Novel Encryption Scheme Aims to Secure Genetic Data
February 19, 2014 | With privacy concerns around the storage of people's genetic data growing, researchers are looking for more secure ways to conceal DNA information than simply anonymizing the raw sequence. While data encryption has become routine for other types of sensitive data that move frequently between servers, this has not been a realistic option for genetic data, which needs to be mined and manipulated to yield any useful or medically relevant information – processes that are traditionally impossible to perform on encrypted data.
This Sunday, however, Kristin Lauter, head of cryptography research at Microsoft, demonstrated a novel encryption method for genetic data at the annual meeting of the American Association for the Advancement of Science. Lauter's technique takes advantage of lattice-based cryptography, which processes data in terms of hard geometrical problems, allowing addition and multiplication to be performed on the underlying data without ever decrypting it. While it has been hypothesized for years that genome-mining algorithms could be reduced to addition and multiplication, and therefore run in a lattice-based cryptography system, it had always been assumed that this computational process would be far too slow – billions of times slower than using unencrypted data – for practical use. Lauter, however, demonstrated that for at least a few simple, medically important tasks, lattice-based cryptography is an appropriate security scheme for genetic data – uploading her own encrypted genome to a cloud-based informatics platform, estimating her heart attack risk using the encrypted data, and then reporting the result back in less than a second. While this is still too slow for a comprehensive analysis of a human genome, it does open up the possibility of securing patients' genetic data for the purpose of basic clinical tests. ScienceNow