It's not possible to search for a keyword within a larger encrypted text without decrypting the text. So there have been numerous proposals for indexing methods with various pros and cons.
Suppose we encrypt each word separately? "Beethoven" becomes "mxP370e8" If I want to search for "Beethoven" without letting Google know (put aside, for the moment, the objection that Google _already_ knows everything) I search for "mxP370e8" instead of "Beethoven", and my search returns a link to a word that is surrounded by other encrypted words, perhaps a file. It may be secure enough to let Google know that "mxP370e8" is the third word of a file of 18132 words, and that I searched for it.
Encrypting word-by-word is vulnerable to statistical and traffic analysis, but there are ways to mitigate this, such as by using lots of salt to make all words the same size, changing keys for different files or parts of files (now there is more than one encryption that maps to "Beethoven") and so on.
I think my basic point is that if you want to do what we normally think of as a full-text search, then each searchable word has to be standalone encrypted all by itself, if the third party is going to do the searching.
Many/. posters have described various aspects of this issue. The paper by Graham Steel:
http://blog.wired.com/27bstroke6/files/Steel-tcs06.pdf/
provides a more thorough explanation of how the scheme works. This is a relatively new attack, so I expect we will see efforts to harden this network, but there are obstacles, as Steel describes.
It's not that banks are just careless. For example, there is a business analytics software company with over $2 billion in annual revenue. One of their largest customers is a (big) bank, who retains them to run massive, nonstop analytical scans looking for suspicious transactions. It's a very costly effort.
There is security on many layers, some will inevitably be compromised, and the bad guys are relentless.
Slashdot Mirror
It's not possible to search for a keyword within a larger encrypted text without decrypting the text. So there have been numerous proposals for indexing methods with various pros and cons. Suppose we encrypt each word separately? "Beethoven" becomes "mxP370e8" If I want to search for "Beethoven" without letting Google know (put aside, for the moment, the objection that Google _already_ knows everything) I search for "mxP370e8" instead of "Beethoven", and my search returns a link to a word that is surrounded by other encrypted words, perhaps a file. It may be secure enough to let Google know that "mxP370e8" is the third word of a file of 18132 words, and that I searched for it. Encrypting word-by-word is vulnerable to statistical and traffic analysis, but there are ways to mitigate this, such as by using lots of salt to make all words the same size, changing keys for different files or parts of files (now there is more than one encryption that maps to "Beethoven") and so on. I think my basic point is that if you want to do what we normally think of as a full-text search, then each searchable word has to be standalone encrypted all by itself, if the third party is going to do the searching.
Corrected URL: http://blog.wired.com/27bstroke6/files/Steel-tcs06.pdf
Many /. posters have described various aspects of this issue. The paper by Graham Steel:
http://blog.wired.com/27bstroke6/files/Steel-tcs06.pdf/
provides a more thorough explanation of how the scheme works. This is a relatively new attack, so I expect we will see efforts to harden this network, but there are obstacles, as Steel describes.
It's not that banks are just careless. For example, there is a business analytics software company with over $2 billion in annual revenue. One of their largest customers is a (big) bank, who retains them to run massive, nonstop analytical scans looking for suspicious transactions. It's a very costly effort.
There is security on many layers, some will inevitably be compromised, and the bad guys are relentless.
Due to the financial crisis, I have no cash left to steal.