Venyu Blog

Now this is what I call the ultimate in data encryption.

In the interest of trying to maintain a balance between hard news and assorted points-of-view on all things data related, now and then I find something that’s so unusual but so innovative and thought-provoking that I have to share it with my constant readers, er, followers. Stick with me on this. I promise it will be worth the trip.

In this posting on New Scientist.com entitled “Keeping a lid on your digital DNA,” the author —Jacob Aron — reports on the efforts of one Emiliano De Cristofaro at the University of California, Irvine. Seems Cristofaro and his team have produced a cryptographic technique that lets you hand over genetic information for testing while still keeping your genome private.

The outcome would mean genetic sequencing will enable almost anyone to have a digital copy of their own genome. In fact, states Aron, in the decade or so since researchers first sequenced the human genome, the cost of doing so has fallen from a hundred million dollars to a few thousand. Consumer software that can do anything from testing your genetic compatibility with a partner to solving paternity disputes won’t be far behind.

As Aron suggests, that also means someone could hack into your hard drive or mobile device and gain access to it. “If you thought having your email hacked was bad,” writes Aron, “wait until digital ne’er-do-well makes off with the information they need for a paternity test. While it would not be difficult to encrypt your DNA details to prevent them from getting into the wrong hands, decrypting the data if you wanted to be tested is an altogether different kettle of fish.

That’s where Cristofaro’s technique comes in. Using a method called homomorphic encryption allows you to analyze encrypted data and then decrypt the result to give the same answer as would come from analyzing the unencrypted data. This would essentially mean someone could examine a digital genome without ever seeing its contents.

The only problem is that this would require a whole genome to be analyzed, and homomorphic encryption is slow in dealing with large amounts of data – a full genome weighs in at around 3 gigabytes. De Cristofaro estimates that comparing two genomes in this way would take about 10 days.

To speed things up, the team has harnessed some of the tricks used in genetic testing. For example, a technique called RFLP uses enzymes to cut DNA strands anywhere a particular sequence appears. This produces fragments of varying length, the comparison of which gives the result of the test. The researchers replicated this method digitally and were able to perform a secure digital paternity test in a fraction of a second – even when running the software on a Nokia N900 smartphone. This means genetic apps can’t be far off, De Cristofaro says.

“Anyone could have their DNA sequenced and carry it on a portable device,” says Juan Troncoso-Pastoriza of the University of Vigo in Spain, who previously developed a way to securely search for short strings of DNA.

Maybe I’m looking down the road apiece but imagine a day when encrypted data could only be decrypted through extraction of a user’s DNA so that even if your digital identity is stolen via a flash drive, it’s absolutely unreadable because the thief doesn’t have your DNA. And trust me, if he’s stealing it I don’t think he’s going to stop and ask for a strand of your hair.

As  I said at the outset, this methodology could, over time, prove to be the ultimate end game for true, absolute, unequivocal and unconditional defacto data encryption, bar none.