Designing Mathematics to have your cake and eat it too: Counterintuitive uses of Cryptography
Prof. Debayan Gupta tells us how to process data without ever revealing it. Various military organisations and governments have already started using these methods internally, and it is a matter of time until we see more civilian usage. Read on
Debayan Gupta
12 July, 2023 | 4m read“We don’t need you to type at all. We know where you are. We know where you’ve been. We can more or less know what you’re thinking about.” – Former Google CEO Eric Schmidt
The primary currency of the internet is information – as a civilisation, humanity now spends a significant chunk of its monetary and intellectual resources finding out more and more about ourselves. Consider how vast a portion of global brainpower at top companies like Alphabet, Amazon, Meta, Microsoft, and the like is directed towards building better ways to profile users and predict behaviour! This activity will only accelerate in the future under natural market conditions and the increasing amount of information we humans are producing.
Given the nature of modern life, it is very difficult – perhaps impossible – to say that one will choose to hide this sort of information without becoming a digital hermit. How, then, are we to safeguard our privacy and security? It is also critical to realise that decisions made today will have long-term repercussions: much of this kind of information is permanent (once it’s out, it’s out!). Imagine a 13-year-old girl in 2023, who will one day become the prime minister of India. Alphabet and Amazon will have profiles built from every search she made during her teenage years. I am sure that every one of us has done awkward and foolish things in our teens: but every such item could now be a weapon for a foreign government.
Some of this can be dealt with using regulation, and various governments across the world are trying to formulate the same. But nation-states often play fast and loose with such rules – consider how the UK broke into the Belgian telecommunications giant Belgacom a decade ago (Operation Socialist), or the numerous similar attacks by the US (XKeyscore and the like).
Fortunately, the laws of mathematics are not so easily ignored as the laws of human nation-states. Modern cryptography has created strong defences for us against such overreach. But this security, in many cases, seems to come at the expense of convenience. Further, most actual breaches do not break encryption: they simply steal the data from people who legitimately have access!
If I give my income details to my accountant to prepare my tax return, it doesn’t matter how strong a box I lock the data in – at the end of the day, my accountant has to open it, and if my accountant’s computer is infected, it’s all gone. As long as data leaves my control within someone other than me having a key, it is always possible that something bad could happen. But that level of paranoia seems untenable. After all, the whole point of information is to do something with it, and avoiding correct usage out of fear seems foolish!
But there is a solution: there exists a range of technologies, from homomorphic encryption, to secret sharing, to garbled circuits, which allow us to do something very strange: to process or operate upon data without revealing it. This seems absurd – how can I process or perform calculations on something if I don’t even know what it is? Incredibly, this absurdity is real.
Imagine a room full of people who want to calculate their average salary. However, nobody wants to reveal their salary to anyone. One solution, of course, would be to include a trusted third party (say, God walks into the room): everyone sends their salary to this person, who calculates the average and sends it back. Without direct divine interference, however, computer scientists have come up with some alternatives.
What if we take a calculator (starting at zero) and hand it to someone in the room? Let’s say that this person adds their salary and then adds a (negative or positive) random number, and then hands it off to the next person, who does the same thing. Once everyone has participated, we go around the room a second time: only this time, each person subtracts the random number they had added. When we finish going around the room twice, the calculator holds the sum of everyone’s salaries; we simply divide by the number of people in the room to get the average.
Notice that this simple protocol – while circuitous (pun intended), is quite secure! The only way for your salary to be revealed would be for every other person in the room to collude – but then that would work in the God scenario as well, simply by working backwards from the average. Since our protocol seems to be as good as God walking into the room, we shall declare victory!
The techniques listed earlier all allow us to do this sort of thing: to process data without ever revealing it. Various military organisations and governments have already started using these methods internally, and it is a matter of time until we see more civilian usage. As such, I am hopeful that a day will come when we can have all the benefits of personalisation (and profiling and consequent profit!) without losing our privacy.
(Prof. Debayan Gupta is an Assistant Professor of Computer Science at Ashoka University)