IBM believes it has cracked – if you'll pardon the pun – the tricky subject of handling and processing sensitive encrypted data.
As reported over on TechRadar
, IBM researcher Craig Gentry has figured out a way to analyse and process encrypted data without actually decrypting it first – ensuring total data security at all points.
The technique, known as homomorphic encryption, allows encrypted data to be worked with in the same way as unencrypted data – with the exception that the original clear-text data is never at risk of exposure. While homomorphic encryption was first mooted around thirty years ago by cryptography giants Ron Rivest and Leonard Adleman – two of the three people behind the popular RSA public-key crypto algorithm - it's not until now that a workable implementation has been developed.
Gentry's discovery – made as a summer student at IBM's Research division while working on his PhD thesis - that ideal lattices
can be used to work with encrypted data could prove to be a real boon for the burgeoning cloud computing industry, which still suffers from a concern – especially in big business – that private data is shipped to a third party over a public network. The process could also be used to detect viruses in encrypted e-mails and even to allow complete privacy when using a web search engine.
The vice president of Software Research at IBM Charles Lickel described the technique as being similar to “enabling a layperson to perform flawless neurosurgery while blindfolded, and without later remembering the episode,
” which is just about the most awesome thing any IBM employee has ever said.
While it'll take a while for IBM to iron out the kinks in the new technology, it's likely that analysis of encrypted data will be a feature of most servers before too long.
Does the thought that systems can peek inside your encrypted data stores without your knowledge give you the heebie-jeebies, or are you looking forward to the day when true end-to-end encryption is a reality? Share your thoughts over in the forums