A team at Microsoft Research has figured out a way to share encrypted information stored in the cloud without compromising security. The example the outfit gives is as follows:
"Machine learning algorithms may examine our genomes to determine our susceptibility to maladies such as heart disease and cancer. Between now and then, computer scientists need to train the algorithms on genetic data, bundles of which are increasingly stored encrypted and secure in the cloud along with financial records, vacation photos and other bits and bytes of digitized information."
Given the nature of encryption, though, only the owners of said data can access it. Good for security, but bad for researchers.
The methodology proposed by the team uses multiparty computation, where results are shared, but no one involved learns any of the specifics about the data contained in the encrypted file. "We require that none of the parties involved learns anything beyond what they already know and what is revealed by the function, even when the parties (except the cloud) are active malicious," the research brief says.
So, essentially, it's a lot like having an impartial pal know the number of books in two friends' collections. From there, the third party would tell each friend who's bookshelf has more on it, without saying exactly how many books are on either shelf.
Encryption computations are all performed within the cloud as well, and the scientists involved say that the computations themselves are encrypted. The servers don't even know what they're processing. "Set up this way, the data exchange is secure provided that the cloud itself follows the rules and nothing more," the post says.
The end result could apparently make it easier for scientists to preview data for experiments without buying it. What's more, it'd they'd only have to make a costly purchase once they know the data is worthwhile for their studies.