Discussion in 'privacy technology' started by ronjor, Apr 7, 2012.
Interesting article, thanks. It seems to me that anyone wanting to store sensitive data in a non-private cloud would want to make use of opportunities to encrypt that data and protect it from others. Thing is, you can't truly protect it from the cloud provider can you?
I'd say unless it's authenticated and encrypted (i.e., AES-CTR-then-AES-CMAC) before you send it to the cloud, there's no guarantee; if you choose to let them encrypt it, and hold the keys, you're ultimately trusting their morals, which may be loose enough to place your security and privacy on a much lower rung than you would.
Do you think that homomorphic encryption will be practical within a decade or so?
From Craig Gentry's 2009 thesis:
an opensource homomorphic encryption implementation
I'm not sure, to be honest, but even if that's the case, I don't know how much we will have progressed key management-wise. I'd say key management is much more of a headache to get right than homomorphic encryption is to make practical. Nonetheless, it's pretty awesome.