DNA encryption arrives to protect your genome from prying eyes

When we talk about “security” it’s probably fair to say that not many people think about DNA, even though our ability to manipulate it to store data both in the cloud, and as a future storage medium to support quantum computers, and even hack computers, using gene editing technologies like CRISPR is increasingly in the news.

For those researchers who are always looking to the future it’s not just becoming increasingly clear that DNA will be at the center of the next personalised healthcare and synthetic biology revolution, it’s also becoming clear that it could be front and center in the next security revolution too, especially as we share and store more of our DNA data online, for example, with dating and heritage sites, as well as healthcare and insurance companies who are increasingly using it as a way to identify markers and triggers they can then use to create more tailored services and policies.

In response to this growing trend, a team at Stanford University has developed a technique that can encrypt, or their terms “cloak,” human genomic information, and the teams first use case for the new technology centers around being able to encrypt specific portions of a persons genome so that only specific parts of it, the parts you want, can be sequenced.

“Often people who have diseases, or those who know that a particular genetic disease runs in their family, are the most reluctant to share their genomic information [with companies] because they know it could potentially be used against them in some way,” says Gill Bejerano, Associate Professor of Developmental Biology, of Paediatrics and  Computer Science, “and they are missing out on helping themselves and others by allowing researchers and clinicians to learn from their DNA sequences.”

To address such concerns, the Stanford team developed a technique based on a classic cryptographic protocol, known as garbled circuit or Yao’s protocol.

Once an individual has sequenced their own genome, or, as is much more likely had it sequenced on their behalf, they can encrypt it using an algorithm on their smartphone or computer, which translates specific gene variants into a linear set of values that are securely uploaded into the cloud. On the other end of the transaction, researchers can only access the data that is pertinent to their investigation.

“In this way, no person or computer, other than the individuals themselves, has access to the complete set of genetic information,” says Bejerano.

The team demonstrated the process by executing several practical demonstrations, including identifying specific gene mutations in patients with rare diseases and comparing a baby’s DNA with his parents to target the likely cause of a genetic disease. In all tested instances, at least 97 percent of each subject’s unique DNA information was completely hidden from the researchers.

As well as protecting a person’s privacy when having their DNA processed for medical reasons, this technique could theoretically be applied to more commercial contexts, such as ancestry genome studies or even the rising field of nutrigenomics.

“There is a general conception that we can only find meaningful differences by surveying the entire genome,” says Bejerano, “but these meaningful differences make up only a very tiny proportion of our DNA. There are now amazing tools in computer science and cryptography that allow researchers to pinpoint only these differences while keeping the remainder of the genome completely private.”

The team’s research was published in the journal Science.