Cloud Computing: IBM takes a big new step in cryptography – practical homomorphic encryption

May 5, 2013 Off By David

Grazed from Sophos. Author: Paul Ducklin.

IBM just released an open source software package called HELib. The HE stands for homomorphic encryption. Although it doesn’t sound terribly sexy or impressive, HELib is actually an interesting and important milestone in cryptography. HE is also a surprisingly relevant topic right now, with our ever-increasing attraction to cloud computing.

Bear with me, and I’ll try to explain. Imagine that I am your cloud provider, and I keep databases online for you. Imagine also that I am a security-conscious vendor, so I keep all your data encrypted, both when I serve it up to you, and when I save it to disk. That’s about as good as it gets these days from a cloud security perspective…

→ It doesn’t matter whether I’m a pure-play over-the-internet cloud provider, or just the manager of the server farm team in your own IT department. The situations are similar, though they may differ in degree: I’ve got your data, and you have no alternative but to trust me to do the right thing with it.

Now imagine that you want me to search through your data, for example to see how many ACME-WIDGETS were bought by customers called DUCKLIN in the last year.

Traditionally, the process would go something like this:

You encrypt the search terms and upload them to me.
I decrypt the search terms so I know what to look for.
I decrypt your data (perhaps only record by record, not all at once – that’s a detail that doesn’t matter here) so I have somewhere to search.
I perform the search using the decrypted data.
I encrypt the search results, if there are any, and return them to you…

CategoryNews

4 Questions To Ask When Choosing Cloud Providers

Building a Cloud Network With SaaS and IaaS Solutions