Calculation with closed eyes

How do you maintain information security of data stored on the Internet?

Nowadays, when smart cell phones and tablets are used as computers available at any time, the use of desktop computers is decreasing. At the same time, the use of cloud computing, where the computational operations are carried out on a network of remote servers, is increasing, and is expected to increase even more, as the demand for computational power increases. These trends raise several important questions regarding information security. Can we, for example, perform calculations on data stored on the Internet, without allowing anyone else to see the information?

The use of Internet computing means, based on cloud computing, create a new opening for stealing information, because traditional encryption methods cannot protect it. Until a few years ago, they didn't even know for sure if the encryption required for this type of information security was possible at all. Now, Dr. Zvika Barkarski, who recently completed his doctoral studies in the Department of Computer Science and Applied Mathematics at the Weizmann Institute of Science, under the guidance of Prof. Shefi Goldwasser, and Dr. Vinod Vaikontantan, a former student of Prof. Goldwasser at the Massachusetts Institute of Technology (MIT) have succeeded , and now a scientist at the University of Toronto, to develop new and effective methods for encrypting data stored on the Internet.

The main problem in performing various operations on data stored on remote servers is the need to decode their coding. The proposed solution to this problem is to find a way to encrypt the information so that the server can perform the necessary operations "with closed eyes" while the data is still encrypted. The server will not be able to "see" the real data, but it must have the means to perform computational operations on them, and return an encrypted result - which can be decrypted later, in a safe place. This approach is called "fully homomorphic encryption".

Craig Gentry, a research student at Stanford University, was the first to demonstrate, in 2009, the feasibility of the approach. However, the method he developed is cumbersome and time-consuming: the system was built using relatively sophisticated mathematics, based on so-called "ideal lattices", which required new and unfamiliar complex assumptions to be made in order to prove the security of the information. However, the use of "ideal lattices" is considered necessary, and scientists have assumed that it is necessary for servers to perform basic operations.

In a series of articles they recently published, Dr. Barkarski and Dr. Vikontanten surprised the community of scientists dealing with information security, when they succeeded in developing several new methods that will make it possible to significantly optimize the full homomorphic encryption. "Some of Gentry's processes are based on complicated geometry, while we were able to perform the same processes using simple algebra, which shortens the time required to process the information," says Dr. Barkarski. Later, the scientists discovered that it is possible to simplify the mathematical structure used to create an encryption key, and to give up the use of an ideal lattice, as well as the determination of new complicated assumptions, without compromising the safety of the encrypted information. "The fact that such a structure works was like magic."

These results may pave the way for the practical use of homomorphic encryption. Improved versions of the new system may be tens of meters - and even thousands of meters - faster than the initial system developed by Gentry. Indeed, later Dr. Barkarski and Dr. Vikontanten were able to develop the theory underlying their homomorphic encryption method to a point from which computer engineers could develop applications.

In addition to keeping information found on the Internet, or in a computing cloud, from unwanted eyes, full homomorphic encryption may enable new operations on information, which were impossible until now, such as, for example, safe processing of sensitive medical information. Patients will be able to "disclose" medical information when it is encrypted, and thus it will be possible to conduct extensive medical research on the data in an encrypted form, without allowing access to the medical information of individual people.