Nickolai Zeldovich: How to Compute With Data You Can’t See
Despite massive efforts to guard sensitive data, hackers often manage to steal it anyway. It’s a problem that’s becoming especially acute, now that huge amounts of information are being concentrated on the servers of various cloud service providers. Most times we don’t even know where these machines are located; how can we possibly feel that our data is safe with them?
Here’s one way: Encrypt the data before it’s stored. That way, even if attackers manage to break into the cloud provider’s system and steal data, they’ll just get meaningless gibberish. This might seem a simple solution, but it has a big shortcoming: When data is encrypted, it’s useless to the bad guys, for sure. But in many instances encryption makes it useless to the good guys as well.
Today’s cloud providers typically perform many different kinds of useful computations on the data you entrust them with—looking things up, compiling statistics, analyzing trends, and so forth. Some apply very sophisticated machine-learning techniques to your data. But no one can do any of that if the data is encrypted.
So it would seem foolhardy to pursue encryption for anything other than perhaps simple data storage. In the past few years, however, a technique has emerged that achieves the seemingly impossible: It enables a cloud provider to perform many kinds of computations on data that has been encrypted. Read More…