Internet September 30, 2009, 8:19PM EST

IBM's Encryption Breakthrough for the Web

Described as "boxes within boxes," a data encryption system created by an IBM intern may change how we save and share information

Story Tools

In the dog days of summer 2008, an intern at IBM Research was sitting in a Manhattan café turning a problem over in his head. Craig Gentry was thinking about cryptography, the science of codes and data protection, tussling with a question that had confounded the world's greatest mathematicians for three decades. Is it possible to run calculations on encrypted data without actually decrypting it?

Then Gentry had an idea. He thought of boxes enclosed within other boxes. That idea led to a breakthrough, a solution, at least in theory, to the elusive question so many had pondered before. Gentry, a Stanford University PhD candidate, was hardly an iconic math prodigy; he was nearly 35 years old at the time. His is a story of exploration and discovery not only in mathematics, but also in his career.

Just last year Gentry got a three-month internship at IBM's (IBM) Thomas J. Watson Research Center in Yorktown, N.Y. His breakthrough in encryption could allow people to share their data and keep it secret at the same time. If it works, this so-called fully homomorphic encryption would enable consumers to carry out many of their online activities, from e-commerce to banking, without disclosing the numbers or details of the private information involved. Gentry describes it as submitting to surgery without even having to take off your clothes—or identifying yourself to the doctor. This type of protection, again if it works, could bring a crucial layer of safety and privacy to the online world, encouraging people to entrust more of their lives, from banking to health care, to the networks.

Years from the Marketplace

Don't expect such changes overnight. Gentry's breakthrough, unveiled by IBM in June, is still years from the marketplace. It involves lots of cloaking and uncloaking of data, which eats up far too much computing power for now. Still, IBM officials are describing the nascent technology in expansive terms. J.R. Rao, who leads the Secure Software & Services Group at IBM, says that this new encryption could enable vast new areas of commerce and medicine to migrate safely to cloud computers. With the development of mobile devices, that would put all of our data, including the most sensitive, at our fingertips at every moment. He compares Gentry's invention to the Wright brothers' first flight in Kitty Hawk, N.C.—a demonstration of the possibility of something big, though not yet commercially viable. "It has a huge number of applications," he says.

Gentry, who has since been hired by IBM (while still putting the finishing touches on his PhD thesis), took a circuitous route to the summit of research in applied mathematics. A math major in college, he went on to law school at Harvard University. Ten years ago he was working at a New York law firm and specializing in intellectual property.

He didn't like the work and began itching to return to math. One day, after about a year and a half as a lawyer, he reworked his résumé to emphasize his math skills and posted it. This was at the height of the dot-com boom, and the market for math was booming. Gentry landed a job at the Silicon Valley labs of NTT DoCoMo (DCM), the Japanese giant in mobile telephony.