Secure Signal Processing

Recent advances in the processing of digital contents have made available a large number of new services regarding the fruition of these contents. Some examples are the linking of massive volumes of personal data by service providers such as search engines, social networks, video galleries, or the outsourcing of services such as computing on sensitive data to remote servers. These rapid technological developments have raised several important concerns regarding the security and privacy of the data involved in such services, especially in the case of sensitive information like biometric signals (fingerprints, iris, faces) and medical data (electrocardiograms, blood exams, DNA).

The classical way to protect sensitive information from misuse is to encrypt it as soon as the information is generated and to store it in an encrypted database. When the information needs to be processed, however, it is usually necessary to decrypt it, hence creating a weakness in the security of the whole system. This is problem with the above mentioned services, since the data owner may not trust those actors that are required to manipulate his or her personal data.

Secure signal processing (SSP) is a new discipline aiming at solving the security problems that stem from the above situations. The rationale of SSP is to develop efficient methods that can process sensitive information while the information is secured in some way.

SSP finds its inspiration in the research of the cryptographic community regarding the problem of secure computing. Cryptographers developed several solutions to address the above problem, however the techniques adopted by SSP up to date mainly include garbled circuits, which permits to securely evaluate any binary function, and homomorphic cryptosystems, which have the property that some elementary algebraic operations in the plain domain are mapped into elementary operations in the encrypted domain. The main advantage with the above techniques is that they can be combined to implement virtually any signal processing algorithm in the encrypted domain.

Some examples of the application of SSP to real life problems can be found in some very recent contributions, including biometric identification, remote health-care monitoring, and electronic commerce. For example, in [Erki09], the authors describe a secure face recognition algorithm, in which the matching is performed completely in the encrypted domain, whereas in [Barn09], a system is described for privacy-preserving remote classification of electrocardiogram (ECG) signals, in which a server automatically detect possible diseases by analyzing an encrypted ECG.

As can be understood, SSP is a very active area of research with promising results. Nevertheless, much remains to be done, since current solutions limit themselves to very specific scenarios and are usually very expensive from an implementation, computation or communication points of view. Thus, the research in the SSP field is expected to witness important advances in the years to come.