CLOUD SECURITYSecurity Scheme Could Protect Sensitive Data During Cloud Computation
MIT researchers crafted a new approach that could allow anyone to run operations on encrypted data without decrypting it first.
A hospital that wants to use a cloud computing service to perform artificial intelligence data analysis on sensitive patient records needs a guarantee those data will remain private during computation. Homomorphic encryption is a special type of security scheme that can provide this assurance.
The technique encrypts data in a way that anyone can perform computations without decrypting the data, preventing others from learning anything about underlying patient records. However, there are only a few ways to achieve homomorphic encryption, and they are so computationally intensive that it is often infeasible to deploy them in the real world.
MIT researchers have developed a new theoretical approach to building homomorphic encryption schemes that is simple and relies on computationally lightweight cryptographic tools. Their technique combines two tools so they become more powerful than either would be on its own. The researchers leverage this to construct a “somewhat homomorphic” encryption scheme — that is, it enables users to perform a limited number of operations on encrypted data without decrypting it, as opposed to fully homomorphic encryption that can allow more complex computations.
This somewhat homomorphic technique can capture many applications, such as private database lookups and private statistical analysis.
While this scheme is still theoretical, and much work remains before it could be used in practice, its simpler mathematical structure could make it efficient enough to protect user data in a wider range of real-world scenarios.
“The dream is that you type your ChatGPT prompt, encrypt it, send the encrypted message to ChatGPT, and then it can produce outputs for you without ever seeing what you are asking it,” says Henry Corrigan-Gibbs, the Douglas Ross Career Development Professor of Software Technology in the MIT Department of Electrical Engineering and Computer Science (EECS) and a co-author of a paper on this security scheme. “We are a long way from getting there, in part because these schemes are so inefficient. In this work, we wanted to try to build homomorphic encryption schemes that don’t use the standard tools, since different approaches can often lead to more efficient, more practical constructions.”
His co-authors include Alexandra Henzinger, an EECS graduate student; Yael Kalai, an Ellen Swallow Richards (1873) Professor and professor of EECS; and Vinod Vaikuntanathan, the Ford Professor of Engineering and a principal investigator in the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL). The research will be presented at the International Conference on the Theory and Applications of Cryptographic Techniques.
