Recent advances in cryptography could mean that future cloud computing services will not only be able to encrypt documents to keep them safe in the cloud--but also make it possible to search and retrieve this information without first decrypting it, researchers say.
"This will be a challenging endeavor," says Dawn Song, a computer scientist at the University of California, Berkeley, who has made fundamental research contributions to using encrypted search strings to find encrypted documents. "However, some of these recent advances are very powerful and, if cleverly engineered and deployed, could lead to significant advances," in adding security and privacy to cloud computing over the next few years.

At the ACM Cloud Computing Security Workshop in Chicago tomorrow, Microsoft Research will propose a theoretical architecture that would stitch together several cryptographic technologies in various stages of development to make the encrypted cloud more searchable. The basic idea is that cloud users could download software that would encrypt their data before it's sent into the cloud. In addition, the software would issue encrypted strings, called tokens, which can be used to check that documents are intact and--crucially--to search their contents without first having to decrypt them.

The link for this article located at Technology Review is no longer available.