Could a new form of cryptography solve the internet’s privacy problem? | Data protection
RAchel is a student at an American university who was sexually assaulted on campus. She decided not to report it (fewer than 10% of survivors do). What she did, however, was to register the abuse on a website that uses new ideas from cryptography to catch sexual predators.
The organization Callisto allows a survivor to enter their name into a database, along with identifying details about their assailant, such as social media handles or phone numbers. These details are encrypted, meaning that the identity of the survivor and the perpetrator are anonymous. If you hacked into the database, there is no way to identify either party.
But if the same perpetrator is named by two people, the website registers a match and this triggers an email to two lawyers. Each lawyer is given the name of one of the survivors (but not the name of the perpetrator). The lawyers then contact the survivors to let them know about the fight and offer to help coordinate further actions if they wish to pursue it.
In short, Callisto enables survivors of sexual assault to do something unprecedented: they can discover if their abuser is a repeat offender without identifying themselves to the authorities or even identifying the name of the abuser. They have learned something useful, and possibly useful, without having given anything away. “Survivors can find it healing to know they’re not the only one. They don’t feel like it’s their fault,” says Tracy DeTomasi, Callisto CEO. And there’s strength in numbers. “Maybe one person doesn’t have a case, but two people have it.”
The ability of two strangers to pool their knowledge without revealing any personal information to each other is a seemingly paradoxical idea from theoretical computer science that is fueling what many are calling the next revolution in technology. The same theory enables, for example, two governments to discover whether their computer systems have been hacked by the same enemy, without either government divulging confidential data, or two banks to discover whether they are being defrauded by the same person, without either banks go broke. financial data protection laws.
The umbrella term for these new cryptographic techniques, which allow you to share data while keeping the data private, is “privacy-enhancing technologies,” or pets. They offer opportunities for data subjects to aggregate their data in new and useful ways. In the healthcare sector, for example, strict rules prohibit hospitals from sharing patients’ medical data. But if hospitals were able to combine their data into larger data sets, doctors would have more information, which would enable them to make better decisions about treatments. In fact, since June, a project in Switzerland using pets has allowed medical researchers at four independent teaching hospitals to perform analyzes on their combined data on about 250,000 patients, without loss of privacy between institutions. Juan Troncoso, co-founder and CEO of Tune Insight, which runs the project, says: “The dream of personalized medicine depends on larger, higher-quality datasets. Pets can make this dream a reality while complying with regulations and protecting people’s privacy rights. This technology will be transformative for precision medicine and beyond.”
The past couple of years have seen the rise of dozens of pet startups in advertising, insurance, marketing, machine learning, cyber security, fintech and cryptocurrencies. According to research firm Everest Group, the market for pets was 2 billion dollars last year and will grow to more than 50 billion dollars by 2026. The authorities are also starting to take an interest. Last year the UN launched its “Pet Lab”, which had nothing to do with the welfare of domestic animals, but instead a forum for national statistical offices to find ways to share their data across borders while protecting the privacy of their citizens .
Jack Fitzsimons, founder of the UN Pet Lab, says: “Pets are one of the most important technologies of our generation. They have fundamentally changed the game, because they offer the promise that private data is only used for its intended purposes.”
The theoretical ideas on which pets are based are half a century old. In 1982, the Chinese computer scientist Andrew Yao asked the following question: is it possible for two millionaires to discover who is richer without either of them revealing how much they are worth? The counterintuitive answer is that yes, it is possible. The solution involves a process where the millionaires send packets of information between each other, using randomness to hide the exact numbers, but at the end of it both millionaires are satisfied that they know who is the richest, without either of them knowing anything. other details of the other’s wealth.
Yao’s “millionaire problem” was one of the founding ideas of a new field of cryptography—”secure multiparty computation”—in which computer scientists investigated how two or more parties could interact with each other in such a way that each party kept important information secret. and yet all were able to draw meaningful conclusions from their pooled data. This work led in the mid-1980s to a flurry of increasingly mind-boggling results, one of the most dazzling being the “zero-knowledge proof”, where it is possible for a person to prove to someone else that they have some secret information without revealing any information about it! For example, it allows you to prove that you have solved a sudoku without having to reveal any details about your solution. Zero-knowledge proofs involve a process, as with the millionaire’s problem, in which the prover sends and receives packets of information in which crucial details are obscured by randomness.
ONEnot another valuable instrument in the pet toolbox is “complete homomorphic encryption,” a magical procedure often called the holy grail of cryptography. It enables person A to encrypt a data set and give it to person B, who will run calculations on the encrypted data. These calculations give B a result, itself encrypted, which can only be decrypted when sent back to A. In other words, person B has performed analyzes on a data set while learning nothing about either the data or the result of their analyzes . (The principle is that certain abstract structures, or homomorphisms, are maintained during the encryption process.) When fully homomorphic encryption was first proposed in the 1970s, computer scientists were unsure that it would even be possible, and it was not until 2009 that the American Craig Gentry demonstrated how it could be done.
These three cutting-edge concepts—secure multiparty computation, zero-knowledge proof, and fully homomorphic encryption—are different ways in which data can be shared but not disclosed. In the 1980s, during the early years of research, cryptographers did not think that these innovations could have any practical use, largely because there were no obvious real-world problems for which they were a solution.
Times have changed. The world is full of data, and data privacy has become a hugely contentious political, ethical and legal issue. After half a century in which pets were essentially arcane academic games, they are now seen as a solution to one of the defining challenges of the digital world: how to keep sensitive data private while extracting value from that data.
The emergence of applications has driven the theory, which is now sufficiently well developed to be commercially viable. Microsoft, for example, uses fully homomorphic encryption when registering a new password: the password is encrypted and then sent to a server that checks whether the password is in a list of passwords that have been discovered by data breaches, without the server. to be able to identify your password. Meta, Google and Apple have also in the last year or so introduced similar tools to some of their products.
In addition to new cryptographic techniques, pets also include advances in computational statistics such as “differential privacy,” a 2006 idea where noise is added to results to preserve the privacy of individuals. This is useful in applications such as official statistics, where simple averages can reveal private information about people from minority groups.
Much of the recent investment in Pets has come from cryptocurrencies. Earlier this year, crypto exchange Coinbase spent more than $150 million to buy Unbound Security, a multi-party computing startup founded by Briton Nigel Smart, professor of cryptography at KU Leuven in Belgium. “In the blockchain space, multiparty computing is now everywhere,” he says. “In the last year, it’s gone from ‘will this work?’ to being standard.”
He believes Pets will eventually spread across the entire digital ecosystem. “This is the future. It’s not a fad. What this technology allows you to do is collaborate with people you wouldn’t have thought of collaborating with before, either because it was legally impossible to do so, or because it wasn’t in your business interest, since you would have disclosed information. This opens up new markets and applications, which we have only just begun to see. It’s like in the early days of the internet, no one knew what applications would come. We are in the same situation with Pets.
“I think it’s becoming more and more inherent. You see it everywhere. All data will eventually be computed with privacy-enhancing technology.”
The current uses for pets are niche, partly because the technology is so new, but also because many people are unaware of it. Earlier this year, the UK and US governments jointly launched a £1.3 million prize for companies to come up with ideas to “unleash the potential of pets to combat global societal challenges”.
Nevertheless, some applications are already having an effect, such as Callisto. DeTomasi says 10-15% of survivors who use the site have had hits, meaning their assailants have many victims. DeTomasi does not know the names of any survivors with matches, or the names of the assailants, since the system keeps them secret. (The “Rachel” mentioned in the introduction is an invented name for illustration purposes.)
However, DeTomasi says 90% of sexual assaults on college campuses are by serial offenders, who will commit an average of six times during the academic year. “So if we stop them after two times, we prevent 59% of assaults.” Callisto is currently available at 40 universities in the US, including Stanford, Yale, Notre Dame and Northwestern, and the plan is to roll it out to all universities. “It’s definitely necessary,” she adds, “and it definitely works.”
The Secret Life of Pets
Four of the most important privacyimprove technologies
Secure multi-party calculation
Allows two or more parties to compute their shared data, without either party revealing any of their private data.
Allows a person to prove to another person that they know something to be true, without revealing any information about how they know it to be true.
Fully homomorphic encryption
The so-called holy grail of cryptography, where it is possible to run analyzes on encrypted data without first decrypting it.
A way to add noise to data that preserves privacy.