1. Encryption's holy grail is getting closer, one way or another

    Encryption's holy grail is getting closer, one way or another

    Whether it's a reaction to the Snowden revelations, a reaction to the continual news of massive data breaches, or just the obvious need to secure data in the cloud -- or all of the above -- new technologies for working directly on encrypted data are getting plenty of attention. Working with encrypted data without decrypting it first sounds too good to be true, but it's becoming possible.

    Read Full Article

    1. It works by executing SQL queries over encrypted data using a collection of efficient SQL-aware encryption schemes.
    2. The main issue it's addressing is if you have a database in the cloud, for example, and you want to protect against attackers who break into the cloud, or you want to protect against employees of the cloud.
    3. Fully homomorphic encryption handles any function you can imagine, so you could run any function on the encrypted data, but that would be nine orders of magnitude slower than the regular computation -- that's really not something practical.
    4. We support six basic functions: Addition, multiplication, greater than, equality, search, and nesting these functions, and we show that with these functions, you can actually implement a lot of interesting database applications, web applications, and so forth.
    5. It was really low ... and that was in a situation in which you encrypt absolutely all the data. But if you look at a lot of realistic applications, not everything is sensitive.
    6. It got an incredible amount of press, because even though that was not the main target of our paper, it does protect against government attacks too, because even if the government subpoenas the servers in the cloud, the cloud just doesn't have data, it just has encrypted data.
    7. Just now, [as] part of the startup, we're building a version of Mylar for certain kinds of applications, so that's one thing where we're building a real product.
    8. So this way, we are able to not share information with the server, but we have a little bit more of network communications.