It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
IBM Crypto Patent
page: 15
share:
www.eweek.com...
Given recent NSA revelations, what do people make of this?
This enables a method of processing data without that input data being processed in the clear.
If the data can be analyzed however, then it implies the contents of the data can be inferred even if they can't be seen.
e.g. I could write this text in a language you don't understand (making it unreadable to you), however this text and its meaning would remain intact.
The fact the meaning of the data is maintained creates a contradiction in terms of both privacy and security. Properly encrypted data is indistinguishable from random data, however, if this homomorphic encryption maintains meaning, the data would no longer pass statistical tests for randomness, and any implied privacy (and thus, security) is lost.
Thoughts???
Given recent NSA revelations, what do people make of this?
"Our patented invention has the potential to pave the way for more secure cloud computing services—without having to decrypt or reveal original data," said Gentry in a statement. "Fully homomorphic encryption will enable companies to confidently share data and more easily and quickly overcome challenges or take advantage of emerging opportunities."
This enables a method of processing data without that input data being processed in the clear.
If the data can be analyzed however, then it implies the contents of the data can be inferred even if they can't be seen.
e.g. I could write this text in a language you don't understand (making it unreadable to you), however this text and its meaning would remain intact.
The fact the meaning of the data is maintained creates a contradiction in terms of both privacy and security. Properly encrypted data is indistinguishable from random data, however, if this homomorphic encryption maintains meaning, the data would no longer pass statistical tests for randomness, and any implied privacy (and thus, security) is lost.
Thoughts???
edit on 23-12-2013 by mirageofdeceit because: Re-written for greater clarity.
it will reveal the same detailed results as if the original data was completely visible
Yes, that sounds perfectly safe to me... haha.
reply to post by mirageofdeceit
It would need to be independently evaluated and verified.
Good Grief! ... take a look at the patent ( and/or do you want that job of evaluate and verify; THIS might take a while ): Patent
For "Cloud" Storage, data SHOULD be Encrypted 1st on the Client-Machine BEFORE sending it for storage over a "Public" Network. Here's the problem; the Encrypted MUST be downloaded 1st THEN Decrypted LAST on the Client-Machine.
Summary: Maybe they have something ... BUT "It would need to be independently evaluated and verified."
It would need to be independently evaluated and verified.
Good Grief! ... take a look at the patent ( and/or do you want that job of evaluate and verify; THIS might take a while ): Patent
For "Cloud" Storage, data SHOULD be Encrypted 1st on the Client-Machine BEFORE sending it for storage over a "Public" Network. Here's the problem; the Encrypted MUST be downloaded 1st THEN Decrypted LAST on the Client-Machine.
Summary: Maybe they have something ... BUT "It would need to be independently evaluated and verified."
edit on 23-12-2013 by FarleyWayne
because: (no reason given)
reply to post by FarleyWayne
Right, but in this case, it is about processing of data. They are talking about processing ENCRYPTED data, and sending the ENCRYPTED RESULT back to whoever sent the request. The problem is that if MEANING of data remains intact, then any supposed privacy is lost.
Right, but in this case, it is about processing of data. They are talking about processing ENCRYPTED data, and sending the ENCRYPTED RESULT back to whoever sent the request. The problem is that if MEANING of data remains intact, then any supposed privacy is lost.
Example: www.asciitohex.com...
BASE64:
SWYgSSB0eXBlIHRvIHlvdSBpbiBwbGFpbiB0ZXh0LCB0aGVuIGNvbnZlcnQgaXQgdG8gQkFTRTY0LCB0aGUgTUVBTklORyBvZiB0aGUgZGF0YSBpcyBtYWludGFpbmVkLg==
Put that in the conversion tool, above. If it was random data (the result of proper encryption), it would be impossible to read without a key.
The problem with this homomorphic crypto is that the data can be processed and maintain meaning, whereas if you modified any bits of real cipher text, you'd corrupt it, and decryption would yield junk.
BASE64:
SWYgSSB0eXBlIHRvIHlvdSBpbiBwbGFpbiB0ZXh0LCB0aGVuIGNvbnZlcnQgaXQgdG8gQkFTRTY0LCB0aGUgTUVBTklORyBvZiB0aGUgZGF0YSBpcyBtYWludGFpbmVkLg==
Put that in the conversion tool, above. If it was random data (the result of proper encryption), it would be impossible to read without a key.
The problem with this homomorphic crypto is that the data can be processed and maintain meaning, whereas if you modified any bits of real cipher text, you'd corrupt it, and decryption would yield junk.
edit on 23-12-2013 by mirageofdeceit because: (no reason given)
reply to post by mirageofdeceit
A "solution" for what's being discussed here would be of "High Significance" for ... "Cloud-Based"-DATABASES.
-
Summary: Clarification of Use.
A "solution" for what's being discussed here would be of "High Significance" for ... "Cloud-Based"-DATABASES.
-
Summary: Clarification of Use.
mirageofdeceit
Example: www.asciitohex.com...
BASE64:
SWYgSSB0eXBlIHRvIHlvdSBpbiBwbGFpbiB0ZXh0LCB0aGVuIGNvbnZlcnQgaXQgdG8gQkFTRTY0LCB0aGUgTUVBTklORyBvZiB0aGUgZGF0YSBpcyBtYWludGFpbmVkLg==
That is an example of "ENCODING" ... ( not "encryption" ).
edit on 23-12-2013 by FarleyWayne because: (no reason given)
reply to post by FarleyWayne
You caught me half-way through editing my post. Please re-read it.
You are correct though - my example is encoded. Point is, properly encrypted data conveys no meaning, so the security/privacy aspect is highly questionable.
You caught me half-way through editing my post. Please re-read it.
You are correct though - my example is encoded. Point is, properly encrypted data conveys no meaning, so the security/privacy aspect is highly questionable.
edit on 23-12-2013 by mirageofdeceit because: (no reason given)
reply to post by mirageofdeceit
Here is an example of AES-Double-Encryption following by a 64-bit Encoding.
How do I know? I personally compiled the program that produced it.
It contains the TEXT of THIS-Post.
Here is an example of AES-Double-Encryption following by a 64-bit Encoding.
How do I know? I personally compiled the program that produced it.
It contains the TEXT of THIS-Post.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4C/5MQn6ayNZywyMPh0hvZWVo5DjfkNBqOe/E0RxeikZIQcoBRK9x9zvKF9hYzimw3pUOYOa
q3wainosOebBA0p3uCjicoGSGOIG+sM0f2e1pwxUxnWI3M2Fd5p3DEZwug5OyEgBccg+oJum
kF6y0Z2cbZTInP32Iy4v2nHW8c9u3cwo5cQTBSBlks8twVu1xXAJN6wY8mtnFYjeSJJ03mS5
zp4IQzG1hz9PsSFkAAIkumW0TzN8o7Yeec/UrNpL9qxKV9zsqyQii+Y6cRSCG0AZx2k0yGhq
NNh8xobwGfhafhlZTnCzGUQ2OKcgHslDUHYZSbb5oQ5tcs8XceFUFcy0GkK/RRztZVaC50Lo
1n3kpTW6LXKh6tswCoF0+M2z.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
reply to post by FarleyWayne
that's easy it says:
Here is an example of AES-Double-Encryption following by a 64-bit Encoding.
How do I know? I personally compiled the program that produced it.
It contains the TEXT of THIS-Post.
64 bits no sweat!
lol
that's easy it says:
Here is an example of AES-Double-Encryption following by a 64-bit Encoding.
How do I know? I personally compiled the program that produced it.
It contains the TEXT of THIS-Post.
64 bits no sweat!
lol
reply to post by bitsforbytes
YES !!!, you guessed what was "Encrypted" ... ( I bet you cheated !!! )
YES !!!, you guessed what was "Encrypted" ... ( I bet you cheated !!! )
The only safe encryption is if the software is open source. Everything else can have back doors either built in from the start or added during an
update. It must be used on the source computer as specified above.
The greatest hazard is always key loggers.
P
The greatest hazard is always key loggers.
P
reply to post by pheonix358
You're Learning: www.abovetopsecret.com...
You're Learning: www.abovetopsecret.com...
edit on 23-12-2013 by FarleyWayne because: (no reason
given)
reply to post by FarleyWayne
Run two computers, run the second off line. Keep encrypted files only on the off line machine. Then you only have to worry about physical security. Second machine does need to be all that powerful.
P
Run two computers, run the second off line. Keep encrypted files only on the off line machine. Then you only have to worry about physical security. Second machine does need to be all that powerful.
P
reply to post by FarleyWayne
Now run a statistical test on that cipher text from your AES program. It will look close to random. If you try and modify it, it will break.
Those properties do not exist with homomorphic encryption. The intermediate processing does not know what the inputs are, so it has no way to know if any particular operation will break the output, yet manipulate it it will.
If I increase every alternate 10th and 12th bit by 1 in my encoded text, then decoded it, I would get the next character in the decoded character set. If I did that to your cipher text, I'd break it completely.
Now run a statistical test on that cipher text from your AES program. It will look close to random. If you try and modify it, it will break.
Those properties do not exist with homomorphic encryption. The intermediate processing does not know what the inputs are, so it has no way to know if any particular operation will break the output, yet manipulate it it will.
If I increase every alternate 10th and 12th bit by 1 in my encoded text, then decoded it, I would get the next character in the decoded character set. If I did that to your cipher text, I'd break it completely.
edit on 23-12-2013 by mirageofdeceit because: (no reason given)
I remember reading about this subject a few years ago.
That was from wiki on Homomorphic encryption
There is still development to be done.
Craig Gentry using lattice-based cryptography showed the first fully homomorphic encryption scheme as announced by IBM on June 25, 2009
That was from wiki on Homomorphic encryption
There is still development to be done.
mirageofdeceit
reply to post by FarleyWayne
If I increase every alternate 10th and 12th bit by 1 in my encoded text, then decoded it, I would get the next character in the decoded character set. If I did that to your cipher text, I'd break it completely.
Yes, mine would "break" in those conditions.
AND/OR
It would "DESTROY" MY "Encryption" beyond useability ... ( not that it was decrypted ).
.
edit on 23-12-2013 by FarleyWayne because: (no reason given)
I have not fully looked into it, but on the surface it does sound more like a translation than encryption process that is being performed. Instead of
sharing encryption keys to read the data, translation algorithms are shared instead. It does make it easier when there is a big mass of data to go
through.
As for what I make of it, kinda reminds me of the whole 'enemy combatant' terminology. It does allow for a quick side step of a lot of ethical reasoning. With the current political push to decentralize the big data collection it is going to lead to a messy and intricate digital landscape for those needing to navigate it.
As for what I make of it, kinda reminds me of the whole 'enemy combatant' terminology. It does allow for a quick side step of a lot of ethical reasoning. With the current political push to decentralize the big data collection it is going to lead to a messy and intricate digital landscape for those needing to navigate it.
From what I'm reading, this has to do with the handing off of data between separate services in a process chain, and the isolation that would result
from using homomorphic cryptology rather than methodology of initial encryption. In theory, this would allow the transient services to be able to
perform operations on the data, without actually knowing the encrypted content. It's almost a way of manipulating data that's already encrypted,
without actually decrypting then re-encrypting before passing it along to the next host in the hop.
Wiki stated it pretty well:
It seems like the goal is to cut out the necessity of each entity in the chain having to decrypt to manipulate data...which would be a pretty good idea given the recent trend to decentralize data via "the cloud".
Furthermore, it takes quandaries like the whole NSA & RSA debacle out of the mix. For those of you who don't know about said debacle, check this out: RSA Responds to Allegations
Edit: OP, SnF for a pretty sweet find!
Wiki stated it pretty well:
This is a desirable feature in modern communication system architectures. Homomorphic encryption would allow the chaining together of different services without exposing the data to each of those services, for example a chain of different services from different companies could 1) calculate the tax 2) the currency exchange rate 3) shipping, on a transaction without exposing the unencrypted data to each of those services.
It seems like the goal is to cut out the necessity of each entity in the chain having to decrypt to manipulate data...which would be a pretty good idea given the recent trend to decentralize data via "the cloud".
Furthermore, it takes quandaries like the whole NSA & RSA debacle out of the mix. For those of you who don't know about said debacle, check this out: RSA Responds to Allegations
Edit: OP, SnF for a pretty sweet find!
edit on 24-12-2013 by parad0x122 because: SnF shoutout
new topics
-
racist rant, but she made the arguement to get rid of DEI
US Political Madness: 57 minutes ago -
Well we know Putins ICBMs won't fail in their silos
World War Three: 1 hours ago -
Why isn't Psychiatry involved?
Social Issues and Civil Unrest: 7 hours ago -
Help in song interpretation
Music: 9 hours ago -
FEMA Head Admits Agency Skipped 20 Homes with Trump Signs
Mainstream News: 11 hours ago
top topics
-
FEMA Head Admits Agency Skipped 20 Homes with Trump Signs
Mainstream News: 11 hours ago, 16 flags -
Yet another Hack...
Rant: 12 hours ago, 13 flags -
Gaetz ethics investigation results "hacked".
US Political Madness: 16 hours ago, 11 flags -
Well we know Putins ICBMs won't fail in their silos
World War Three: 1 hours ago, 7 flags -
Why isn't Psychiatry involved?
Social Issues and Civil Unrest: 7 hours ago, 4 flags -
racist rant, but she made the arguement to get rid of DEI
US Political Madness: 57 minutes ago, 4 flags -
Help in song interpretation
Music: 9 hours ago, 2 flags
active topics
-
Well we know Putins ICBMs won't fail in their silos
World War Three • 18 • : dothedew -
Russia Ukraine Update Thread - part 3
World War Three • 6842 • : Oldcarpy2 -
FEMA Head Admits Agency Skipped 20 Homes with Trump Signs
Mainstream News • 13 • : SideEyeEverything1 -
Post A Funny (T&C Friendly) Pic Part IV: The LOL awakens!
General Chit Chat • 7804 • : baddmove -
How Long have You been Alive?
General Chit Chat • 32 • : Oldcarpy2 -
WATCH LIVE: US Congress hearing on UFOs, unidentified anomalous phenomena
Aliens and UFOs • 151 • : Lazy88 -
Well, here we go red lines crossed Biden gives the go ahead to use long range missiles
World War Three • 314 • : ufoorbhunter -
racist rant, but she made the arguement to get rid of DEI
US Political Madness • 0 • : network dude -
Why isn't Psychiatry involved?
Social Issues and Civil Unrest • 7 • : BrucellaOrchitis -
Kentucky goes medical marijuana Jan 1 2025
Other Current Events • 27 • : 38181
5