Imagine that you are responsible for high-performance computing for an automobile manufacturer. Car designs need body panels limiting aerodynamic drag wrapped around engines burning fuel efficiently. But it takes big computers to model aerodynamic flow and flame front propagation.
So let’s say that with a major investment in hardware and staffing your company has built and used a high performance computing platform to design next year’s model inside and out.
Great! But now what are you going to do with your supercomputer until it’s time for the next design cycle?
It would be nice if you could recover more on your investment by renting it out for similar computing by other companies. But many companies interested in solving the same problems will see you as their competitor. They will not want to store their data on your system. They wouldn’t even want to run their programs on dummy data there, because you might steal their algorithms.
Enter the strange notion of homomorphic encryption.
The idea is that you would encrypt the data before putting it on the system and then you would do the computation on the ciphertext. When the program finishes, you transfer the ciphertext output to somewhere safe and decrypt it there, yielding the answer you wanted.
But wait, it gets stranger.
The program itself would also have to be encrypted, so it can safely run in a hostile environment without exposing its sensitive internal logic to the operators of the computing platform.
This sounds crazy, but researchers have been discussing it since Rivest, Adleman and Dertouzos proposed it in 1978. That’s two-thirds of R, S, and A plus another cryptographer. You can interpret the RSA algorithm as partly homomorphic, some arithmetic operations can be carried out on ciphertext.
This was nothing but purely theoretical, believed to be impossible, until 2008 when Craig Gentry showed a way that it could be done. Unfortunately, the calculation within cipherspace took about a trillion times longer. Entirely impractical, but suddenly possible.
DARPA and IARPA, the defense and intelligence advanced research agencies in the U.S., announced that they would fund $20 million worth of research into the topic. DARPA called their program Catalyzing Research Initiatives in Programming Computation on Encrypted Data (or PROCEED), IARPA made it part of their Security And Privacy Assurance Research Program (or SPAR Program) Broad Agency Announcement.
Then Google and Citigroup funded research by a group at MIT’s Computer Science and Artificial Intelligence Laboratory who published a breakthrough bringing it much closer to practical, showing how they could do encrypted queries on encrypted databases.
Going back to the opening premise, I doubt that you’re in charge of high-performance computing for a car manufacturer. But it’s far more likely that you are considering cloud computing while worrying about the increased exposure of your deta and programs.
As we see in Learning Tree’s Cloud Security Essentials course, the cloud is evolving rapidly. This includes the available security features. Keep an eye on homomorphic cryptography!