Trust Me, I’m Encrypted.
The latest, state-of-the-art cryptographic technologies are poised to become our next best friends to protect our private data. While allowing the data economy to thrive without compromising our privacy.
For about a year now, there is not a single week without the breaking news of a massive customer data theft. The recent cases of Cambridge Analytica, British Airways, Google+ or Facebook hit the headlines. No one is spared, from Internet moguls to brick-and-mortars.
But above all, this is us, the individuals, who bear the maximum cost: not only are our private data stripped from us without full consent, but they are traded, stolen, manipulated — in short, out of our control.
Every day I find myself in situations where I have to disclose private data. And every day I’m struck by the fact that I’m somehow forced to reveal or to give access to a lot more than what is really needed.
Why does my bank access all the details of my daily transactions: what, how much and where? My contract with the bank is about me making sure there is money on my account and paying debt interest if not. Not about giving the bank access to all these personal details. What’s in it for me?
Why do I have to provide my entire tax report to rent an apartment just to prove I can actually pay the rent?
Why is my online activity recorded and sold to third-parties without my consent to benefit from so called user benefits such as « targeted advertising » or « personalized services »?
Don’t get me wrong. I’m not arguing the pipeline of data should be sealed with lead. I’m pointing out the extreme need for regaining control on who access our data and what for. Not more.
The (very) good news is that this type of control, allowing for selective data osmosis with full and informed user consent, is now possible thanks to the latest cryptographic research turn into service applications.
Let me highlight the top 5 reasons why I believe cryptography will revolutionize privacy in everyday applications.
1. Mathematics not Magic
Cryptology studies the techniques for « enciphering and deciphering of messages in secret code or cipher » (Merriam-Webster). The mother of all techniques was encryption or how to convert information from a readable state to apparent nonsense. Ancient Greeks, Julius Caesar, Persians, Czars & Kings all over Europe — to name the oldest but not the least — have used encryption for diplomatic reasons, to protect war communications and intimate conversations. On a lighter note: who hasn’t written with invisible ink during treasure hunts in summer camps?
The computer era changed the nature of the game, tremendously augmenting the abilities to encrypt and decrypt. Think about WWII, Alan Turing cracking Nazis’ Enigma machines. In the past 30 years, cryptographic techniques heavily transformed themselves with intensive use of mathematics. In 1976, modern cryptography is taken by storm with the revolutionary concept of « public key encryption » (Diffie-Hellman and Merkle): a pair of different but mathematically related keys, the public key to encrypt and the private key to decrypt. Hence, if I give away my public key, anyone can use my public key to encrypt data — but I am the only one to be able to decrypt the data using my private key (as long as I don’t give it away indeed).
This founding principle directly led to the emergence of many public-key encryption systems — one of the most famous being the algorithm developed by Rivest-Shamir-Adleman. The RSA cryptosystem has been at the core of several applications and RSA signatures are still very much in use in SSL certificates, for instance. More recently, schemes such as Elliptic Curve Cryptography became very popular and most blockchain systems are built on it.
In a nutshell, we are all already exposed or using cryptographic technologies without knowing. Just like your car or household equipment is powered by state-of-the-art electronics.
Cryptographic technologies are the new chips of the data economy.
2. The only bulletproof private data protection is for data to be encrypted with the Person’s public key.
First of all, let me explain why public-key encryption of your private data protects your privacy.
Since your data are encrypted with your public key, only your private key can decrypt them hence only you can read them. No one else but you. It’s mathematically bulletproof.
But you may ask: Why on earth would I want to encrypt my private data? When I browse the web, search for products, post on social networks, my activities are legitimate. I don’t have anything to hide.
Here is why you should always favor encryption. This is not about hiding anything.
I don’t mean to be as extreme as Cardinal Richelieu (famous and feared French Foreign Secretary -1585–1642) and suspecting systematic data mishandling. But the fact is that you don’t know who accesses your data and what for. Conclusion: private data should be encrypted by their owner.
Second, when private data are encrypted, there is a significant reduction of risks in data security and in data compliance. Very good news again, this time for companies and organizations.
When customers’ private data are encrypted with customers’ public keys, organizations not only stop holding « clear text data » (subjected to European GDPR regulation ) but also consequences of data breaches are reduced: data can still be stolen if security fails but data can’t be decrypted as long as the private keys are not in the hacker’s hands.
Protecting private keys has hence become essential and a large number of new paradigms, hardware and companies have recently emerged to improve handling and security.
Last but not least, once properly encrypted, private data can be stored anywhere: in the cloud, locally on devices, on premises.
This flexibility also reduces compliance risks for organizations.
3. Now Ladies and Gentlemen, Introducing (drums rolling) …Functional Encryption, a revolutionary approach to Personal Data Intelligence.
Public-key encryption significantly improves the security of your data. But unless you plan on living alone on an island — where security is not going to bring you much anyway — encryption is not enough.
You need to share some of your private data, or, better, insight on your data. How do you prove to your landlord that you can pay for the rent? Actually, there exists a large private data economy performing analytics on dynamic data fueled by the power and speed of computer analysis.
The problem is once you give access to your tax returns and/or bank statements, it is game over. Technically, that data is gone; it can be copied, shared, transferred, repurposed…
So here comes the private data paradox: combining privacy with a need to share.
Functional encryption is solving the Private Data Paradox.
The key to solve that paradox, is that in most cases, it is not an “all or nothing” situation.
Your landlord unlikely needs to know all details about your incomes, expenses and taxes but is more likely interested in what is your monthly average disposable income.
In other words, it is not the private data itself that matters, it is the result of a calculation on that data.
This is exactly what functional encryption does. It enables performing a calculation on encrypted data and returns a result in clear. In other words, functional encryption enables private data analysis without revealing the underlying data.
Formalized by top-notch mathematicians in 2010 i.e. very recently for the rest of us, functional encryption has been the object of extensive studies, in particular from the ENS/CNRS/INRIA Crypto Lab headed by the French researcher David Pointcheval.
Functional Encryption is not a completely magic bullet and has its issues but is a tremendous, groundbreaking approach that open new, exciting perspectives about Private Data Intelligence. Think about the various industries such as Health, IoT, Finances…based on loads of analytics — not to mention AI training across all fields.
With functional encryption, these industries could develop their businesses with full respect of individuals’ privacy.
Now I hear you: you understand the value of public-key encryption and functional encryption to protect private data theft and secure privacy in data analysis. But how do you factor individual consent to perform those calculations along the chain?
How can I trust that my consent will be dutifully executed when all I do is signing online consents I suspect not being enforced.
4. Because Consent is Key…the Key has to be the Consent
You are right to be skeptical about your consent being respected. Regulations such as European GDPR states consent must be transparent and informed.
But at the end of the day, you are just checking boxes on a web page.
And ooops, by the way, did you take a screenshot of that pop-up box requiring your consent, so you can later prove you never consented to what has been finally done with your data?
That is the other beauty with functional encryption. To be able to perform a calculation on your data, one must have a special cryptographic key, a functional key, issued from your private key.
Only you can issue that functional key and most importantly, that functional key only allows to perform the particular calculation it has been issued for. Nothing else. If that key is meant to calculate an average over some of your (encrypted) private data, it cannot be used to reveal anything else.
Going back to our previous scenario, you can give a functional key to your landlord to perform the “monthly average disposable income” calculation over your encrypted bank statements. The result of that calculation is all the landlord will have access to and above all — needs to access.
That is, the key binds the calculation to your consent to perform the calculation: the key is the consent.
5. We Want It All: Privacy-by-Design and Privacy-by-Default
Enabling new such cryptographic primitives will enable to build applications with privacy by design. These primitives are new, have their own issues and there is still a fairly big gap to bridge before being able to perform the same set of analytics on encrypted data than the one which is currently performed on clear text data.
I truly believe everyone should start understanding what is at stake with cryptography in relation with our daily lives. And how cryptography will help us, as individuals, to take back control on our data.
So, in subsequent articles, we will go into more (techie but interesting!) details and review some of the state-of-the-art techniques available to application developers today.
This series is likely to be around:
- You can’t break me! (Public-key encryption systems, hardness, quantum resistance…)
- Prove me stuff! (zero knowledge proofs, signature schemes, …)
- Tell me more! (functional encryption, ABE, homomorphic encryption…)
Cryptography is a highly technical, mathematically involved, constantly evolving subject. At Cosmian we believe that some of these techniques are ready for consumption and should immediately be enabled to satisfy the urge for improved privacy.
We are working hard with world renowned cryptographers to bring them in easy to use packages and tools to application developers and to data scientists. Our goal is that privacy does not become a choice, but the default.
I hope this article — and the next to come — will spark interests, questions, debates.
Please feel free to share your feedback directly with me (email@example.com)
 https://www.iacr.org/archive/pkc2015/90200150/90200150.pdf — Abdalla, Bourse, De Caro, Pointcheval Simple Functional Encryption Schemes for Inner Products