Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Encrypted search architectures and tools have been developed by groups at several universities and companies. Though there are a variety of different approaches, most technologies encrypt data in a file–as well as tags called metadata that describe the contents of those files–and issue a master key to the user. The token used to search through encrypted data contains functions that are able to find matches to metadata attached to certain files, and then return the encrypted files to the user. Once the user has the file, he can use his master decryption “key” to decrypt it.

While some parts of these encryption processes are already mature, the technologies needed to execute encrypted search are still painfully slow because of the heavy computation involved. Unless limits are imposed on the extent of the search, conducting a general search even with a single word could take “tens of seconds” to complete, says Radu Sion, a computer scientist at Stony Brook University in New York, who is co-chairing the cloud security workshop tomorrow. Performing searches with two or more words, if possible at all, could increase the needed computation exponentially, he adds.

Microsoft’s report is an architecture proposal, and does not describe a new advance in the underlying encryption technologies. But, along with other research groups, the company’s research team is working on next-generation search using more computationally efficient versions of cryptography.

“Cryptographic storage and key management are interesting areas, and we are exploring some of the technologies that are discussed on a theoretical basis in this [Microsoft] report,” says Eran Feigenbaum, director of security for Google Apps. But Feigenbaum notes that it’s not clear how such techniques could be used while still allowing cloud users to collaborate on documents in real-time. “There are significant implementation challenges that would need to be addressed,” he added.

Still, Sion says that the new technologies and architecture proposals are badly needed. “This would be a first step to providing technologies that address the new liabilities the cloud brings,” he says. “You don’t want the cloud having access to your data, number one, and being subpoenaed for your data, number two. The cloud hosts all your stuff–but you don’t want to shift all your liability to a lawyer in the cloud.”

1 comment. Share your thoughts »

Credit: Technology Review

Tagged: Computing, Web, security, search, cloud computing, cryptography, data centers, math

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me