Google has released an open source cryptographic tool called Private Join and Compute that allows for different datasets to calculate a result, while not revealing sensitive or private information about certain parts of the equation, according to a report by Wired.
The report used the example of the relationship between school lunch and student health. In order to figure out how the two variables affect each other, the equation would need healthcare data, which is private, to be crossed with school data. Google’s service would let all of the parties compare info without the exposing of any private data.
“The net result is that we can perform this computation without exposing any individual data and only getting the aggregate result,” said Amanda Walker, director of privacy tools and infrastructure engineering at the tech giant. “The naïve way to do this would be to take two sensitive data sets, dump them into a single database and do the join and the sum, but then you’ve got everything together and at risk of a data breach.”
Google used a process from the ‘70s called “commutative encryption” which let data in the set be encrypted with many keys, and it didn’t matter what order they were used in. This helped with either adding or removing layers of encryption without affecting the computations.
It also uses a technique developed in the ‘90s called homomorphic encryption, which allows for two encrypted datasets to be used and determine what they have in common without revealing the sensitive data.
“We said, 'OK, the early systems were very limited and only did a few operations,” Walker said. “Are those operations we can use? And the answer turned out to be yes.”
Google has been passing out a technical paper about the tool to academics and cryptographers, and hopes that since it is open source, that it can be vetted by experts in the field.
Tal Malkin, a cryptographer at Columbia University, said the tool is an important one.
“Secure computation has been a thriving area of research in cryptography since the 1980s, but until recently was considered to be too theoretical for practice,” Malkin said. “I think this project is an exciting step towards opening this important privacy technology for general use.”