Published on February 17th, 2014 | by Michael Ricciardi
New Encryption Technique Promises To Keep Your Genetic Data Secure – For Now
Our genetic codes — the string of nucleotide “letters” that comprise our genomes — contain information about which diseases we may be susceptible to, or, what health conditions we have a predisposition for. However, this information is not absolute; having a gene or series of gene mutations that are biomarkers for a given disease, or spectrum of diseases, does not mean that our fate is sealed. Genetic information only provides an indication of probabilities — though what those probabilities are depends upon many other factors, many of which — like diet and exercise — are not in our genes at all.
And yet, medical research programs as well as medical insurance providers value this information and often use it to make treatment or research study participation decisions and insurance risk (and thus pricing) decisions, respectively. These are just two obvious uses of genetic data; there are other possible uses, no doubt, that we have yet to foresee. For these reasons, issues of genetic privacy have emerged in recent years. This concern over protecting one’s genetic data will only increase as the cost of sequencing a genome drops more and more to the point where large numbers of people will have their genomes sequenced.
Further, recent reports of supposedly anonymous genetic data being correctly tied to its owner through more or less simple social media researching h as only intensified the concern. Yesterday at the annual Science/AAAS meeting in Chicago, computational biologist Yaniv Erlich of the Whitehead Institution for Biomedical Research (Cambridge, Massachusetts) announced to those attending the symposium that he successfully matched anonymous genetic data to the exact person it came from in 12 percent of (anonymous) male genome donors.
So then, how does one protect one’s genomic data such that we control who sees it, and how much of it? This question has been asked for several years now, but until recently, there were no promising answers.
But now there is a promising solution to this issue in the form of a fairly new encryption technique called homomorphic encryption.
The technique was presented at a symposium here at the annual Science meeting by cryptologist Kristin Lauter, research manager for the cryptography group at Microsoft Research in Redmond, Washington. The technique is a type of lattice-based cryptography scheme that allows users of the date to perform mathematical manipulations on it (like addition and multiplication) while still keep the data itself encrypted. This scheme was first developed by IBM in 2009.
During genome sequencing (the “DNA test”), genetic information is translated via a complex algorithm. This algorithm can be faithfully approximated using these mathematical operations. The lattice cryptology allowed homomorphic encryption which in turn allow computers to analyze the encrypted data (i.e., perform these mathematical operations) and produce encrypted results without ever actually decoding that genomic information. Thus the encryption technique allow researchers to analyze genetic data for genomic studies and research while simultaneously preserving patient privacy through protecting his/her genetic information.
Lauter compared the technique to “locking a gold brick in a safe with a pair of gloves attached to openings in the side. A jeweler could still use the gold to make jewelry without ever having full access to the gold brick.” [source: see link below]
One drawback with this method is that more computational power and time is needed to encrypt the data compared to conventional encryption methods. but the research team is busy refining the technique to achieve “practical homomorphic encryption” which trades off computational flexibility for faster more efficient performance. The team was able to calculate a patient’s risk of a heart attack — based upon personal health data — in a fraction of a second.
The refinement is faster than “pure” homomorphic encryption, but according to the researchers, it’s still a billion times slower than it would be due to the need to protect patient privacy (i.e., the patient’s identity and complete genomic sequence).
Wide-scale adoption of the technique with have to await standardization by the National Institute of Standards and Technology — a process that could take up to ten years.
While the technique will surely help keep a person’s genetic date more secure, genetic privacy critics point out that complete security is impossible. Combining the technique with other encryption and security methods could help improve DNA data security.
Regarding this, Lauter stated:
“Homomorphic encryption is a huge tool in our toolbox that we need to consider in policy discussions. We can’t solve all the problems using this method, but in combination with other, faster techniques it could provide a solution.”
But even this would not be full-proof, for long — especially as the cost of sequencing DNA continues to drop and consumer “bench top” gene sequencers become commonly available. One could acquire a copy of someone’s genetic code simply by shaking hands with them and then swabbing one’s hands and sequencing the sample secretly and cheaply (a form of genetic espionage).
Some source material (including quotes and top image) for this post came from the Science Magazine news brief : How to Hide Your Genome published February 16, 2014 for the anual Science Meeting in Chicago
Top image: Genetic Gold. Each spot in a DNA microarray such as this one contains large amounts sensitive genetic information [image credit: Guillaume Paumier/Wikimedia via the Science news release]