By sharing information with each other, companies and governments can better protect their computer systems against cyber threats and attacks. Because the information in question is often sensitive and confidential, companies and governments can be hesitant about sharing it. In the research line ‘Secure Data Sharing’, UT researcher Andreas Peter and his team are working on technologies that enable the sharing and processing of data without exposing confidential contents. For this purpose, they have developed a special encryption technology, which falls into the category of ‘functional encryption’. The technique keeps sensitive data hidden, while allowing for the processing of the data under encryption, with only the desired end result being made available in the clear. The new technology is application-independent, but has been adapted to several different use cases. One is the sharing of so-called ‘indicators of compromise’ and is now available as an extension module on the MISP platform (Malware Information Sharing Platform), an open source platform used by cybersecurity specialists for sharing cyber threat intelligence.
Sharing data under encryption
Data are often said to be ‘the new oil’. That makes data protection crucial. Encryption can provide that protection. But encrypted data that cannot be decrypted cannot be shared either. That can be problematic, for instance if medical experts, police organizations, governments or businesses need vital information from each other across national and organizational borders – which is happening more and more often. With one of the technologies that Andreas Peter and his team have developed, users can process encrypted data without decrypting it. The technology is an important step forward for organizations sharing highly sensitive information with each other. For this reason it is been integrated in the MISP platform, whose users include parties such as NATO. ‘With our technology, organizations can share indicators of compromise – for instance to check whether they have been targeted by the same attack – while keeping unrelated indicators or related sensitive information encrypted at all times,’ Peter explains. ‘In other words, they can trace and decrypt the data relevant to them. All information that is not relevant – and not meant for their eyes – remains securely encrypted.’
4.6 billion euros in losses
In scientific research on cyber security, data security and control over who can view the data under which conditions are becoming increasingly important topics. And no wonder, considering the damage cyber-attacks can cause. According to research by Deloitte, Dutch companies in 2016 suffered 4.6 billion euros in losses due to data breaches. The damage to people and society is potentially even greater, says Peter. ‘Medical data on individuals or groups of people can be misused. With private information, or photos, ill-disposed people can ruin a person’s career, or even life. Politically sensitive information, or disinformation, can be misused in election campaigns. There are countless reasons why data security is important for our safety and well-being.’
Searching through your own photos
The encryption techniques that Peter and his team are developing are application-independent. This means that they can be applied in all sorts of settings, including every-day tasks, he says. ‘A simple example: if you upload all your private photos to the cloud, you want them to be secure, so you have them encrypted, or your provider does. However, you can’t search or edit encrypted photos: in order to do that, you have to download the entire set of photos again, which takes a lot of time and capacity. Our encryption technologies change that: they allow you to search through encrypted data without having to decrypt the data at first.’
DR. ANDREAS PETER
- Associate Professor in Security & Privacy Engineering, Faculty of Electrical Engineering, Mathematics and Computer Science (EWI), University of Twente
- Studied Mathematics and Computer Science at the universities of Cambridge, United Kingdom, and Oldenburg, Germany, and completed a PhD in Computer Science at the Technical University of Darmstadt (Germany)
- Fields of interest: Privacy-Enhancing Technologies, Cryptographic Protocol Design and Analysis, Security and Privacy in Building Automation Systems, Network Intrusion Detection Systems
Peter: "To my mind, the potential societal damage is far more important. Data abuse can ruin lives. I want my work to contribute to the design of secure encryption methods – ensuring that traditional democratic rights, such as the right to privacy and data protection, will remain guaranteed in the new digital society that is unfolding."
