Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Encryption Bitcoin

MIT's Bitcoin-Inspired 'Enigma' Lets Computers Mine Encrypted Data 46

Guy Zyskind, Oz Nathan, and the MIT Media Lab have developed a system to encrypt data in a way that it can still be shared and used without being decrypted. "To keep track of who owns what data—and where any given data’s pieces have been distributed—Enigma stores that metadata in the bitcoin blockchain, the unforgeable record of messages copied to thousands of computers to prevent counterfeit and fraud in the bitcoin economy." Enigma needs a fairly large base of users to operate securely, so its creators have proposed requiring a fee for anyone who wants data processed in this way. That fee would then be split among the users doing the processing. Those with encrypted datasets on the Enigma network could also sell access to datamining operations without letting the miners see the unencrypted data.
This discussion has been archived. No new comments can be posted.

MIT's Bitcoin-Inspired 'Enigma' Lets Computers Mine Encrypted Data

Comments Filter:
  • by Anonymous Coward

    A similar system was used to create this planet.

  • Hmm... (Score:2, Informative)

    by Anonymous Coward

    Kind of confusing summary? If I'm reading the article correctly...

    They found a way to distribute a computationally expensive technique known as homomorphic encryption using some of the technology we already use with bitcoins. The homomorphic encryption technique itself allows you to perform calculations on/with encrypted data without ever decrypting it.

    • by Anonymous Coward

      Kind of confusing summary? If I'm reading the article correctly...

      They found a way to distribute a computationally expensive technique known as homomorphic encryption using some of the technology we already use with bitcoins. The homomorphic encryption technique itself allows you to perform calculations on/with encrypted data without ever decrypting it.

      So, it's an "encryption" technique by where you use data without ever decrypting it.

      And you thought the summary was confusing?

    • by Lennie ( 16154 )

      Homomorphic encryption isn't new at all.

      It's just that we used to think it's uselessly slow. I believe it was in the millions times slower than a normal application without this kind of encryption.

      But in more recent years people have been able to build practical systems with it by mixing different kinds and more specialized forms of encryption:
      https://www.youtube.com/watch?... [youtube.com]

      There are companies that also build products: Cloud Encryption Gateways

      But I doubt that really solves the problem, if the application

  • by michelcolman ( 1208008 ) on Wednesday July 01, 2015 @06:22AM (#50024347)

    The blockchain is already close to 40 GB in size, and now people want to store all sorts of other data (or metadata) in it. I can see this getting out of hand rather quickly.

    Miners won't be able to store the entire chain anymore, so only a few archival nodes will still have it. Just how secure and accessible will your metadata be then?

    • by SLi ( 132609 ) on Wednesday July 01, 2015 @07:08AM (#50024433)

      Then configure your miners to not accept these transactions.

      Essentially the blockchain is exactly this: A way to record information in an unforgeable way, for a fee to the miner. Bitcoin works, and the only way it can work, is by being a system that behaves in a desired way when each player maximizes their own benefit. (To a small extent this can be affected in a centralized fashion because the community can develop the reference implementation to a desired direction, but that may or may not turn to be anathema and may or may not be a powerful enough tool.)

      True, blockchain bloat causes problems, and it's a limited resource. The bitcoin solution is to sell the space to the highest bidder, because generally that maximizes the seller's benefit. In a sense, someone saying "that's not what the blockchain is for" is very similar to someone complaining that people are using lithium to make these stupid batteries, driving its price up, and "that's not what lithium is for".

      Whether Bitcoin can survive all the technical challenges in the long term is not at all obvious. For all we know, it might be that the entire model is game-theoretically self-destructive if analyzed thoroughly enough. In fact, it has provided quite a few surprises where the incentives have turned out to be something different than anticipated, causing weird scenarios where e.g. in some situations it's advantageous for a miner to not immediately report a found block. So far none of these have been such that they would cause a death spiral, but that's far from a given. (Arvind Narayanan's blog posts on the topic are quite insightful; you might want to start from https://freedom-to-tinker.com/... [freedom-to-tinker.com]).

      • The bitcoin solution is to sell the space to the highest bidder

        'A', not 'the'. Sidechains are a much better bitcoin approach (the blockchain need only record the entry and exit points). Marc Andresson's company has been working on just this for a year or more.

    • by delt0r ( 999393 )
      I have 10T of personal disk space right now at home for nothing more than the crap i can't be bothered deleting. How is 40GB even considered a lot? Do you think visa transaction history fits in 40GB?
  • by circletimessquare ( 444983 ) <circletimessquare.gmail@com> on Wednesday July 01, 2015 @06:51AM (#50024397) Homepage Journal

    Ultra?

    I'm joking of course but considering the historical significance of the name Enigma as a cypher that was spectacularly hacked to divulge crucial war secrets, it might not have been the best PR to call their project that name.

    Rename.

    • by guruevi ( 827432 )

      Some Engima messages have thus far been undecrypted. Enigma was an awesome encryption tool and in theory (especially at the time) unhackable. The issue came in, as most/all encryption systems are vulnerable to the famous PEBKAC. A device was stolen/recovered by the allies allowing for the discovery of it's mechanism which was based around a one-time-pad rotating ciphers every so often (it would be similar to getting your hands on the source code of the algorithm of more modern encryptions and the rotating k

      • you can't claim a system is excellent while at the same time enumerating its major failures. of course an inside man or inside knowledge can do major damage to any system, but a truly robust system would safeguard against user carelessness and there would be ways to identify sabotage or major breaches and adjust around the damage. enigma was a brittle system where all of the failures you list were inevitable and foreseeable. and no plans, or weak late plans, were made for the inevitable and foreseeable

        • by guruevi ( 827432 )

          But that is the case with any security project. You cannot keep the stupid from doing stupid things and they're the weakest link. Only by removing THEM do you remove the threats to any security system.

          If your private keys are compromised, would you keep using them? Some in this world think it would be acceptable simply because the cost of replacement ($25-150 for a new certificate). Eventually the PHB's take over a perfectly working project and cause it to be declared insecure.

          • there's identifying and knowing your weaknesses, planning for them, and failing over swiftly and gracefully

            then there's not doing a damn thing about the weaknesses, and using the same damn set up forever

            also, we're not talking about exchanging product keys for cracked software. we're talking about a system used in a wold war where thousands of lives and the prestige of nations depended upon a good implementation plan

  • The proposed applications are rather incoherent. Claiming that something is 'encrypted' while it is also possible to data-mine is nonsense. A real homomorphic encryption scheme would only allow the owner of the encrypted data (i.e. the party that knows the encryption key) to decrypt the results, definitely not some third party. How these folks make the leap from 'homomorphic encryption' (which they don't even have) to 'secure, privacy-preserving data mining' is less than clear. I call BS.
    • Sorry, but this time you're just wrong without stipulation. The whole point of homomorphic encryption and computation is the computor never has the key and the data is never decrypted. It remains encrypted throughout the computation.

      They are doing this and then they're also doing a second thing, distributing the computation which is an ortho. concern to the homomorphic encryption and computation, in theory at least, if not in this implementation.

      Homomorphic encryption is counter-intutitve to most of us. I h

      • by ACE209 ( 1067276 )

        I think the original poster meant that doing operations on encrypted data is something else than data-mining.

        For data-mining you need to know the data. But the point here is that actually the one doing the operations does never see the results.

        How can you data-mine that?

        • Datamining is just a computation, an arbitrary computation. It has input value(s) and an algorithm which depends on computed intermediate values and finally an output(s). There is nothing special about the data that datamining works on which differentiates it from any other kind of data within that framework I described. This is the wonder of homomorphic encryption. It DOES let you do aribitrary computation without decrypting the data.

          That's not the same as doing arbitrary computation on data whose general

          • by ACE209 ( 1067276 )
            Still can't wrap my head around that.

            The one applying the data-mining computations will still not see the result, because it is still encrypted.

            or can you do some forms of statistical analysis on the encrypted data, which gets unencrypted results?
    • by guruevi ( 827432 )

      Perhaps they meant that the data is available but it's origin isn't. So you can safely publish your customer data for analysis because (in theory) the data source is anonymized.

      Homomorphic encryption is a pipe dream thus far.

  • by doug141 ( 863552 ) on Wednesday July 01, 2015 @09:42AM (#50025137)

    Bitcoin already uses 5000 times the energy visa does to record a financial single transaction. If parasites learn to use the bitcoin network for their own computations, that will get even worse.
    http://motherboard.vice.com/re... [vice.com]

    • Bitcoin already uses 5000 times the energy visa does to record a financial single transaction. If parasites learn to use the bitcoin network for their own computations, that will get even worse. http://motherboard.vice.com/re... [vice.com]

      The cited study is flawed as it doesn't account for the massive investment in call centers, offices, employees, auditors, and regulators that are needed to sustain the VISA payment rails network and the massive energy use and environmental impact those variables demand.

      • by doug141 ( 863552 )

        The cited study is flawed as it doesn't account for the massive investment in call centers, offices, employees, auditors, and regulators that are needed to sustain the VISA payment rails network and the massive energy use and environmental impact those variables demand.

        That is insightful.

        • That is insightful.

          Thank you. Despite bitcoin being more efficient than traditional payment rails networks, there is some truth to what the article you mention is possibly alluding to. Decentralized network security is indeed expensive and much more costly than a few shared database ledgers. This is especially true for bitcoin at the moment with only 118k transactions per day and the massive overhead being spent to secure those transactions. There are two important reasons for this one must consider:

          1) Bitcoin having a marke

      • Yeah but your counter argument doesn't account for the sheer scale of what VISA and the banking system do compared to Bitcoin. OK the banking system uses more electricity, but what is the amortized cost on a per transaction basis? That's the question. Accoring to TFA the answer is VISA is HUGELY more environmentally friendly and cost effective than Bitcoin and, and this is the point, always will be because by design Bitcoin makes it harder to obtain coins depending on how much processing power (energy) is

        • Yeah but your counter argument doesn't account for the sheer scale of what VISA and the banking system do compared to Bitcoin. OK the banking system uses more electricity, but what is the amortized cost on a per transaction basis? That's the question. Accoring to TFA the answer is VISA is HUGELY more environmentally friendly and cost effective than Bitcoin and, and this is the point, always will be because by design Bitcoin makes it harder to obtain coins depending on how much processing power (energy) is being expended to obtain those coins at any given time.

          http://motherboard.vice.com/re... [vice.com]

          If all bitcoin machines went solar however, then we might have a different outcome. The practicalities of that, given that Bitcoin assumes distribution of computing power, are not in Bitcoin's favor either.

          Proof of work through ASICs is a very good security mechanism as attackers must spend real money on machines and electricty to attack the network and create 2-3 double spends before being caught and shutdown, but not the only method.

          Already there are inter-channel payment protocols (https://lightning.network/lightning-network-paper-DRAFT-0.5.pdf and http://impulse.is/impulse.pdf [impulse.is] are two examples among many) and off the chain transactions (Coinbase/circle/changetip are a few examples where there is no fee

  • "..on different nodes, and
    they compute functions together without leaking information to other nodes. Specifically, no single
    party ever has access to data in its entirety; instead, every party has a meaningless (i.e., seemingly
    random) piece of it."

    Because there is no Naurus node in ay ATT room anywhere sucking up all internet traffic, duplicating it and sending it off to the NSA before sending it to its intended destination.

    Don't get me wrong; the blockchain is fascinating and makes possible very interestin

There are worse things in life than death. Have you ever spent an evening with an insurance salesman? -- Woody Allen

Working...