New Method for Securing Cloud-Stored Data
Many people like the idea of cloud-based technologies because it gives users access to 'better' hardware than their own. Of course the catch is security, as any cloud-based technology requires information is transmitted along public communication lines. To address that issue, researchers have been working on homographic encryption and those at MIT have made a recent breakthrough that could change the shape of cloud-computing.
Homomorphic encryption is a system that allows operations to be performed on encrypted data without decrypting them. Unfortunately it is limited in what it can do as operations like searching requires the remote server know the search term and the data. The MIT researchers found a way to solve this problem by combining homomorphic encryption with other security methods, including the garbled circuit system and attribute-based encryption. Garbled circuit systems allows a single encrypted operation to be performed on a single encrypted data item, but is a private-key system, while attribute-based encryption is public-key and reusable. What the researchers have done is placed the decryption algorithm within a garbled circuit, which is itself protected by attribute-based encryption and embedded in homomorphic encryption.
The result of this combination is a system with the potential of allowing for general functions to be securely performed on encrypted data, stored in the cloud. As optimizations are made to improve performance, we could see it deployed to protect surveillance data, while still allowing the data to be searched.