Dynamic Cryptography

DARPA is currently leading the race for the ‘holy grail of encryption’

In modern-day encryption, an algorithm is used to scramble or encrypt data (files/messages etc.) to make it completely indecipherable even if the data has been hijacked. It remains readable to only those users in possession of the key – upon the entering of which – the encrypted data is unscrambled (or decrypted), making it readable once again. Usually, to make use of any encrypted data that has been hacked into, one must decrypt it to ‘plain text’ format, thereby making it susceptible to further breaches.

To help further protect the process, those working with plain text do so exclusively on ‘trusted’ computers. But this too has proved to be a rather dicey affair owing to the increasing number of organisations suffering from data breaches and unable to confirm the integrity of their ‘secure’ computers.

Assume, for example, the case of Boston College in 2005, where personal information (including Social Security Numbers and personal addresses) of over 120,000 alumni was compromised; or, the 2008 breach at the University of North Dakota, where private data of over 84,000 alumni was stolen by a contractor originally hired to develop software for the institution. According to the United States’ Defense Advanced Research Projects Agency (DARPA) program manager, Tom Rondeau, “Given all of the news about these hacks, these malware attacks, we can’t trust fully all of our hardware or software systems.”

The DARPA Approach

Therefore, to combat this, DARPA is currently looking to strengthen the existing encryption process through the development of the ‘fully homomorphic encryption’ (FHE) technique, which would allow for the analysis of computing data even while it is in its encrypted form. According to the US-based news group Live Science, “(this) could allow financial crimes investigators to scour sensitive bank records without exposing customer details, for instance, or let health researchers analyze private health data while preserving patients’ privacy, Rondeau said. The technique could also help the military keep their battlefield data more secure and make it easier to let allies work with classified intelligence data.”

The key principle to FHE lies in the fact that certain mathematical operations can map data from one point to another without really altering its underlying structure, thereby allowing data to be encoded as coordinates on a complex multidimensional lattice – partof a rather complex form of encoding, called lattice cryptography. Instead of denoting each data point’s position as part of a simple X- and Y-coordinate mapping, it is denoted as a unique point described by thousands of coordinates, some even with many decimal places to obscure precise location.

An added layer of security is guaranteed by the fact that none of these loci is static – i.e. several additional mathematical operations (such as addition/multiplication) is carried out to ensure the data points continuously move around the lattice without changing in form, i.e. dynamic data points. Although this makes the act of data-breaching rather complex; Rondeau warns, it is not yet quantum-proof.

According to Live Science, “The big problem is that processing this data is very slow on current computers – roughly a million times slower than processing times for unencrypted data. That’s why DARPA has launched a research program called Data Protection in Virtual Environments (DPRIVE), which Rondeau is managing, to speed things up.” To this end, the DPRIVE program recently awarded contracts to a division of Intel, called Intel Federal, a non-profit called SRI International, encryption start-up Duality Technologies, and a software company called Galois to design new software and processors to “boost speeds to just 10 times slower than normal, which is 100,000 times faster than current processing for fully homomorphic encryption.”

For almost half a decade now, this multidimensional approach to cryptography, i.e. homomorphic encryption, has been dubbed the ‘holy grail of encryption’. In fact, in December 2020, IBM even set out on its own path and launched a test service to ‘crack FHE’. Yet, the race to master FHE remains wide open – and the holy grail, untouched.