Archive for the ‘Encryption’ Category

Searching an Encrypted Document Collection with Solr4, MongoDB and JCE

Sunday, December 16th, 2012

Searching an Encrypted Document Collection with Solr4, MongoDB and JCE by Sujit Pal.

From the post:

A while back, someone asked me if it was possible to make an encrypted document collection searchable through Solr. The use case was patient records – the patient is the owner of the records, and the only person who can search through them, unless he temporarily grants permission to someone else (for example his doctor) for diagnostic purposes. I couldn’t come up with a good way of doing it off the bat, but after some thought, came up with a design that roughly looked like the picture below:

With privacy being all the rage, a very timely post.

Not to mention an opportunity to try out Solr4.

Posted in Encryption, MongoDB, Security, Solr | No Comments »

Leaky Topic Maps?

Wednesday, August 10th, 2011

A Cloud that Can’t Leak

From the post:

Imagine getting a friend’s advice on a personal problem and being safe in the knowledge that it would be impossible for your friend to divulge the question, or even his own reply.

Researchers at Microsoft have taken a step toward making something similar possible for cloud computing, so that data sent to an Internet server can be used without ever being revealed. Their prototype can perform statistical analyses on encrypted data despite never decrypting it. The results worked out by the software emerge fully encrypted, too, and can only be interpreted using the key in the possession of the data’s owner.

Uses a technique called homomorphic encryption.

The article says 5 to 10 years before practical application, but it was 30 years between its proposal and a formal proof it was even possible. In the 2 or 3 years since that proof, a number of almost practical demonstrations have emerged. Would not bet on the 5 to 10 year time frame.

Posted in Algorithms, Encryption | No Comments »

Homomorphic Encryption System

Thursday, March 10th, 2011

The rationale for a homomorphic encryption system (FHE = fully homomorphic encryption):

“Homomorphic” is a mathematical term meaning that if you do two things to a bit of data – say, encrypt it and process it – the order in which you do them won’t matter. In other words, in FHE, data can be processed after it is encrypted, as well as before. This means that a Gmail user could someday send an encrypted search query to the servers in the cloud, and those severs could carry out that query even though the query and the e-mails are completely inscrutable to them. Only the user who holds secret key can ever decrypt the original data, the query, or the query results.

For another example, imagine how FHE could help the proprietor of an online movie streaming service – call it Hackbuster Video– protect the privacy of customers while still giving them all the features they want. A customer’s request for a new movie would be encrypted, as would the movie itself, meaning that Hackbuster would not know what movie the customer was watching. Despite the privacy, the Hackbuster’s servers could still charge the correct amount, offer playback features such as pause and rewind, and even still make recommendations of similar movies, all without ever being privy to the movies involved.

From: Encryption that allows privacy and access to co-exist earns top dissertation award

Craig Gentry solved this problem (he has a law degree as well) in his dissertation at Stanford.

Not quite ready for prime time due to performance issues but definitely a step in the right direction.

Of interest to topic mappers because of the need for secure interaction with remote topic map facilities.

Additional resources of interest:

Craig Gentry’s dissertation: A fully homomorphic encryption scheme.

Craig’s “easy” version for ACM members: Computing Arbitrary Functions of Encrypted Data. (CACM, March 2010)

Fields Institute Presentation (slides) http://av.fields.utoronto.ca/slides/08-09/crypto/gentry/download.pdf

Fields Institute Presentation (audio) http://www.fields.utoronto.ca:8080/ramgen/08-09/crypto/gentry.rm

Posted in Encryption | No Comments »

Encryption Using Topic Maps

Tuesday, September 21st, 2010

Topic maps are well suited to message passing in a loose confederation such as hackers.

Any loose confederation of actors could openly distribute information meaningful only to a small group.

Merging would be the key to assembling the correct message. (Imagine the “measurements” of models being merged to form geographic coordinates.)

Messages could be hidden in flood of other messages, only a tiny fraction of which merge.

Suggestions on a “secret” phrase to encode using merging and topic maps? (Must be non-libelous. Just in case it is ever decrypted.)

Questions:

  1. Would this be more or less secure than a set of XQuery statements against an unknown (to others) public text, the results of which are ordered to display the message? Why?
  2. Would you transmit the merging rules or have them known in advance? Why?
  3. How would you transmit data and/or merging rules?
  4. Would you write merging rules against public data sets? Why?

Posted in Encryption, Security | No Comments »