Secure Signal Processing
advances in the processing of digital contents have made
available a large number of new services regarding the
fruition of these contents. Some examples are the linking of
massive volumes of personal data by service providers such as
search engines, social networks, video galleries, or the
outsourcing of services such as computing on sensitive data to
remote servers. These rapid technological developments have
raised several important concerns regarding the security and
privacy of the data involved in such services, especially in
the case of sensitive information like biometric signals
(fingerprints, iris, faces) and medical data
(electrocardiograms, blood exams, DNA).
The classical way to protect sensitive information from misuse
is to encrypt it as soon as the information is generated and
to store it in an encrypted database. When the information
needs to be processed, however, it is usually necessary to
decrypt it, hence creating a weakness in the security of the
whole system. This is problem with the above mentioned
services, since the data owner may not trust those actors that
are required to manipulate his or her personal data.
Secure signal processing (SSP) is a new discipline aiming
at solving the security problems that stem from the above
situations. The rationale of SSP is to develop efficient
methods that can process sensitive information while the
information is secured in some way.
SSP finds its inspiration in the research of the cryptographic
community regarding the problem of secure computing.
Cryptographers developed several solutions to address the
above problem, however the techniques adopted by SSP up to
date mainly include garbled circuits, which permits to
securely evaluate any binary function, and homomorphic
cryptosystems, which have the property that some elementary
algebraic operations in the plain domain are mapped into
elementary operations in the encrypted domain. The main
advantage with the above techniques is that they can be
combined to implement virtually any signal processing
algorithm in the encrypted domain.
Some examples of the application of SSP to real life problems
can be found in some very recent contributions, including
biometric identification, remote health-care monitoring, and
electronic commerce. For example, in [Erki09], the authors
describe a secure face recognition algorithm, in which the
matching is performed completely in the encrypted domain,
whereas in [Barn09], a system is described for
privacy-preserving remote classification of electrocardiogram
(ECG) signals, in which a server automatically detect possible
diseases by analyzing an encrypted ECG.
As can be understood, SSP is a very active area of research
with promising results. Nevertheless, much remains to be done,
since current solutions limit themselves to very specific
scenarios and are usually very expensive from an
implementation, computation or communication points of view.
Thus, the research in the SSP field is expected to witness
important advances in the years to come.