Reputation: 63
Encrypted Data only accessible for user as data owner and algorithm
Which method or way would you choose to make encrypted data only accessible for the user and an algorithm to process and evaluate the data? In this case the user would be one of n service-users, who would add sensible data (mostly answers to questions) about himself into the database. The company who is providing the database shouldn’t have any access to the sensible data, but to the results of the data processing. The results wouldn’t give any conclusion of the sensible data.
Upvotes: 1
Views: 89
Answers (2)
Reputation: 5636
What you are looking for is Fully Homomorphic Encryption (FHE). FHE operates on encrypted data. This can be achieved by an encryption scheme that supports two operations on encrypted data. RSA and others only supported one operation until Gentry's work.
With FHE schemes like HeLib (there are many now), you can upload your data the server and give a function (circuit) to evaluate. The FHEs, in general, have semantic security (randomized encryption). The Semi-honest server can only see encrypted data and can return the result back to you.
Note: They are not practical, yet.
Upvotes: 1
Reputation: 60
I think the best way to do that is to save only the result. but if you want to save the user's answers you could use AES with the user's password as a key by doing so the user will have to enter his password every time to decrypt the data.
Upvotes: 1
Related Questions
- En/decrypt data using password without database admin being able to decrypt it
- Encryption inside database
- How to store encrypted confidential user information in the database, which will need to be decrypted at runtime?
- SQL Server restrict all users to a database (using encryption)
- Storing sensitive data with Drupal
- Encrypting a non-user-specific piece of data
- How could you encrypt user data so only they can decrypt it?
- Data Encryption
- Global access of encrypted data in the cloud?
- Encrypting an access database