WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Researchers looking to improve cloud security

Cloud computing raises some crucial questions about security: can we, for instance, perform computations on data stored in ‘the cloud’ without letting anyone else see our information? Research carried out at the Weizmann Institute and MIT is moving us closer to the ability to work on data while it is still encrypted, giving an encrypted result that can later be securely deciphered.

Attempting computation on sensitive data stored on shared servers leaves that data exposed in ways that traditional encryption techniques can’t protect against. The main problem is that to manipulate the data, it has to be first decoded.

“Until a few years ago, no one knew if the encryption needed for this sort of online security was even possible,” says Dr. Zvika Brakerski, who recently completed his Ph.D. in the group of Prof. Shafi Goldwasser of the Computer Science and Applied Mathematics Department. In 2009, however, a Ph.D. student at Stanford University named Craig Gentry provided the first demonstration of so-called ‘fully homomorphic encryption’ (FHE). But the original method was extraordinarily time consuming and unwieldy, making it highly impractical. Gentry constructed his FHE system by using fairly sophisticated math, based on ‘ideal lattices’, and this required him to make new and unfamiliar complexity assumptions to prove security. Gentry’s use of ideal lattices seemed inherent to fully homomorphic encryption; researchers assumed that they were necessary for the server to perform such basic operations as addition and multiplication on encrypted data.

Brakerski, together with Dr. Vinod Vaikuntanathan (who was a student of Goldwasser’s at MIT), surprised the computer security world earlier this year with two recent papers in which they described several new ways of making fully homomorphic encryption more efficient (see links below). For one thing, they managed to make FHE work with much simpler arithmetic, which speeds up processing time. And a surprise discovery showed that a mathematical construct used to generate the encryption keys could be simplified without compromising security. Gentry’s original ideal lattices are theoretical collections of points that can be added together – as in an ordinary lattice structure – but also multiplied. But the new research shows that the lattice does not have to be ideal, which simplifies the construction immensely.

Brakerski and Vaikuntanathan results promise to pave a path to applying FHE in practice. Optimized versions of the new system could be hundreds – or even thousands – of times faster than Gentry’s original construction. Indeed, Brakerski and Vaikuntanathan have managed to advance the theory behind fully homomorphic encryption to the point that computer engineers can begin to work on applications. These might include, for instance, securing medical information for research: A third party could perform large medical studies on encrypted medical records without having access to the individuals’ information.

Links to associated papers:

- Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages

- Cryptography Resilient to Continual Memory Leakage

•Date: 16th December 2011 • US/World •Type: Article • Topic: Cloud computing

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here