Storing confidential data in the cloud is still controversial, especially when this cloud crosses borders (17 September 2012). Therefore, a call for encryption of data stored with third parties was made by users. However, due to the nature of service oriented software, this is easier said than done.

As previously explained, cloud computing offers many computing capabilities as on demand services (13 July 2012). Examples of cloud-based products, such as the sales administration software offered by SalesForce, show that complete software packages can be delivered from a remote site. However, this does mean that the data processed by the remote applications also needs to reside in the cloud. As this data is confidential, users prefer their data to be encrypted.

Encrypted Data Is Fully Opaque
As one may recall from my comments on a decryption duty (30 July 2012), encrypted data looks like random bytes. This also means it is, to the unknowing eye, a completely opaque blob of a binary data. In other words, possessing the stored bits does not yield anything intelligible when you do not also have the key.

While the opaqueness of encrypted data is good for security reasons, it also diminishes the use of an application in the cloud. When a software package is not able to access your data, it cannot perform its functionality. Thus, strong encryption makes it impossible to use office software to process this data, when this application is not allowed access to the stored contents.

Homomorphic Encryption to Save the Day
As a solution to the issue raised by opaque data, homomorphic encryption was suggested. At this moment, one can use partially homomorphic encryption, which is a form of encryption where one can perform a certain mathematical operation on the ciphertext. For example, if we have a partially homomorphic encryption algorithm under addition, we could simply add two encrypted values to obtain the encrypted equivalent of the addition of the two encrypted values.

Nevertheless, to be able to process encrypted information, one needs fully homomorphic encryption. This means that two operations are supported. By being able to perform, for example, both addition and multiplication, it is possible to fully process certain information without even looking at it. However, at this point, there exist no fully homomorphic encryption schemes that are practical for implementation in commercial systems.

The Encrypted Cloud: to be Expected in the Near Future
I dare to predict that the scientific research on homomorphic encryption will yield more practical applicable results over the next five to ten years. This would mean that a secure and privacy preserving cloud computing environment may be closer than thought. Nevertheless, it still requires that commercial interests, such as Facebook’s and Google’s marketing needs, are given a second place, after security and privacy.

Leave a Reply

Your email address will not be published. Required fields are marked *