SOC Type 2 Certified
888.4.NATNET
Facebook Twitter LinkIn Blog Instagram YouTube Google Plus
17
Sep
2015

Indistinguishability Obfuscation: The Future of Data Security

by Bill

Data Security is quickly becoming one of the most crucial challenges of modern life, and while current technologies offer only a patchwork of best practices and well-intentioned protocols, we are seeing reports far too often of sensitive data falling into the wrong hands. Now a glimmer of hope is getting some hype from security experts who believe, at least conceptually, that a real solution is possible.

In 2013 a couple different security experts posited a new kind of encryption that is now frequently referred to as “indistinguishability obfuscation,” or IO. It calls for the creation of a central hub of cryptography and a unified basis upon which software would reconstruct cryptographic tools like public keys and simultaneously secure their corresponding signatures. However, the pace of progress has been exceedingly slow, mostly because the process of using IO with existing technology would slow down every digital activity to a snails pace. In fact, obfuscating a program would presently add delays measured in lifetimes, not hours.

Those timelines are now being shortened rapidly by the work of leading IO experts. “As of right now it seems like there are no big limitations,” Amit Sahai, a computer scientist at the University of California, Los Angeles, told Quanta Magazine. “IO is powerful and can do almost anything we’ve ever wanted to do.” In fact, researchers believe now believe that if IO can be constructed in terms of certain simple mathematical assumptions, even a quantum computer would be unable to crack it.

How It Works:

Indistinguishability obfuscation utilizes two programs that compute the exact same output by different methods. As in the equivalent functions f(x) = x(a + b) and f(x) = ax + bx. For any set of the three inputs a, b and x each program yields the exact same result as the other, but arrives at the result by a different path. IO suggests it is possible to encrypt them both so that users cannot tell which version they are using at any moment even if given infinite resources and time to analyze the results.

The problem with the method is the time involved. “It probably takes hundreds of years to obfuscate and run a program,” Vinod Vaikuntanathan, a cryptographer at the Massachusetts Institute of Technology who has been heavily involved in IO research explained to Quanta. “When it becomes that ridiculous you stop caring about the exact numbers.”

That estimate is now evaporating thanks to work being done by computer scientists like Allison Bishop, of Columbia University, who showed IO could be segmented into a series of much smaller more practical steps. The details of IO and the progress being made are detailed exquisitely in the Quanta Magazine article, which many may find well worth the time to read.

For our purposes, the real point here is that while data security may be fundamentally flawed at the moment, so is the viewpoint that it will ‘always remain that way.’ Many of the world’s brightest minds are working to restore privacy in a suitable way during the digital age, and these are the kind of people who can calculate their odds of success with precise accuracy, so the fact that they continue to pursue IO gives us all reason to believe in the near future your data will be more secure online than it ever was offline eventually.

Share and Enjoy
  • Print
  • Facebook
  • Twitter
  • Add to favorites
  • RSS
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
NationalNet, Inc., Internet - Web Hosting, Marietta, GA
Apache Linux MySQL Cisco CPanel Intel Wowza