Vulnerabilities / Threats

7/14/2016
10:58 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Sandia Labs Researchers Build DNA-Based Encrypted Storage

Researchers at Sandia National Laboratories in New Mexico are experimenting with encrypted DNA storage for archival applications.

Husband and wife team George and Marlene Bachand are biological engineers with a remarkable vision of the future.

The researchers at the Sandia National Laboratories Center for Integrated Nanotechnologies foresee a time when a speck of DNA on a piece of paper the size of a millimeter could securely store the entire anthology of Shakespeare’s works.

George Bachand says the first practical applications for DNA-based storage are for long-term archival purposes. Potentially, such a product could securely store records for the National Archives, government personnel records, research findings at the national labs, or other sensitive classified information.

“Historically, the national laboratories and the US government have a lot of highly secure information that they need to store long-term,” Bachand explains. “I see this as a potentially robust way of storing classified information in the future to preserve it for multiple generations.” 

Crypto, Synthetic DNA, and The Bard

The Bachands' project, Synthetic DNA for Highly Secure Information Storage and Transmission, was inspired when researchers at the European Bioinformatics Institute recorded all of Shakespeare’s sonnets into 2.5 million base pairs of DNA – about half the genome of the tiny E. coli bacterium. Bachand says using this method, the researchers could theoretically store 2.2 petabytes of information in one gram of DNA. That’s 200 times the printed material at the Library of Congress.

Bachand adds that unlike digital forms of storage, DNA never becomes obsolete.

“Hard drives fail and very often the data can’t be recovered,” explains Bachand. “With DNA, it’s possible to recover strands that are 10,000 to 20,000 years old.”

There’s another reason why DNA is more secure. DNA consists of four chemically different building blocks, or bases, commonly referred to by their one-letter abbreviations: A, C, G, and T. All life on Earth stores genetic information in DNA, which is read in groups of three making 64 possible triplet codons, or sequences (think 4 to the 3rd power).

So given that spaces make up on average 15- to 20% of the characters in a text document, instead of using AAA for a “space” in the text, an encryption key could specify that TAG, TAA and TGA is the code for a space while GAA and CTC could be code for the “Letter E.”  By reducing the amount of repetition--in other words, reducing the AAA’s--it makes DNA synthesizing run more smoothly. As an added bonus, reducing the repetition also makes brute-force hacking much more difficult.

The team’s first test came about 18 months ago with a 180-word tweet. The goal was to turn text to DNA, encrypt it using a unique translation key, and then turn the DNA back to text.

How-To

Here’s how it’s done: Using a computer algorithm, the team encrypts a message into a sequence of DNA. They then chemically synthesize the DNA. The DNA is read via DNA sequencing and translated and decoded using the same computer algorithm.

Upon succeeding with the tweet, last fall the team encoded an abridged version of a letter written by former President Harry Truman into DNA. They then spotted the DNA onto a Sandia Labs letterhead and mailed it, along with a conventional letter, around the country. After the letter’s cross-country trip, the Bachands extracted the DNA out of the paper, sequenced the DNA and decoded the message in about 24 hours at a cost of $45.

Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada July 30 through Aug. 4, 2016. Click for information on the conference schedule and to register.

Therein lies the rub. While storage costs are cheap and there are many new biotech companies doing DNA sequencing, it can take four to six weeks to make a DNA sequence. Bachand says synthesizing just 3,000 characters can cost up to $5,000.

But its potential is dramatic:  Instead of needing a 15,000 square-foot building to store 35,000 boxes of inactive records and archival documents, Sandia National Laboratories can potentially store information on much less paper, in powder form, in test tubes or petri dishes, or even as a bacterial cell.

“It sounds funny, but even if someone sneezes and the powder is lost, it’s possible to recover all the information by just recovering one DNA molecule,” Bachand explains.

Related Content:

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ChristopherJames
50%
50%
ChristopherJames,
User Rank: Strategist
6/29/2018 | 3:16:11 AM
Re: Hi
It is amazing what technology has evolved into today in this 21st century we are living in currently. Data storage is an asset not only to individuals but especially to businesses as well. Technology has risen to a level that will enable people to own data storage that is basically unlimited using their very own DNA. That is most certainly a breakthrough in this sector but what consumers need to know is how much it will eventually cost.
Row3n
50%
50%
Row3n,
User Rank: Strategist
1/6/2017 | 2:15:33 AM
Hi
This sounds like some seriously futuristic stuff. The stuff that movies are made up of when you have a cyborg who is just pure information and value to a company or something. When the finance companies and businesses of the world start getting into this sort of thing, I'd start getting scared, wouldn't you?
Devastating Cyberattack on Email Provider Destroys 18 Years of Data
Jai Vijayan, Freelance writer,  2/12/2019
Up to 100,000 Reported Affected in Landmark White Data Breach
Kelly Sheridan, Staff Editor, Dark Reading,  2/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8360
PUBLISHED: 2019-02-16
Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data_2.php cate parameter.
CVE-2019-8361
PUBLISHED: 2019-02-16
PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. This might, for example, be leveraged for HTML injection or URL redirection.
CVE-2019-8362
PUBLISHED: 2019-02-16
DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg, .png, o...
CVE-2019-8363
PUBLISHED: 2019-02-16
Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value.
CVE-2019-8358
PUBLISHED: 2019-02-16
In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled.