Military wants Holy Grail of secure encryption technology

Fully homomorphic encryption just one item on DARPA security wish list

nsf: internet connections
It's a data encryption technology that protects sensitive data but at the same time lets computations be performed on it all without the data being decrypted.

Called fully homomorphic encryption it is known as the Holy Grail of encryption systems by some security experts and it is one of the key technologies scientists at the Defense Advanced Research Projects Agency want for future projects

In its own geeky way, DARPA said fully homomorphic cryptosystems have the following properties:

1. E(x + y) = E(x) + E(y)

2. E(x * y) = E(x) * E(y)

3. The ciphertext size is independent of the number of additions and multiplications.

15 genius algorithms that aren't boring

DARPA wants the new cryptosystem as part of an overarching project know as Programming Computation on Encrypted Data (PROCEED) which seeks to develop all manner of programs that can "develop practical methods for computation on encrypted data without decrypting the data and to develop modern programming languages to describe these computations."

PROCEDE has some mighty lofty goals including the development of new algorithms and programming languages.  The agency defines what it is looking for here:

  • Algorithms - Practical computation on encrypted data will require libraries of data structures and algorithms that are optimized for efficiency in the encrypted domain. Most current approaches to computation on encrypted data work by turning a program into a circuit. An important goal for optimization is minimizing circuit depth, which is traditionally a goal of hardware designers, not programmers.
  • Programming Languages - More advanced languages are sought, with type systems that embed cryptographic knowledge, making programming computation on encrypted data no more difficult than conventional programming. Today's languages for computation on encrypted data, such as the one in the FairPlay system are simple, imperative languages that have little, if any, type system support for cryptography.

You may recall that IBM made a splash last year when researcher Craig Gentry came up with he called a fully homomorphic encryption technology that uses a mathematical system known as an "ideal lattice," that lets people to fully interact with encrypted data in ways previously thought impossible.

At the time IBM said the breakthrough would let computer services, such as Google or others storing the confidential, electronic data of others will be able to fully analyze data on their clients' behalf without expensive interaction with the client and without actually seeing any of the private data.

In a paper on the topic Gentry wrote: "Suppose that you want to delegate the ability to process your data, without giving away access to it. We show that this separation is possible: we describe a "fully homomorphic" encryption scheme that keeps data private, but that allows a worker that does not have the secret decryption key to compute any (still encrypted) result of the data, even when the function of the data is very complex. In short, a third party can perform complicated processing of data without being able to see it. Among other things, this helps make cloud computing compatible with privacy."

The idea is a user could search for information using encrypted search words, and get encrypted results they could then decrypt on their own. Other potential applications include enabling filters to identify spam, even in encrypted email, or protecting information contained in electronic medical records.  It is also touted as the security technology needed to truly secure cloud computing.

IBM said two fathers of modern encryption -- Ron Rivest and Leonard Adleman -- together with Michael Dertouzos, introduced and struggled with the notion of fully homomorphic encryption approximately 30 years ago. Although advances through the years offered partial solutions to this problem, a full solution that achieves all the desired properties of homomorphic encryption has not existed, IBM stated.  

Meanwhile DARPA has been on a security binge lately.  In June it announced its Clean‐Slate Design of Resilient, Adaptive, Secure Hosts (CRASH) program that looks to lean heavily on human biology to develop super-smart, highly adaptive, supremely secure networks.  

CRASH systems will feature the closely integrated hardware, system software, programming languages and design environments. Often, making a small change in one of these domains can greatly ease the task of another. For example, providing a uniform software support system for automatic memory management can reduce the task of analyzing memory safety. Similarly, hardware tagging can systematically enforce code/data and other distinctions that might be more difficult and more costly to guarantee at other levels. Programming languages and environments that capture design rationale, constraints, and invariants make it easier to implement self‐checking and self‐adaptive software systems, DARPA stated.

Follow Michael Cooney on Twitter: nwwlayer8  

Layer 8 Extra

Check out these other hot stories:

NASA's future Mars rover will be better equipped to find Martian life

NASA goes Lunar with online video game

"Help, I am stranded!" scam haunting social networks

Cloud computing exacerbates government security issues      

NASA sets date for space shuttle finale

What are the biggest barriers to developing wind energy?

NASA makes it official: It wants a big new rocket

Space, the Obama Way

NASA finds 14 new, seriously chilled stars

Beyond the petaflop - DARPA wants quintillion-speed computers

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT