Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Lindell says that his protocol can be mathematically proven to work efficiently and securely, but he admits that there is one weak spot. “I’m introducing another avenue of attack,” he says, referring to the smart card. Bob could try to pull the secret key from the smart card in order to decrypt Alice’s database and read its contents. However, Lindell notes that high-end smart cards have strong protections and can be designed to self-destruct if the chip is compromised. “Smart cards are not perfect,” Lindell acknowledges, but he says that competing schemes have their own weaknesses.

By introducing a smart card, Lindell’s system requires far less computing resources to protect people’s private information, says Benny Pinkas, a professor of computer science at the University of Haifa, in Israel, who has also worked on the problem. “In my view, the trade-off is reasonable for all but the very most sensitive applications,” he adds.

Ari Juels, chief scientist at RSA Laboratories, agrees that some sort of hardware is needed for this kind of information-sharing scheme. However, he is “somewhat skeptical” about the smart-card approach. For one thing, he says, the card essentially serves as a trusted third party, so it could be difficult to find a manufacturer that both organizations trust completely. Even then, “assuming that a smart card is secure against an individual or modestly funded organization may be reasonable,” Juels says, “but not that it’s secure against a highly resourced one, like a national-intelligence agency.”

Michael Zimmer, an assistant professor at the University of Wisconsin-Milwaukee who studies privacy and surveillance, says that Lindell is working on an important problem: “There can be some great benefits to data mining and the comparison of databases, and if we can arrive at methods to do this in privacy-protecting ways, that’s a good thing.” But he believes that developing secure ways of sharing information might encourage organizations to share even more data, raising new privacy concerns.

Currently, Lindell’s protocol can only be used to make certain types of comparisons, but he argues that it could still prove useful. “Let’s give [organizations] only what they need, and, when we do have solutions already, let’s at least start somewhere and limit what they could be learning,” he says.

2 comments. Share your thoughts »

Credit: Technology Review

Tagged: Computing, Communications, privacy, data mining, cryptography, smart cards

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me