New Fujitsu Labs tech can do batch searches of encrypted data
- 16 January, 2014 09:38
If snooping by the U.S. National Security Agency isn't enough to make you worry about your privacy, Japan's Fujitsu Laboratories has developed a fast method to perform secret searches of data that is encrypted.
The technology makes use of homomorphic encryption, which allows for operations to be performed on encrypted data without having to decrypt it.
Fujitsu developed a batch search method that can rifle through 16,000 characters per second using any search term without the need for pre-registering keywords.
The lab hopes to commercialize the technology by 2015, billing it as a useful analytical tool in an increasingly data-driven world. The researchers said it's one that will in fact protect privacy.
"Our technology is based on public-key encryption," said Jun Kogure, research manager at the Social Innovation Laboratories in the Secure Computing Lab of Fujitsu Laboratories.
"When acquiring a public key, one also obtains a secret key paired to that public key. Those who perform searches only need a public key, which is made public beforehand and is something anyone can obtain. As results of searches are also encrypted, only those who have the secret key can see the search results."
If thieves or spies tried to use the method, it would be fruitless.
"They may be able to make searches, but it will not mean anything without the secret key," Kogure said.
Forgoing registration of searchable keywords distinguishes Fujitsu's new approach from other ways of looking through encrypted data.
"Many of the existing methods use tag-based searches, which pre-register keyword tags and in the search phase privately check if the specified keyword matches one of the registered tags," said Kogure.
"Our technology is not based on tag-searching. We use homomorphic encryption to perform full-text searches."
The batch search is performed using encrypted character strings, and the search results themselves are encrypted. That means only users with the decryption key can read them.
Possible applications include searching for a particular base sequence in a strand of DNA. The method would preserve the privacy of the DNA information while yielding a useful result, and could be used in multiple DNA searches.
Searching through encrypted academic scores from a number of schools for analytical purposes could be another application, the lab suggested.
The latest know-how is based on the lab's development in 2013 of a method that allows for high-speed statistical calculations and biometric authentication to be performed on encrypted data.
That method involves batch-encrypting data and opens the door to applications such as matching fingerprint or vein patterns to a secure database without having to decrypt it. The processing speed of this method is about 2,000 times faster than bit-by-bit encryption, according to the lab, which presented the research at security conferences in Germany and the U.K. in September 2013.
Programmers have long faced the challenge of needing unencrypted, plain-text data in order to be able to do anything useful with it, such as mathematical calculations. One goal is to be able to implement new cloud-based services such as medical or marketing analyses using fully encrypted data that isn't as vulnerable to attack as the plain version.
After years of work on the problem, IBM recently received a patent for a method known as fully homomorphic encryption, which allows encrypted data to be processed as is.
Big Blue said its invention would pave the way for more secure cloud computing services. Creating so-called "encrypted blobs" and using them with other encrypted blobs for processing can yield the same results as if the data were not encrypted.