This is an award winning research by a stanford scholar- Craig Gentry
If you’ve signed up for a Web-based e-mail service such as Google’s Gmail, or Yahoo! Mail, then you are a user of “cloud computing,” in which the storage and processing resources that data require are distributed among a vast network of servers. You almost certainly have no idea where those servers are, how many are involved, or who is managing them – they may as well be within a cloud – but the convenience of accessing the data on any connected computer or mobile device has won over you and millions of other customers.
The problem is that the cost of managing personal or corporate data this way may be privacy and security. For sensitive data to be protected from cloud operators and third parties, it must be encrypted, but if it is encrypted, then cloud servers can’t do anything with it, such as allow you to search and sort it. The tradeoff between security and utility has seemed intractable until last year when the solution was published in the dissertation of Stanford computer science graduate and IBM researcher Craig Gentry (PHD 2009 CS). Gentry’s working scheme for “fully homomorphic encryption (FHE)” still needs some serious efficiency tuning to be practical, but it has been hailed as a breakthrough, earning him the Best Dissertation Award from the Association for Computing Machinery in May.
“Homomorphic encryption gives you a way out of the dilemma,” Gentry says. “It gives you a way to process data without having access to it.”
“Homomorphic” is a mathematical term meaning that if you do two things to a bit of data – say, encrypt it and process it – the order in which you do them won’t matter. In other words, in FHE, data can be processed after it is encrypted, as well as before. This means that a Gmail user could someday send an encrypted search query to the servers in the cloud, and those severs could carry out that query even though the query and the e-mails are completely inscrutable to them. Only the user who holds secret key can ever decrypt the original data, the query, or the query results.
For another example, imagine how FHE could help the proprietor of an online movie streaming service – call it Hackbuster Video– protect the privacy of customers while still giving them all the features they want. A customer’s request for a new movie would be encrypted, as would the movie itself, meaning that Hackbuster would not know what movie the customer was watching. Despite the privacy, the Hackbuster’s servers could still charge the correct amount, offer playback features such as pause and rewind, and even still make recommendations of similar movies, all without ever being privy to the movies involved.
Gentry’s graduate advisor Dan Boneh, a professor of computer science and electrical engineering, said the work is groundbreaking.
“Craigs construction of the first fully homomorphic encryption solves a key 30-year old problem in cryptography,” Boneh said. “Like climbing Mt. Everest, many have tried to accomplish this feat before and failed. This work will drive research in cryptography for many years to come.”