Private Join and Compute is a new free/open Google tool that implements the longstanding cryptographic concept of "commutative encryption," which allows untrusted parties to merge their datasets without revealing their contents to one another, do mathematical work on the data, and learn the outcome of that work without either of them seeing the underlying data.
Wired's Lily Hay Newman explains how this could work with a hypothetical analysis of the effect of school lunches on health outcomes: the school has a dataset of which student ate which lunch; the health-care provider has a database of the students' health outcomes: using Private Join and Compute, the two datasets can be compared, with calculations such as "sum, count, or average" performed by each party on the other's data, without ever seeing the underlying data in the clear. When that's done, they can both see the results of the computation in the clear.
Commutative encryption is a technique that allows data to be encrypted using multiple keys, and decrypted without regard to the order in which the encryption steps were undertaken. Clever use of this technique allows for work to be done among multiple parties' data without ever granting access to the data itself — sometimes called "homomorphic encryption," which is something of a holy grail for security applications.
Though Private Join and Compute makes private calculations possible that were never practical before, it's still computationally intensive, and might not be feasible for use in all situations. And CDT's Hall also points out that it's always possible for the tool to be used to find the answers to questions that society shouldn't know, or that are invasive in some way. "As the cryptographer Phil Rogaway puts it, privacy-preserving surveillance is still surveillance," he says.But the cryptographic advances will also potentially enable a lot of public good. "There was literally nothing you could do to privately answer these questions before," Hall adds. "It's amazing, there are so many ways we could use this."
Google Turns to Retro Cryptography to Keep Data Sets Private [Lily Hay Newman/Wired]