:
29 May 2008
Posts:
3,511
529
Agreed, now my head hurts.... thanks

6. ### mclean007Officious Bystander

Joined:
22 May 2003
Posts:
2,035
15
Sorry, I tend not to explain myself very well! Basically the idea is to allow some (presumably fairly basic) manipulation of encrypted data without needing to decrypt it and re-encrypt it. I'm sure it has applications, not sure exactly what!

7. ### Jenny_Y8SGuest

Very sceptical of the security within this one. Searching is one area where encryption is a barrier to function and for good reason.

I build fundraising systems for some of the big name charities and you have to be clever to work around the FACT!! that you cannot search within encypted data without either A) compromising your encryption methods or B) decrypting everthing before you search.

Any technique that allows basic manipulation (even sorting) poses a potential risk of exposing the contents or content distribution of your encrypted data.

It also has it's flaws, as you will see here: http://portal.acm.org/citation.cfm?doid=1536414.1536440

8. ### nicaeWhat's a Dremel?

Joined:
25 Nov 2008
Posts:
128
0
I understood your first post. It was very clear, actually. Thanks!

It's your FACT!!s that are being challenged by this man's discovery.

9. ### thehippozWhat's a Dremel?

Joined:
19 Dec 2008
Posts:
5,780
174
homo encryption huh

Joined:
30 Aug 2005
Posts:
117