Cryptographically secure pseudorandom number generator (Photo credit: Wikipedia)
University researchers have taken an important step forward on cloud security by proving it’s possible for a server to process encrypted data and to send back a still-encrypted result.
The technique, developed at the Massachusetts Institute of Technology (MIT), is based on homomorphic encryption, which makes it possible for a cloud server to process data without decryption.
The new method involves stitching homomorphic encryption with two other techniques into what the researchers call a “functional-encryption scheme.” The technique is not ready for prime time. The researchers acknowledge that it requires too much computational power to be practical.
Nevertheless, that problem can be attacked over time, now that researchers know it is possible to process data without decryption. “Before, we didn’t even know if this was possible,” said Raluca Ada Popa, a coauthor of the research and a graduate student in the Department of Electrical Engineering and Computer Science at MIT.
With today’s technology, if an encrypted search term is not decrypted first, then the receiving server has no choice but to send back information on every database record it has. As a result, the recipient’s computer would then have to do the decryption and handle the computations necessary to determine the applicable results.
Homomorphic encryption, a promising research topic in cryptography, makes it possible to process data while maintaining end-to-end encryption. The researchers’ new functional-encryption scheme takes that technology a step further by enabling the cloud server to run a single, specified computation on the homomorphically encrypted result — such as, “Is this record a match?” — without having to extract any other information.
[In depth: End-to-end encryption: The PCI security Holy Grail]
To do that, the researchers used two other schemes, called garbled circuit and attribute-based encryption. Each has select capabilities necessary for functional encryption.
The new system begins with homomorphic encryption and embeds the decryption algorithm in a garbled circuit. The key to the garbled circuit is protected in turn by attribute-based encryption, which keeps the whole process encrypted.
Steve Pate, co-founder and chief technology officer for cloud encryption company HighCloud Security, said the new research was “encouraging.” But he noted a big stumbleblock: “The computation required for homomorphic encryption far exceeds what we have today in terms of computing resources.”
Before such a technique can work, there will need to be advances in hardware where the encryption and key management capabilities occur within the processor or other hardware module, he said.
The Latest Bing News on:
Cloud security
- Why Google Cloud is battling AWS, Azure, in the red-hot PostgreSQL marketon May 11, 2022 at 12:15 pm
Google Cloud's AlloyDB for PostgreSQL, has moved into public preview, and as a a Postgres-compatible, fully managed DBaaS (database-as-a-service, will take on offerings from AWS, Microsoft, and in the ...
- Ivanti and Lookout partner together to help organizations develop their zero trust security postureon May 11, 2022 at 12:00 pm
Ivanti and Lookout integrate three solutions to create a new zero-trust access solution to secure hybrid working environments.
- Orca Security Unveils Context-Aware Shift Left Security to Identify and Prevent Cloud Application Security Issues Earlieron May 11, 2022 at 11:29 am
Enterprises can now ship more secure code to production by unifying security across software development, DevOps, and security teams.
- Progress launches Chef Cloud Security to extend DevSecOps to cloud-native assetson May 11, 2022 at 3:37 am
The software provider has also enhanced its underlying security and compliance mechanism Chef InSpec with new features.
- Progress Extends the Power of DevSecOps to Cloud-Native Assets with the First Release of Progress® Chef® Cloud Securityon May 11, 2022 at 1:41 am
Progress announced the release of Progress® Chef® Cloud Security, extending DevSecOps with compliance support for native ...
- AMD Gave Google Cloud Rare Access to Its Tech to Hunt Chip Flawson May 10, 2022 at 12:22 pm
The goal is that the findings will safeguard Google Cloud, but also improve security across the industry, and that the partnership can perhaps be a model for increased transparency between chipmakers ...
- Cloud computing security: New guidance aims to keep your data safe from cyberattacks and breacheson May 10, 2022 at 3:17 am
More businesses are moving to the cloud - and cyber criminals know on-demand IT can be an easy target if it's not secured properly.
- Cloud Security Market is Expected to Represent a Value of Over USD 36.43 billion by 2028 : Fior Marketson May 9, 2022 at 10:00 pm
Cloud Security Market by Application ([Identity and Access Management (IAM), Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), Security Information and Event Management (SIEM), and ...
- Deloitte Launches Expanded Cloud Security Management Platformon May 9, 2022 at 10:27 am
The CSM by Deloitte platform includes cloud security policy orchestration, cyber predictive analytics, attack surface management, and cyber cloud managed services.
- Deloitte Launches Expanded Cloud Security Management Platform for Clients Facing Multi-Cloud Cyber Risk Challengeson May 9, 2022 at 9:00 am
To help U.S. executives concerned about visibility into the security of their cloud workloads and applications, Deloitte has expanded existing capabilities to launch Cloud Security Management (CSM) by ...
The Latest Google Headlines on:
Cloud security
The Latest Bing News on:
Homomorphic encryption
- Supply Chain Security in the Modern Era: How Homomorphic Encryption Keeps Your Data Safeon May 5, 2022 at 8:57 pm
One way to do this is through homomorphic encryption. This article will explain what homomorphic encryption is and how it can be used to keep your data safe. What is Supply Chain Security, and Why is ...
- The Woman Who Conquered COVIDon May 3, 2022 at 4:16 pm
Don't miss CoinDesk's Consensus 2022, the must-attend crypto & blockchain festival experience of the year in Austin, TX this June 9-12. Meet Audrey Tang, the woman who beat COVID-19. She’s too modest ...
- With Homomorphic Encryption, 5ireChain will Overcome all Threatson April 29, 2022 at 6:08 pm
A new model of cryptography is here to change what we all know about encryption. 5ireChain is deployed with this new model of cryptography— Homomorphic encryption. In homomorphic encryption ...
- With Homomorphic Encryption 5ireChain will Overcome all Threatson April 29, 2022 at 5:22 pm
5ire is using a homomorphic encryption scheme to secure the data in its blockchain network. With Homomorphic Encryption, 5ireChain will Overcome all Threats Among other things, the integrity of a ...
- Homomorphic Encryption Market Types, Size, Share, Growth, Sourcing Strategy, Scope, Demand and Forecast to 2030on April 28, 2022 at 4:10 am
The global homomorphic encryption market size is predicted to touch USD 268.92 million at an 8.58% CAGR between 2019- 2027, states the recent Market Research Future (MRFR) analysis. Homomorphic ...
- What Makes The Homomorphic Encryption Market Giants To Spend More By 2028?on April 28, 2022 at 2:40 am
The Homomorphic Encryption industry is estimated to grow at a significant CAGR in the upcoming period as the scope and its applications are rising enormously across the globe. An evaluation of the ...
- Enveil, a provider of encrypted, privacy-focused search and analytics tools, raises $25Mon April 27, 2022 at 1:00 pm
Today, a B2B startup called Enveil, which is aiming to build a new array of data products -- based on homomorphic encryption and secure multiparty computation -- to ensure their users' data privacy, ...
