Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Encryption Scheme Could Protect Your Genome

samzenpus posted about 8 months ago | from the keep-your-eyes-off-my-genes dept.

Medicine 78

sciencehabit writes "As the cost of genetic sequencing plummets, experts believe our genomes will help doctors detect diseases and save lives. But not all of us are comfortable releasing our biological blueprints into the world. Now cryptologists are perfecting a new privacy tool that turns genetic information into a secure yet functional format. Called homomorphic encryption, the method could help keep genomes private even as genetic testing shifts to cheap online cloud services."

Sorry! There are no comments related to the filter you selected.

New? (3, Informative)

jbmartin6 (1232050) | about 8 months ago | (#46270665)

This isn't new [wikipedia.org] , although the application with gene sequencing might be.

Re:New? (1)

StripedCow (776465) | about 8 months ago | (#46270693)

However, I suspect that every new application requires the method to be applied differently. Also, for every new application, other attack vectors might be possible so it is crucial to sort these out. Just thinking.

Re:New? (1)

buswolley (591500) | about 8 months ago | (#46270797)

Can I encrypt it in my own body? If not what is the point. I leave cells everywhere.

exactly how long would it take to die, and how? (2)

Thud457 (234763) | about 8 months ago | (#46270865)

That requires a mitochondria upgrade at extra charge. Or else you might experience complications.

Re:exactly how long would it take to die, and how? (1)

Jamie Ian Macgregor (3389757) | about 8 months ago | (#46273039)

and don't forget your key.

Re:New? (1)

Immerman (2627577) | about 8 months ago | (#46271707)

It doesn't protect you from that hot blond taking a strand of your hair to the local gene-scan station before going on a second date, but it does mean that the guy that hacked the NIH genetic database won't get the DNA of 400,000,000 people in one fell swoop. Though of course it probably also means that the NIH database will require thousands of times the storage capacity since de-duplication can't be applied to the massive genetic overlap between individuals.

And the nosy blond could be mostly stymied by laws requiring consent of the sampled individual, banning privately owned gene sequencers without a license and security check, etc.

Re:New? (1)

tragedy (27079) | about 8 months ago | (#46273037)

Though of course it probably also means that the NIH database will require thousands of times the storage capacity since de-duplication can't be applied to the massive genetic overlap between individuals.

The human genome is what? About 1.5 Gigabytes? That's a lot of data, but far from unmanageable. Store two copies for redundancy and you have 3 Gigabytes. Let's round down a bit and say you can get 600 people's DNA onto 2 TB worth of drives. Let's say you pay $120 per terabyte, then you're paying 20 cents per patient for two copies. Of course, this will be enterprise class storage for medical purposes, so let's say $4 per patient. Not exactly bank-breaking. Anyway, you haven't presented any good reason why you couldn't compress based on the parts of the genome that everyone has in common when you create the sequence in the first place, bringing the costs down to a few cents per patient for storage. Just because the sequences are all stored encrypted doesn't mean you couldn't apply such compression. The homomorphic calculations required might become more difficult because of it, but there's no evidence of that yet.

Of course, this is all moot since this is an article about a commercial company trying to sell a solution to a problem no-one has. The simple fact is, there's no rational reason to send out DNA from a set of servers for testing. Just do it locally. None of the tests you're going to want to do on it are all that computationally expensive (unless you're performing them on homomorphically encrypted data). If you need it encrypted on the local machine for patient privacy, then encrypt it, but have a local medical appliance where you can download it, decrypt it, then display results. Buld the appliance with no network functionality except through a custom one-way (except for control signals for error correction, etc.) port. Seriously, what would ever be the reason to have to send out data to a "lab" for results as if it were a biological sample?

If you were going to build an appliance for something like this, there's also no good reason it couldn't be a cheap device the patient keeps for themselves with 8 GB of storage and a cheap processor and a cheap screen and a some way to download analysis programs and upload results for those so inclined. Something like that could be made for mass production for $50 a piece. Well, I suppose the "good" reason would be that it would be considered a medical device and would have to be more like $5000 per unit. So scratch that idea.

In any case, it's not as if this scheme actually would be secure. Attacks have already been demonstrated on such encryption methods that could reveal details about the data being processed. Also, the results of all relevant medical information from the DNA would likely be pretty personally identifying anyway, and would need to be read out somewhere. Unless you really did have a special appliance for readout of results, the system could be easily compromised by any determined party.

Re:New? (1)

pepty (1976012) | about 8 months ago | (#46273601)

Researchers realized that the complex algorithms used during genetic tests could be closely approximated by the two basic mathematical operations. Lattice cryptology enabled homomorphic encryption, allowing computers to analyze encrypted data and return encrypted results without ever being able to decode the information.

I can't see how it would be very useful for actual genetic research either, since researchers generally need the decoded information as well as personal and family medical history when interpreting the results. The 10^9 higher computational overhead would also be a huge problem in research since, unlike a medical test where you know a pattern and are just trying to find out whether a single sample matches it, you are instead trying to find patterns shared by a group of genomes associated with a similar medical problem but which are otherwise infrequent.

Re:New? (1)

Immerman (2627577) | about 8 months ago | (#46273855)

I think the idea is mainly that you don't want to have to completely resequence your genome every time you want to test for something new - after all we could be discovering new medically-relevant genetic properties for centuries, and the company doing the sequencing doesn't necessarily know or care about every potentially interesting finding, so you keep it on file somewhere. If costs continue to follow the current trend the first factor will likely only be an issue for a decade or two, before the price drops so far that collecting the sample is more expensive than analyzing it, but then radical exponential changes have a tendency to run into unexpected brick walls which may or may not be surmountable. Meanwhile local analysis by your doctor is unrealistic unless there's some handy-dandy "insert DNA and standardized analysis parameters" software available - which would absolutely be the sane thing to do, but then so would having all cars on the planet using only one of 5 models of alternator. I'll believe it will happen when I actually see it.

I would agree that the ideal situation, if sequencing your complete DNA falls to trivial cost, would likely be to simply do the full sequencing and analysis on the same machine, and never let the raw DNA data leave the machine at all. Especially if your doctor can order up tests for arbitrary "cutting edge" genetic markers that might be relevant to your case rather than just selecting from a list of available options.

As for data-size, that was mainly just an aside acknowledging one of the potential costs of encryption - I would presume that if you're using homomorphic encryption then you don't want to deal with decompressing 1.5GB of encrypted data while under the influence of the extreme computational amplification just to examine a handful of bits. Not when 1.5GB of storage space is so cheap. In fact if you were doing anything more sophisticated then you probably want to store your encrypted data in as close to the optimal processing format as reasonably possible, even if it increases data size considerably. Not to mention I believe the article said they had managed something like a thousandfold performance increase by severely restricting the available homomorphic operations, which might well make decompression impossible. 0.2 seconds to perform a single risk-factor check is one thing, 200 seconds times every risk factor you want to look for could add up really fast.

Re:New? (1)

tragedy (27079) | about 8 months ago | (#46274057)

I think what they're really trying to sell in this article is saving everyone's data in a central repository where everyone's DNA could be mined for data without compromising their privacy. That's effectively impossible. The only way to do it would be to perform operations that examine the entire database to produce a sigle result. The required computing power/time would be astronomical under this model. Pretty much every other way of doing it allows you to narrow down a particular patients DNA and extract all kinds of identifying information. Enough, for example, for a three letter agency to compare against a sample of DNA they have on hand. Really, you can either make the system too difficult to do anything practical with and secure, or you can make it useful and insecure. Anything else is just a pipe dream or snake oil.

Re:New? (1)

Immerman (2627577) | about 8 months ago | (#46274173)

Sounds like a good sales pitch, but how would homomorphic encryption enable such an anonymous data-mining paradise? As I understand it such encryption allows you to process the data without decrypting it, but the results are themselves encrypted with the same key. And if you have the key to access the results then you don't need the ability to process data without decrypting it.

I would assume that each DNA record has it's own key (otherwise it kind of defeats the point), and that you can't mix the processing of data encrypted with different keys. Granted those two I'm just not seeing any way that an encrypted DNA database would be useful as anything but a giant encrypted back-up. Unless of course some three-letter agency arranged for a back-door in the encryption algorithm.

Also, on further reflection I think compression would in fact be necessary for secure encryption, probably starting with converting every DNA sequence to a diff from some standardized reference - otherwise you've got a database full of encrypted data where you know what 99.8% of the unencrypted data in each file is. Forget the 500x increase in necessary storage capacity, that's *got* to open a few gaping attack vectors.

Re:New? (1)

tragedy (27079) | about 8 months ago | (#46282711)

Sounds like a good sales pitch, but how would homomorphic encryption enable such an anonymous data-mining paradise?

Well partly by being effectively backdoored from the start. It seems unrealistic to believe there wouldn't be some sort of backdoor from the start to fix things when they break in the large, complex, inpenetrable data set. After things are pretty stable, the developers will be reluctant to get rid of the back door because of the large number of times they would have had to rebuild entirely from scratch if they didn't have the back door, and it will hang around forever. Mostly, however, there's the simple fact that, for it to be useful, the data has to come out somewhere. Like the front ends of pretty much every otherwise ironclad security system this well not only be completely vulnerable, but people will say: "There's all this useful data in here for research/marketing/random number seeds for bingo, and it's completely secure, so let's mine the data."

Also, on further reflection I think compression would in fact be necessary for secure encryption, probably starting with converting every DNA sequence to a diff from some standardized reference - otherwise you've got a database full of encrypted data where you know what 99.8% of the unencrypted data in each file is. Forget the 500x increase in necessary storage capacity, that's *got* to open a few gaping attack vectors.

A very good point. And a very big problem. The majority of the genome, everyone shares with each other. But there's plenty of stuff in there that exists in say 5% of the population. Unless you actually have an open database of patient data that you can mine to determine the majority of unique sequences out there, then even the heavily compressed version is still going to be full of duplicate sequences that exist in relatively small percentages of the population and overlapping with other sequences that are also duplicated across a small percentage of the population, etc.

Re:New? (1)

Immerman (2627577) | about 8 months ago | (#46286091)

Why would an honest individual put in a back door in the encryption for "testing"? Just test with data you have the key to. Much simpler and doesn't inherently undermine the integrity of the system you're building. And how can things "break" within an immutable data file? When's the last time you saw a "broken" bitmap or text file that wasn't due to either a failed creation (probably not worth fixing), or corruption of the transmission or storage medium that can be solved with an error-correcting wrapper around the securely encrypted data?

Honestly, I don't see overlap within a subset of the individual genetic data as being a problem, you just need to make sure there's enough variation in the data that the known contents don't poison the encryption and allow nefarious access to the rest. Storage is cheap - your entire uncompressed DNA sequence is only about 1.5GB - less than $0.15 worth of storage space on an overpriced consumer drive. Remove 99.8% of that by diffing with a reference source and you're down to only 3MB per person.

Re:New? (1)

tragedy (27079) | about 8 months ago | (#46292243)

Why would an honest individual put in a back door in the encryption for "testing"? Just test with data you have the key to.

It doesn't take a dishonest individual. It's just fairly typical in such situations. It depends on who's actually in charge and if they run into problems.

Consider that the US nuclear launch codes were 00000000 for two decades. Consider that something like 30 billion dollars a day is spent in credit/debit card transactions based using a system with effectively _no_ security. Consider the failing grade nearly all large organizations receive pretty much every time they are audited for security. Even when their job is security, most organizations end up using short-term pragmatist modes of thought, and wait until things break before they fix it.

And how can things "break" within an immutable data file?

When it's new and not fully understood and the problems that will crop up when it's massively scaled haven't ben encountered yet and the code is new and buggy.

When's the last time you saw a "broken" bitmap or text file that wasn't due to either a failed creation (probably not worth fixing), or corruption of the transmission or storage medium that can be solved with an error-correcting wrapper around the securely encrypted data?

About 9 hours ago. Technically the file was undamaged, just transformed in way that's normal for the software, but it was still unreadable because the metadata regarding that file in a database disagreed about what transformations it had gone through. Something did go wrong, but it wasn't due to failed creation or corruption during transmission or storage. It was a bug that the file and the database were allowed to be in disagreement, but these things happen when the software isn't infallible.

Honestly, I don't see overlap within a subset of the individual genetic data as being a problem, you just need to make sure there's enough variation in the data that the known contents don't poison the encryption and allow nefarious access to the rest.

Might be, might not be. Depends on other conditions. For example: Someone does a study on an ethnic group that effectively all have certain genetic details in common and, after the study is done, the sequences from that group get added to the broader collection in one big dump. That very well may be exploitable and lead to other opportunities.

Maybe I'm being way too pessimistic. I've just been disappointed far too many times by the intersection of systems that should be secure with politics/greed/stupidity/arrogance/carelessness and other aspects of reality.

Re:New? (1)

Immerman (2627577) | about 8 months ago | (#46292955)

Okay, yeah editing is an issue as well, but not one relevant to archives of immutable data.

Fair point about data dumps from focused studies, I'm sure some of them would indeed contain common elements that could open an attack vector, though I don't know how big a vector a few known bits in a 3MB file would actually make. Certainly nothing like having 99.8% be known. It probably wouldn't be racial studies that do it though, IIRC there's not actually any well-defined racial boundaries from a genetic perspective - there's not even one single solitary gene shared by most black people that isn't also present in a lot of whites and asians (and vice-versa), we just travel and intermix too much. It only takes one person with a bad case of wanderlust a thousand years ago to introduce a gene into a large portion of an otherwise isolated population.

Yeah, I can't argue against the incompetence card. In fact that's why I think homomorphic encryption could be a wonderful thing for genetics - it means that the sequenced DNA need never be stored in plaintext anywhere outside the sequencing machine, not even in volatile memory while being analyzed. There's still the risk that someone gets their hands on both the key and data, but a single "never, ever keep these two things in the same place" security rule would go a long way towards protecting against that, and has at least a chance of being followed.

Hmm, an extreme yet convenient solution: your doctor is the only one who has the key, and the genetic analysis lab is the only one that has the data. And both have serious patient confidentiality laws encouraging them to keep them secure. After all there's no need for either party to ever have the other information. Doc could give the lab only the public encryption key, and she only ever receives the final results of an analysis that only she, with the private key, can access. The encryption might not be perfectly secure, but it's a bajillion times better than having medical professionals ever dealing with your plaintext DNA file. It also reduces the risk that anyone is ever tempted to get nosy - unless there's a conspiracy the lab tech will never know the results of the analysis he initiates and the lab can keep the oversight committee informed about exactly what tests Doc has been requesting.

Re:New? (1)

tragedy (27079) | about 8 months ago | (#46312211)

Okay, yeah editing is an issue as well, but not one relevant to archives of immutable data.

True, but I'm not as confident as you that early versions of this will actually allow for immutable data. Avoiding all bugs that might require things to be re-encoded is a monumental task. Maybe they could pull it off. I would be truly, truly impressed.

It probably wouldn't be racial studies that do it though, IIRC there's not actually any well-defined racial boundaries from a genetic perspective - there's not even one single solitary gene shared by most black people that isn't also present in a lot of whites and asians (and vice-versa), we just travel and intermix too much. It only takes one person with a bad case of wanderlust a thousand years ago to introduce a gene into a large portion of an otherwise isolated population.

True. It depends a bit on the groups. Island populations, for example. Specific studies on people with a particular medical condition with a genetic link might be better example than people with particular ethnicities.

Yeah, I can't argue against the incompetence card. In fact that's why I think homomorphic encryption could be a wonderful thing for genetics - it means that the sequenced DNA need never be stored in plaintext anywhere outside the sequencing machine, not even in volatile memory while being analyzed. There's still the risk that someone gets their hands on both the key and data, but a single "never, ever keep these two things in the same place" security rule would go a long way towards protecting against that, and has at least a chance of being followed.

That is true. I think something like that could be accomplished without a method that makes calculations millions of times slower at best, however. I wish them the best of luck in developing these methods however. There might be potential in these methods in other fields, such as secure crypto-currencies, etc.

Re:New? (1)

Immerman (2627577) | about 8 months ago | (#46312857)

What is there to go fixably wrong? You sequence the DNA to a 1.5GB file - if there's any problem in that stage you're hosed already. Then you do a binary diff to your reference sequence - that's a pretty thoroughly mature technology. Then you encrypt it - again, any problems = you're hosed. And if we're working on the assumption that the lab has no access to the data once it leaves the sequencer as a 3MB encrypted file then they would be hard-pressed to fix anything in the data anyway, at most they could reformat it into something more efficient to process, but that would seem a risky undertaking when you have no access the data to verify that you didn't just hose things completely.

Besides, if re-sequencing from scratch is cheap then there's no particular reason to keep the data around for extended periods, you're really just making sure the data and key are stored in independent locations until all desired analysis has been performed. The only reason I can think of for long-term storage is as something like a police database, and if the data is secure that's useless - it's not like you can sequence some DNA from a crime scene and then go looking for a matching sequence in the database - it would have to also be encrypted with the same key as the original in order to find a match.

I too would prefer something that didn't make calculations millions of times slower, but that's the purist engineer in me. From a practical standpoint if 99% of the use cases amount to "do these few bytes match" tests that can be done in a fraction of a second despite that handicap, then you're paying a pretty small price for a huge leap in security. It might not be suitable for research and other specialty purposes, but there's no reason researchers need follow the same protocol - the lab can send the encrypted sequence to the researchers, who then decrypt it with their key and handle their own security as they see fit. This would just be a way to make sure that the vast bulk of sequencing done for routine medical tests don't run the risk of publishing patients DNA.

Re:New? (1)

tragedy (27079) | about 8 months ago | (#46314247)

What is there to go fixably wrong? You sequence the DNA to a 1.5GB file - if there's any problem in that stage you're hosed already. Then you do a binary diff to your reference sequence - thWhat is there to go fixably wrong? You sequence the DNA to a 1.5GB file - if there's any problem in that stage you're hosed already. Then you do a binary diff to your reference sequence - that's a pretty thoroughly mature technology. Then you encrypt it - again, any problems = you're hosed. And if we're working on the assumption that the lab has no access to the data once it leaves the sequencer as a 3MB encrypted file then they would be hard-pressed to fix anything in the data anyway, at most they could reformat it into something more efficient to process, but that would seem a risky undertaking when you have no access the data to verify that you didn't just hose things completely.at's a pretty thoroughly mature technology. Then you encrypt it - again, any problems = you're hosed. And if we're working on the assumption that the lab has no access to the data once it leaves the sequencer as a 3MB encrypted file then they would be hard-pressed to fix anything in the data anyway, at most they could reformat it into something more efficient to process, but that would seem a risky undertaking when you have no access the data to verify that you didn't just hose things completely.

Well that's pretty much the point. If the model of the system is so secure that you're hosed if anything at all goes wrong, most people are going to hedge their bets by putting in a back door so they can try to fix things. When you're going to have to tell your clients to redo millions of dollars of really expensive data entry if anything goes wrong, you're going to be under a fair amount of pressure to make sure that doesn't happen. One way to do that is to secretly break your security model. It happens all the time.

Agree on all the rest, I just have a lot of faith in human nature. I was just looking at my showerhead. It has a swiveling plastic ball joint through which water flows. Past that ball joint is a hook arrangement the showerhead hangs on, then a flexible hose leading to the showerhead. I've had more than one showerhead with this basic design and the ball joints tend to wear out and start spraying water around. The thing is, the swiveling joint swivels so that you can position the showerhead when it's hanging up, but the water goes from that ball joint to a flexible hose so that you can detach the showerhead. The ball joint isn't completely pointless in the design, but having the joint carry water is pointless. So, it's either very poorly thought out by someone who should know better, or intentionally designed that way to ensure that it doesn't last too long and you'll buy another one. Either way, that just helps bolster my faith in human nature... also, I really need to be the one to pick a showerhead the next time one wears out.

Re:New? (1)

Immerman (2627577) | about 8 months ago | (#46314603)

I wish I could argue against your faith, but I've seen too many examples myself.

Think of this though - who is the customer for the DNA lab? Individual citizens on doctor's orders. And what exactly happens today if it turns out that there was a problem/something really unexpected with the last set of tests? Seems like mostly Doc sends you to get them done again. As long as that doesn't change with sequencing neither Doc nor the lab has much incentive to have the records around indefinitely, especially if a fresh sequencing only costs a few tens of dollars (billed rates may vary)

I would agree with you on the convenience of a back door if you were doing something sophisticated, where data might get shuffled around and reprocessed in multiple ways, but I just don't see any reason why you would want to do such a thing for DNA. Settle on a nice simple format for the data, create a validator to ensure your sequencer is in fact conforming to your well-defined format, and wrap the encrypted result in a nice error-correcting wrapper to fix any bit-rot. Then run a whole bunch of data though the system with your own encryption keys to make sure everything works properly. Finally erase each file within a year for "added patient privacy" and "lack of data retention capacity" so that patient X needs to get resequenced from scratch if there's anything further to be examined later.

Also, from a less cynical perspective, there's no reason to assume the sequencing machine is built by the lab using it. It wouldn't be terribly difficult to require machine makers to use a nice secure non-backdoored encryption scheme. It wouldn't stop the lab from sequencing the DNA with their own key and then "trans-crypting" it with the patient key once they have their "black file" copy, but that's something that adds complexity and clear intent (with the associated liability exposure), and fear and laziness are pretty good human motivators as well.

Re:New? (0)

Anonymous Coward | about 8 months ago | (#46270801)

It's not new for genomic privacy either, I've first heard of it this summer.

Your mom's homomorphic (0)

Anonymous Coward | about 8 months ago | (#46270667)

So there.

People still care about slashdot? (0)

Anonymous Coward | about 8 months ago | (#46270687)

http://soylentnews.org [soylentnews.org]

Re:People still care about slashdot? (1)

phantomfive (622387) | about 8 months ago | (#46270753)

Sadly, the story selection on that site is even worse than on slashdot.......

Re:People still care about slashdot? (1)

davester666 (731373) | about 8 months ago | (#46272933)

they put out ads to hire experienced "editors", and timothy put up his hand.

Heard that term before somewhere... (0)

Anonymous Coward | about 8 months ago | (#46270701)

Since this type of encryption was recently brought up on Slashdot as an "IBM breakthrough," we may as well get Bruce Schneier's arguments debunking the practicality of it out of the way...

https://www.schneier.com/blog/... [schneier.com]

Re:Heard that term before somewhere... (1)

cryptizard (2629853) | about 8 months ago | (#46271383)

That is from over four years ago, which, in a field that moves as fast as cryptography, might as well be a lifetime. There have been at least five new generations of homomorphic encryption since then, to the point that it is trillions of times faster now than it was when he posted that.

hmm, SHA512 from 1999-2001, 1977 DES .htpasswd (1)

raymorris (2726007) | about 8 months ago | (#46273653)

That's an interesting comment. Consider hashes as one important part of cryptography. SHA2 is a current standard used by some up-to-date software, while a lot of systems don't support it yet. It's too new to be used everywhere, having been officially standardized thirteen years ago.

Millions of web sites use .htpasswd files which default to DES (1977) and that's just one example out of many software packages that call crypt() to get a DES hash.

I've thought of cryptography as careful, methodical, slow compared to other technology related disciplines.

Re:hmm, SHA512 from 1999-2001, 1977 DES .htpasswd (1)

cryptizard (2629853) | about 8 months ago | (#46279671)

There's a huge gap between what researchers know and what is actually done in practice. Academia knew about padding attacks on TLS for a decade before someone actually made it into an exploit that forced developers to fix their code. Using your example, we already have SHA-3 even though you say no one uses SHA-2 yet.

Re:Heard that term before somewhere... (1)

Immerman (2627577) | about 8 months ago | (#46271801)

Honestly I don't see much attack on the practicality there. He highlights the *cost* of the technique (*much* slower performance), but how much that effects the practicality is entirely domain-dependent. For example the a doctor in TFA performed a genetic risk assessment for some condition in 0.2 seconds. I guarantee you that was by far the fastest part of the entire process - if it takes minutes or hours instead of seconds to perform a thorough genetic workup in such a way that *nobody* except myself or possibly my doctor has the key necessary to decrypt the results then that's probably worth considering. What's an hour of compute time cost you compared to getting your DNA published for the world (and insurance agents) to see?

Re:Heard that term before somewhere... (1)

tragedy (27079) | about 8 months ago | (#46273187)

The main attack you can make on the practicality of this system is that it evisions encrypting the information on one server and then sending it out to another server to perform operations on it. If a test that takes .2 seconds is a billion times slower than it needs to be, that means that any garden variety computer can perform that test very, very quickly. You can use a fancy encryption method that may already be broken to send out the DNA to some virtual "lab" as if you were sending out a blood sample, or you can just do it more securely locally. Store it with a proven encyption method, then download it to a standalone machine with a custom network port only designed to receive encrypted DNA sequences from the server and some method to receive updated programs (maybe through flash drives), but that can't be compromised because it can never send out information on the network. That would actually be more secure.

What's being advertised in this article is a solution looking for a problem.

Re:Heard that term before somewhere... (1)

Immerman (2627577) | about 8 months ago | (#46273897)

Sure, most genetic tests amount to looking at a few bits in one or more known places in the data - not exactly advanced calculus. Even with a billionfold performance penalty a desktop PC could probably perform at least a handful of tests in a timely fashion. As for the lab, I suppose I was thinking more about inevitable attempts at corporate lock-in than actual necessity.

For security though... how many doctors have you dealt with on a personal level? These aren't security professionals - their bains are already jam-packed full of random trivia about the human body, if something can go wrong security-wise it will. As Exhibit A I offer pretty much ever health care system in the world with electronic medical records. Homomorphic encryption would simply cut down drastically on what can go wrong, in most cases at only minimal cost. Yes, the tests might be a billion times slower than they could be, but if they still only take five minutes then it's not much of a price to pay for drastically increased security around such sensitive information, no matter how much it may offend our purist sensibilities.

Re:Heard that term before somewhere... (1)

tragedy (27079) | about 8 months ago | (#46274159)

Even with a billionfold performance penalty a desktop PC could probably perform at least a handful of tests in a timely fashion.

If that PC is slightly modified to be a trustworthy device with a proper security model, then there's no reason for the homomorphic encryption. The device can just decrypt the data first, then do every test necessary in a very timely fashion...

As for the lab, I suppose I was thinking more about inevitable attempts at corporate lock-in than actual necessity.

There... there you have have a very good point. This article screams of "force patients to store their DNA on your servers, but provide an argument that's reasonably convincing, even to security, experts that it's safe and secure and not subject to the complete sham that doctor/patient confidentiality has become in this day and age."

For security though... how many doctors have you dealt with on a personal level?

Lots. I currently work for a company that makes medical devices. Lots of clinical trial sites. Lots of opinions from doctors about exactly how things should work.

These aren't security professionals - their bains are already jam-packed full of random trivia about the human body, if something can go wrong security-wise it will.

Believe me, I know this very well by now. Many (not all) of these doctors are also pretty bad at mathematical concepts and sometimes some basic understanding of physical principles which I would have thought would be absolutely vital for them to understand in their specialties. Some manage this even while still being fairly brilliant. There are some in there who also clearly just mechanically worked their way through medical school. Regardless of where they fall on that spectrum, nearly all of them don't have the time or energy to do much worrying about security themselves.

Homomorphic encryption would simply cut down drastically on what can go wrong, in most cases at only minimal cost. Yes, the tests might be a billion times slower than they could be, but if they still only take five minutes then it's not much of a price to pay for drastically increased security around such sensitive information, no matter how much it may offend our purist sensibilities.

Pretty much useless in the fields I'm working in. For one thing, you have to understand that some of our devices produce datasets as big as the human genome in a single patient session, and those patients often have to go in for a lot of sessions. Also, as complicated as DNA itself is, most of the actual testing is going to be more or less of the form: read from position X; does it contain sequence Y? That's oversimplifying, I know, but it's broadly accurate. Analysis of just about any other medical dataset is going to be far more complicated. Where I'm working, there's no automated analysis. Doctors review the data and do diagnosis. Automated diagnostic tools are actually something we have on vague future roadmaps but they're not planned features of anything we're currently working on. They're also not really something that would appeal to 90% of the doctors we work with. Same is true in most of the medical industry. Either you need Doctors to review things, in which case you have to decrypt, or you're doing bioinformatics which is so computationally intensive that anything that would slow it down even a little would cause insane extra costs.

All that said, stored data should definitely be encrypted where practical. That's a no brainer. The cases where you can do anything useful with that data without actually decrypting it at some point are just very limited.

Re:Heard that term before somewhere... (1)

Immerman (2627577) | about 8 months ago | (#46274335)

> Analysis of just about any other medical dataset is going to be far more complicated.
Agreed. It's also going to tend to be far less sensitive for the simple fact that it contains far less information about you and your predispositions with regard to health, intelligence, personality, appearance, and everything else with a strong genetic component. It seems to me that homomorphic encryption is a technology with a very narrow window of utility - to wit, protecting extremely sensitive data that needs minimal processing to extract useful results. Secure DNA analysis would seem to be one of the few areas where it could really shine. I mean who's seriously going to outsource secure data processing to the Amazon Cloud at a million-fold increase in required computational power, much less a trillion?

>Automated diagnostic tools are ... not really something that would appeal to 90% of the doctors we work with
I'm not surprised. Modern doctors are largely professional diagnosticians - I have even heard that organic chemistry is a pre-req for medicine not so much because it's particularly relevant (unless you're a research doctor you will probably never care about the chemistry itself), but because it's too complicated to reason your way through, instead requiring you be able to finely hone your instincts - a "gatekeeper" course before being confronted with the even more difficult challenge of patient diagnosis.

Given that, I would not expect doctors to be at all enthusiastic about effective automated diagnostic tools, because an automated system promises to do what a doctor cannot hope to do - rationally analyze all the patient information in the context of the complete body of modern medical knowledge. And then whats left for the doctor to do? Surgeons will be needed for a while yet, but administering shots and setting bones isn't exactly rocket science, a good nurse with a "medical tricorder" could run circles around most doctors, destroying much of the social (and financial) prestige the occupation still holds.

We can't (1)

phantomfive (622387) | about 8 months ago | (#46270737)

We can't even keep credit card information private, and that's not just a matter of someone else's privacy, it's a matter of actually losing money.

What hope is there really of keeping your genome private if you are sending it across the internet?

Re:We can't (2)

nurb432 (527695) | about 8 months ago | (#46270791)

Besides the 'internet security issue', its not that hard to get your DNA to test themselves if someone wants it.

Re:We can't (1)

phantomfive (622387) | about 8 months ago | (#46270903)

I was going to mention that, but I wasn't sure. Can you get a full genome sequenced from hair, or do you need a certain quantity of blood or something?

Re:We can't (2)

Kjella (173770) | about 8 months ago | (#46271139)

I was going to mention that, but I wasn't sure. Can you get a full genome sequenced from hair, or do you need a certain quantity of blood or something?

As far as I can tell you need full cells so hair that has been cut with a scissor no, but if you have a hair follicle pulled out by a hair brush that's enough. Any blood, saliva, semen or tissue sample will also do. a quick check suggests as little as 5 cells are needed so we're talking nanograms of material here.

Re:We can't (1)

TrollstonButterbeans (2914995) | about 8 months ago | (#46272951)

"As far as I can tell you need full cells so hair that has been cut with a scissor no"

Ah, the 1980s where Lex Luthor can clone Superman from a strand of his hair in Superman IV.

Re:We can't (1)

thoughtlover (83833) | about 8 months ago | (#46276649)

a quick check suggests as little as 5 cells are needed so we're talking nanograms of material here.

Yup. Scientists discovered they could extract your DNA from your fingerprint ~2003. http://science.slashdot.org/st... [slashdot.org]

Re: Can't (0)

Anonymous Coward | about 8 months ago | (#46271195)

A hair may be too little to do pyrosequencing, but you can absolutely test for certain traits.
But the point here I think it's that the info in the cloud could be used to increment the already unnerving databases used for marketing (and other) purposes. Try to get a hair from every person on earth!

Re:We can't (1)

Immerman (2627577) | about 8 months ago | (#46271953)

If it's important enough you can get a full DNA sequence from a single cell - DNA was designed to replicate, and it's not that hard to get it to do just that in the lab. If you've got hundreds/thousands/millions of cells then it makes it even easier since you can use "shotgun" sequencing techniques to accelerate the process dramatically. And that's still a pretty small sample - most animal cells are around 10-30um in diameter, so you're looking at 35,000-1,000,000 of the suckers in a 1mm cube sample.

Blood's probably not he best source though - unlike every other cell in the body, red blood cells have no nuclear DNA, so you'd be counting on whatever white blood cells or random floaters happened to also get caught.

Re:We can't (1)

Immerman (2627577) | about 8 months ago | (#46271839)

If they're interested in *your* DNA specifically, no, technological measures won't stop it (though legally requiring licenses to possess gene sequencers and "informed consent" laws in regards to human DNA sequencing would go a long way towards holding back any GATTACA-esque abuses.

On the other hand, how valuable would a database of thousands or millions of people's unencrypted DNA be?

Re:We can't (2)

ubrgeek (679399) | about 8 months ago | (#46270907)

I'm still chuckling over the use of the words "private" and "cloud" in the same sentence...

Re:We can't (1)

phantomfive (622387) | about 8 months ago | (#46270967)

"I'm still chuckling over the use of the words "private" and "cloud" in the same sentence..."

Wow, that's a quote that should go on the wall in every corporate board room.....

Re:We can't (1)

jbmartin6 (1232050) | about 8 months ago | (#46270951)

Information wants to be free.

Re:We can't (0)

Anonymous Coward | about 8 months ago | (#46271239)

We can't even keep credit card information private, and that's not just a matter of someone else's privacy, it's a matter of actually losing money.

Nice to know you value money over privacy. Remind me never to tell you anything in confidence.

Back on topic:
We release copies of our DNA everyday via normal biological processes. It's impossible to prevent it, unless you live in an air-tight self-contained enviroment seperate from everyone else and have no way in or out.

This won't work as the second this comes out one of two things will happen (or both).
1. Goverments will require that everyone must hand over an unencrypted copy of their genetics to law enforcement.
2. Goverments will simply make the use of such encryption illegal. (Cue the /. argument over the law being absolute and the right to question / defiy it.)

Not to mention that once someone has decoded your encrypted genetics, you would need to re-encrypt your DNA again, and you can bet that someone will be keeping records of the variations. This is yet another game of cat and mouse.

Plus what is the down side to this? To me (Disclaimer: I am not a genetics expert.) it would seem this could lead to more errors occuring during replication. Not to mention the effects of doing multiple encryptions on a person's DNA. Is there anyone who could comment on this?

Re:We can't (1)

phantomfive (622387) | about 8 months ago | (#46271325)

Nice to know you value money over privacy.

It's not a matter of what I value, it's just being honest about the priorities of the corporations who hold your data.

Remind me never to tell you anything in confidence.

Please don't.

Re:We can't (1)

CrimsonAvenger (580665) | about 8 months ago | (#46272873)

Remind me never to tell you anything in confidence.

Does the old saying "Three men can keep a secret, so long as two of them are dead" have any meaning for you?

Best way to keep your secrets is to not tell ANYONE.

Genetic security through obscurity vs. cooperation (2)

Paul Fernhout (109597) | about 8 months ago | (#46271555)

So true. But DNA security is more that an issue of privacy. In the near future, understanding the human genome will make possible developing bioweapons targeted at individuals (with collateral damage) as well as bioweapons that could probably kill all humans exposed to the pathogen (like Ebola). We have, up to now, been protected by the obscurity and complexity of the issue. With advanced computers, vast data collection, and improved scientific understanding, creating individual and global bioweapons will become college-level biochemistry. Maybe not this decade, but probably within several decades (my guesstimate). In that sense, the movie GATTACA was a utopian fantasy, because people did not live in fear of apocalypse every day given everyone's DNA was known precisely and used for identification.

For current trends, consider recent US government activities (but other countries might do it too):
"U.S. Chases Foreign Leaders' DNA, WikiLeaks Shows"
http://www.wired.com/dangerroo... [wired.com]
"State Department representatives didn't immediately respond to questions about why diplomats need to acquire DNA and other biometric data on foreigners, what State does with any biometric information it gets, or how long the department retains it."

And also:
http://www.theatlantic.com/mag... [theatlantic.com]
"The U.S. government is surreptitiously collecting the DNA of world leaders, and is reportedly protecting that of Barack Obama. Decoded, these genetic blueprints could provide compromising information. In the not-too-distant future, they may provide something more as well--the basis for the creation of personalized bioweapons that could take down a president and leave no trace. "

Unlike private encryption keys for a computer system, or a lock and key for your front door, you can't easily change your DNA if someone else gets a sample of it (like from a used drinking glass). In fact, so far, you can't significantly change your DNA at all. And the fact is, probably almost every citizen in the Western world already has taken some kind of medical test where potentially, if archived, their specific DNA would be available. So, we are probably already all compromised..

So, sadly, this trend towards increased genetic understanding may eventually mean the end of human day-to-day living as we know it in the near future (if not actual life). Individually targeted weapons are actually a lesser worry. Imagine a vast plague launched by some genetic-script kiddy showing off how "1eet" they are. Imagine a flu season where just everyone who gets it dies a few weeks after seemingly getting well -- and where everyone gets it. Or imagine perhaps 10 bad flu seasons in a row year after year, each with 30% mortality like the black plague.

Remember, unlike computer viruses, you can't right now just issue a patch for human DNA. And even if you could, the patch itself might be deadly. So avoidance may be the only option if the virus has been specifically designed to target some newly discovered human weakness in all human DNA.

Of course, we face similar risks in theory with nanotechnology, and groups like the Foresight Institute have discussed them. But, nanotechnology in the form of sophisticated mobile nanobots is still theoretical. Biotechnology and disease is a reality of our every day lives.

Preventing this risk of a 100% fatal designer plague would probably mean changing large aspects of how we live. This might include living in air-tight Biosphere-II-like structures and/or space habitats. Could it be that human tribalism and sparring at borders had evolutionary adaptive value to keep tribes mostly isolated to prevent disease transmission? Perhaps things might even go so far as never being in the physical presence of another human being and never receiving a physical object including food from outside your enclosure (as they might have viruses).

Isolation may still not be enough given the development of cheap military robots that could drill into such enclosures though -- even ignoring human proclivities not to obey the rules when sex might be involved. Governments might also try suppression of biotechnology and 100% invasive surveillance (beyond Orwellian). However the draconian measures required for those two things might only accelerate blowback, while also leaving countries vulnerable to others who race ahead. Personally, I'd suggest we could all try being nicer to each other, but when someone tried that 2000 years ago, as Douglas Adams said, "they nailed him to a tree". Rethinking our economic system to focus less on competition and promoting disparity might help too. Doing what we can with superior nutrition might help us all be more disease-proof, although I doubt nutrition would help much against bioweapons exploiting some "zero-day" fundamental vulnerability in the human genome. Also, getting the lead and other brain toxic chemicals out of our food and water and air would help delay things too by reducing the general level of violent craziness in our society.
http://science.slashdot.org/st... [slashdot.org]

There may be ways to try to prevent this future apocalypse other than isolation and/or moral uplift and/or new economics and/or improved physical and mental health and do on. Imagining them probably might take deep collective thought and action about the issues, using some shared global communications and information organizing system like a social semantic desktop and improved conceptual analysis tools. Example proposals by me:
http://pcast.ideascale.com/a/d... [ideascale.com]
http://www.changemakers.com/mo... [changemakers.com]
http://opengov.newschallenge.o... [newschallenge.org]

I just put up some new code here towards such collaborative technology (don't get much time for it anymore though, but had a four day "vacation"):
https://github.com/pdfernhout/... [github.com]

But right now, this issue of how we collectively are making public the internal workings of our personal and global genetic front door lock is not on many people's radar screen. I try not to think about it much myself either, just working towards multi-use cooperative infrastructure as time permits. I'm glad to see so many other people working on great tools, including the greatest such tool of all so far -- the World Wide Web itself. I guess I'm sounding too much like Bill Joy (cofounder of Sun) in an essay of his I read in the library at IBM Research in Hawthorne back around 2000:
"Why the future doesn't need us"
http://www.wired.com/wired/arc... [wired.com]
"Our most powerful 21st-century technologies - robotics, genetic engineering, and nanotech - are threatening to make humans an endangered species. ... Similar difficulties apply to the construction of shields against robotics and genetic engineering. These technologies are too powerful to be shielded against in the time frame of interest; even if it were possible to implement defensive shields, the side effects of their development would be at least as dangerous as the technologies we are trying to protect against. These possibilities are all thus either undesirable or unachievable or both. The only realistic alternative I see is relinquishment: to limit development of the technologies that are too dangerous, by limiting our pursuit of certain kinds of knowledge. ... If we could agree, as a species, what we wanted, where we were headed, and why, then we would make our future much less dangerous - then we might understand what we can and should relinquish. Otherwise, we can easily imagine an arms race developing over GNR technologies, as it did with the NBC technologies in the 20th century. This is perhaps the greatest risk, for once such a race begins, it's very hard to end it. This time - unlike during the Manhattan Project - we aren't in a war, facing an implacable enemy that is threatening our civilization; we are driven, instead, by our habits, our desires, our economic system, and our competitive need to know. I believe that we all wish our course could be determined by our collective values, ethics, and morals. If we had gained more collective wisdom over the past few thousand years, then a dialogue to this end would be more practical, and the incredible powers we are about to unleash would not be nearly so troubling. ..."

Although my hope for FOSS collaboration software and free content about human uplift (including the idea in my sig on the irony of tools of abundance in the hands of those still thinking in terms of scarcity) might be somewhat different in focus than his prescription back then. My hopes are somewhat more along the lines of Doug Engelbart -- of a co-evolution of tools, community, practice, and knowledge. Bill Joy may have expanded his own ideas sin 2000, of course. I know I have.

The above is a worst case scenario (well, there might be worse like the virus that creates "Zipheads" in Vinge's novel "A Deepness in the Sky"). It is possible in the next century that biotechnology could be used to have cheap medical tests, cure some disease, adjust the human body to deal better with an abundance of addictive junk foods, grow more food, grow other manufactured goods, do industrial processes cheaply at room temperature, build living self-replicating space habitats and space craft (featured in Peter F. Hamilton's sci-fi and others), and extend a healthy human lifespan into centuries. Biotech might even be used to boost the immune system against designer nasties. So, like Bucky Fuller said, whether it will be Utopia or Oblivion will be a touch-and-go relay race to the very end.

My own humorous thoughts on that from around 1998:
http://gardenwithinsight.com/s... [gardenwithinsight.com]
http://gardenwithinsight.com/s... [gardenwithinsight.com]
-----
Hi! I'm Peter, your local customs and protocol officer. Welcome to Solarius 17346!

On behalf of the 15 million citizens of Solarius 17346, I would like welcome you onboard our world! We don't often get visitors from Earth.

As you probably know, Solarius 17346 is a forty kilometer long cylinder five kilometers in diameter, based loosely on the original O'Neill design. The picture on the wall shows an interior view. We are all dependent on each other for our safety. For this reason I will reiterate some of our basic rules.

While you have been thoroughly briefed on the customs of our world during your transit, I would like to remind you that projectile weapons are strictly prohibited within the main habitat. Also, tampering with or disabling smoke detectors, carbon monoxide detectors, and other safety devices while in the habitat is a class B felony and will be strictly dealt with.

In the extremely unlikely event of a main habitat depressurization, warning lights will direct you to the nearest safety shelter. Emergency pressure suits are located at the areas with orange and yellow interlocking triangles. Remember to don your own suit before assisting small children or any other person.

We are proud that our space habitat is fully capable of duplicating itself from sunlight and asteroidal ore. Still, we have a strict recycling program in place to allow us to put as much new material into daughter habitats rather than replenishing supplies on this mostly self contained world. This system works optimally when you obey our local recycling laws for separating glass, aluminum, iron, and organic materials, and for properly disposing of other matter incorporating things like heavy metals. Otherwise we may have to re-smelt an entire batch of recyclables, and that always annoys the technical staff.

At the moment, our population is rather high, given that we are preparing to populate a daughter habitat which is just undergoing its final pressurization checks. Hopefully this will not inconvenience you during your stay.

If any of our inter-habitat exchange program staff can do anything to assist you in making your stay in Solarius 17346 more comfortable, don't hesitate to ask!

You are now required to fill out our local customs declaration form, and afterward you will be free to move about the habitat as a guest of our world.

== Customs Declaration

Please fill out the following customs declaration form:

I hereby certify:

I am not carrying over 1 milligram of radioactive material.

I am not carrying a class T or above computer virus or any harmful biological virus encoding or crystallization.

I am not carrying prohibited weapons or their fabrication plans without a proper arms shipment permit.

I am not carrying over 5 gigaquadrillion bits of information on my person.

I am not transporting self replicating systems such as plants, animals, fungi, bacteria, metabots, nanobots, or synthomorphs or their fabrication plans without a valid self-reproducing object transport license.

I am not transporting an independent intelligence having class B sentience or above without its permission.

My personal biological fauna meets or exceeds Interhab standards for minimal virulence.

My (Our in the case of collective minds) emotive and rational stability meets or exceeds Interhab standards, and I am (we are) not in mind of restricted memes without a current memetic carrier authorization on file.

I have not been previously ejected from a Solarius community for any reason.

Microgravity dwellers and others as applicable: My powered bodysuit is restricted to standard human strength.

* I so certify

* I do not so certify

Re:Genetic security through obscurity vs. cooperat (0)

phantomfive (622387) | about 8 months ago | (#46272505)

That's a long post

I don't know... (0)

Anonymous Coward | about 8 months ago | (#46270739)

"Called homomorphic encryption"

Sounds pretty gay.

Re:I don't know... (1)

Immerman (2627577) | about 8 months ago | (#46271987)

Yeah, better stay away from homogenous beverages as well, just to be safe. If you don't have to shake before opening there's no telling *what* it's doing to your sexuality.

Window managers (1)

pingbat (1648191) | about 8 months ago | (#46270819)

What's wrong with AES256 for protecting my Gnome?

Re: Window managers (0)

Anonymous Coward | about 8 months ago | (#46271477)

What's wrong with reading the article?

hehehe (2)

Sigvatr (1207234) | about 8 months ago | (#46270825)

he said homo

Homomorphic (0)

Anonymous Coward | about 8 months ago | (#46270835)

Homo means gay, morphic means transform, so applying this procedure to our genes would transform all of us into gays. (yes, that's a joke)

Re:Homomorphic (0)

Anonymous Coward | about 8 months ago | (#46270843)

Or gay people into straight. Humanity might be saved after all.

Re:Homomorphic (1)

K. S. Kyosuke (729550) | about 8 months ago | (#46271013)

Sounds more like Power Rangers to me. You know, transforming people into something gay.

Re:Homomorphic (2)

Immerman (2627577) | about 8 months ago | (#46272137)

It was a lousy joke.

>Homo means gay
Somebody needs to brush up on their Greek. Homo- as a prefix means "the same", as in homomorphic = the same form.
Or alone as Latin for "man" (as in Homo Sapien = intelligent man, versus homo erectus = upright man)

Yes, I'm perpetually annoyed by ignorant people sexualizing useful words, much less common prefixes. Why do you ask? We've got a perfectly good word for sex, it's even one of the coveted limited-edition single-syllable models reserved for only the most important concepts. Why must we perpetually degrade the language by throwing around euphamisms when everybody knows what we mean anyway?

Keep it (1)

Chemisor (97276) | about 8 months ago | (#46270857)

Encryption can be broken, especially the kind that exposes useful information about the plaintext as this one does. A much simpler alternative is to keep your genetic information in your own control, processing it on your own computer with open source software. You know, just what we already do with other sensitive information like passwords.

Re:Keep it (1)

cryptizard (2629853) | about 8 months ago | (#46271393)

It doesn't expose any information about the plaintext. It exposes an interface which lets you manipulate the plaintext. Not the same thing.

Re:Keep it (3, Informative)

LargeMythicalReptile (531143) | about 8 months ago | (#46271403)

Hi. I'm a theoretical cryptographer.

Encryption can be broken,

Some implementations have been broken. Encryption itself is generally fine (as long as you go with well-studied, standardized methods). There is a point that encryption is always subject to real-world factors, but the most common libraries are pretty good. Whenever you read about a data breach in the news, it's not because encryption was broken--something else went wrong (and, frequently, exposed data that wasn't encrypted in the first place).

especially the kind that exposes useful information about the plaintext as this one does.

Homomorphic encryption does not expose useful information about the plaintext, although the article doesn't make that clear. You start with an encrypted input, perform an operation, and get an encrypted output. Only the person with the key--who is not the person performing the computation--can decrypt the result.

There is a somewhat-related but distinct concept, called "functional encryption", in which one can distribute a key associated with a function f. That key allows a user to take an encryption of x and obtain f(x)--but nothing else about x other than f(x), where "nothing else" has a mathematical formalization. So you could (conceptually) encrypt your entire medical record and give your doctor a key for the function that calculates the probability that you'll have a heart attack in the next five years. Then they'll be able to calculate that probability, but nothing else about you.

A much simpler alternative is to keep your genetic information in your own control, processing it on your own computer with open source software. You know, just what we already do with other sensitive information like passwords.

This I agree with, in an ideal world. Will we be living in such a world, 5, 10, or 20 years down the line? I don't know. Right now, the trends are largely in outsourcing everything--more and more, your data and computation live on the cloud. For medical information, your doctor doesn't do all the tests himself--he outsources them to a lab. For genetic information, 23andMe doesn't sell software that lets you analyze your own genetic markers--they take your information and perform the analysis on it themselves. So these trends will need to change before the above takes place.

It would be great to keep one's own data and get all the various analysis tools via FOSS. But someone needs to write and distribute those tools--as well as make it feasible to obtain one's own data in the first place (I don't know about you, but I don't have an MRI machine in my house). So until that world exists, homomorphic encryption is a potentially useful tool in this area.

[It also has uses beyond securely outsourcing computation, but that's somewhat off-topic.]

Re:Keep it (3, Interesting)

Immerman (2627577) | about 8 months ago | (#46272377)

Right, because I have the knowledge and equipment to sequence my own DNA make sense of the results.

Sure, encryption can be broken, and I don't know how far I'd trust IBMs 1st-generation homomorphic encryption, much less this "streamlined, high performance" version adapted by medical researchers, but it's a hell of a lot better than nothing.

Also, while I'm not an encryption expert, it sounds like homomorphic encryption doesn't actually expose useful information (at least not intentionally, I'm sure it opens up some new attack vectors, everything does). Encrypt A to get B. Apply operations f(B) to get C, decrypt C to get f(A). C is still encrypted gibberish.

So, assuming it's possible to do public/private key homomorphic encryption, my doctor could send a sample for sequencing along with a public key. DNA gets sequenced and encrypted (ideally both on the same non-networked hardware so that the plaintext data is never accessible to anyone), and the encrypted sequence is sent back to my doctor, archived in a public database, whatever.. Doc can then send it to a third-party DNA analysis firm in Nigeria, who perform all manner of analysis on it and send the reams of gibberish test results back. He then calls me in, the only holder of the private key, and I can then decrypt the results on my secure, open-source computer and present them for his interpretation and advice.

I just can't. (2)

LaminatorX (410794) | about 8 months ago | (#46270953)

I'm trying to say something intelligent involving homomorphic encryption with random seeds and salt that doesn't trigger the Beavis & Butthead reflex, but I just can't make it happen.

Would be more useful . . . (4, Interesting)

Idou (572394) | about 8 months ago | (#46270957)

If I were not constantly releasing millions of copies of my DNA in the form of dead skin cells everywhere I go. Either my cells need to also adopt this encryption standard, or I need a lifestyle where I am completely self sufficient (including my waste disposal), never having to leave my home.

Even then, a gust of wind while I am in the backyard might be all that is required one day for someone's reader to catch my DNA and run a simulation to match with facial recognition.

Re:Would be more useful . . . (2)

Impy the Impiuos Imp (442658) | about 8 months ago | (#46271479)

Don't give the NSA and FBI ideas.

A few years back, the Supreme Court ruled they couldn't use IR scanners without a warrant on buildings. Although it was "broadcast" out to common areas, you historically had the expectation of privacy. Yey originalism and intent of Founding Fathers.

That atitude is dead as a doornail now (not that it wasn't always DOA in government reaching -- hence that case) but now it's even more of a struggle with Congress and the President acquiesing to all kinds of metadata stuff.

I still maintain historians will call this the "1984 " Era, because we stupidly built the tools of tyrrany for the same reason historical democracies all failed -- authorizing emergency powers to fight something.

Re:Would be more useful . . . (1)

Immerman (2627577) | about 8 months ago | (#46272405)

I think the point is less to protect your personal DNA sequence, and more to protect the anonymity of databases/sequencing labs/doctors offices/etc. that are otherwise carrying around massive blinking "hack me" signs.

Re:Would be more useful . . . (1)

Idou (572394) | about 8 months ago | (#46272577)

Right, but why go through the trouble and risk of hacking someone else's database when it will soon be cheap enough to sequence directly yourself?

Obtain a used air filter of a building, and you may have the DNA of anyone who has been in that building for the last couple of days . . . legally.

Homomorphic encryption helps? (2)

sckienle (588934) | about 8 months ago | (#46270971)

I am not a cryptography expert, but I have been supporting genomic medicine for 10 years. For Homomorphic encryption to be of any use in research, or diagnostics, it is necessary to know that each genetic sequence is encrypted to the same results. That is XYZ for person 1 has to be the same genetic sequence as XYZ for person 2. Otherwise we are comparing apples to wood and the results are gibberish. So if XYZ is XYZ is XYZ, how is that any more secure, from a genetic profiling, etc. POV than the raw genetic sequence? It's like saying your SSN is safe, no one will know it is 123-45-6789, we "secured" it as abc-de-fghi but otherwise is just as unique in identifying you. Am I missing something here?

Re:Homomorphic encryption helps? (0)

Anonymous Coward | about 8 months ago | (#46271069)

Am I missing something here?

Yes (assuming that actually manage to achieve a fully homomorphic encryption (FHE) system):
"Using such a scheme, any circuit can be homomorphically evaluated, effectively allowing the construction of programs which may be run on encryptions of their inputs to produce an encryption of their output. Since such a program never decrypts its input, it can be run by an untrusted party without revealing its inputs and internal state."

Re:Homomorphic encryption helps? (2)

Kjella (173770) | about 8 months ago | (#46271581)

Near as I can tell, it's simply a way to outsource number crunching. Like for example in a paternity suit, you can encrypt the DNA of the people in question, hand it over to a cloud provider who'll give you a paternity index score but can't recover the actual DNA sequences involved. Okay, not best example. Say you have a huge number of samples like a genetic archive. You want to find "The people with genes XYZ, what other genetic differences do they have from the general population?", so you hand a cloud provider a million encrypted DNA sequences, say "I'm interested in knowing how these 300 differ from the rest, crunch it" Or you have one suspected rapist, compare this to everyone else in the database and tell me best full/partial matches.

What you get back are results saying which genes are often found/not found together wtih XYZ or what persons are matching but they're scrambled by the encryption. Only the one who encrypted it can decrypt it and discover what actual genes in the DNA material or actual people it's pointing to. Imagine if that was for example a criminal registry, even if you hacked the number cruncher you still can't svab a person and tell if he's on the registry or not. That said, it still looks like symmetric encryption so it doesn't let two institutions/systems compare data anonymously. Whoever can encrypt their data can also decrypt other's data encrypted to the same key. So you need one trusted place and it seems easier to just do the crunching there on the unencrypted material.

Re:Homomorphic encryption helps? (2)

Immerman (2627577) | about 8 months ago | (#46272457)

To rephrase AC: using homomorphic encryption you:
Encrypt A to A*
Perform analysis on A* to get B* (the gibberish encrypted results)
Decrypt B* to get B.

So basically you, as some lab doing the analysis, has *no* idea what the incoming DNA is, nor what the results of your analysis are. All you need know is how to perform the analysis if they *weren't* encrypted. You can then send the encrypted results back to the doctor who sent you the encrypted DNA, and *she* (or the patient in question) can decrypt them to find out what they are.

You can't keep your genome private. (0)

Anonymous Coward | about 8 months ago | (#46271201)

Would be nice if you could keep your genome off the grid, but let's face it. Every newborn baby gets swabbed and its genome input somewhere. If the man wants your DNA he can get it a hundred different ways. And some relative of yours has already been input when they got busted or joined the military.

As a specimen of perfection you're welcome (0)

Anonymous Coward | about 8 months ago | (#46271261)

Take all the DNA you want so long as I don't have to pay child support. ;)

Seems like some cryptographers looking for funding (0)

Anonymous Coward | about 8 months ago | (#46271705)

This sounds more like inventing one more use case, so that one can tap into the huge funding available for biotech. Homomorphic encryption is currently well out-of-range from anything practical on any large datasets and will probably be so for a very long time.

ps. I'm a cryptographer myself.

Secret Sharing (0)

Anonymous Coward | about 8 months ago | (#46274385)

Secret Sharing is also a feasible way of securing genome data - it's like one-time pads used to split the data into multiple parts that are not usable by themselves, and doing secure multi-party computation on them. See http://sharemind.cyber.ee for an example solution using secret sharing - and this is not the only one.

Am I missing Something? (1)

smith6174 (986645) | about 8 months ago | (#46274645)

I studied bioinformatics, but I've never understood this illusion of a bunch of goofball scientists toiling away in lab coats somewhere. Modern personal computers are more than capable of doing whatever analysis an individual user might want done. You want expert analysis of your results? Ask a doctor, who is already legally required to keep everything confidential.

n.n.n.n.s.a (0)

Anonymous Coward | about 8 months ago | (#46277505)

N.n.n.n.n.s.a.... please don't hack my d.d.d.d.d.n.a....

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?