Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

7/14/2016
10:58 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Sandia Labs Researchers Build DNA-Based Encrypted Storage

Researchers at Sandia National Laboratories in New Mexico are experimenting with encrypted DNA storage for archival applications.

Husband and wife team George and Marlene Bachand are biological engineers with a remarkable vision of the future.

The researchers at the Sandia National Laboratories Center for Integrated Nanotechnologies foresee a time when a speck of DNA on a piece of paper the size of a millimeter could securely store the entire anthology of Shakespeare’s works.

George Bachand says the first practical applications for DNA-based storage are for long-term archival purposes. Potentially, such a product could securely store records for the National Archives, government personnel records, research findings at the national labs, or other sensitive classified information.

“Historically, the national laboratories and the US government have a lot of highly secure information that they need to store long-term,” Bachand explains. “I see this as a potentially robust way of storing classified information in the future to preserve it for multiple generations.” 

Crypto, Synthetic DNA, and The Bard

The Bachands' project, Synthetic DNA for Highly Secure Information Storage and Transmission, was inspired when researchers at the European Bioinformatics Institute recorded all of Shakespeare’s sonnets into 2.5 million base pairs of DNA – about half the genome of the tiny E. coli bacterium. Bachand says using this method, the researchers could theoretically store 2.2 petabytes of information in one gram of DNA. That’s 200 times the printed material at the Library of Congress.

Bachand adds that unlike digital forms of storage, DNA never becomes obsolete.

“Hard drives fail and very often the data can’t be recovered,” explains Bachand. “With DNA, it’s possible to recover strands that are 10,000 to 20,000 years old.”

There’s another reason why DNA is more secure. DNA consists of four chemically different building blocks, or bases, commonly referred to by their one-letter abbreviations: A, C, G, and T. All life on Earth stores genetic information in DNA, which is read in groups of three making 64 possible triplet codons, or sequences (think 4 to the 3rd power).

So given that spaces make up on average 15- to 20% of the characters in a text document, instead of using AAA for a “space” in the text, an encryption key could specify that TAG, TAA and TGA is the code for a space while GAA and CTC could be code for the “Letter E.”  By reducing the amount of repetition--in other words, reducing the AAA’s--it makes DNA synthesizing run more smoothly. As an added bonus, reducing the repetition also makes brute-force hacking much more difficult.

The team’s first test came about 18 months ago with a 180-word tweet. The goal was to turn text to DNA, encrypt it using a unique translation key, and then turn the DNA back to text.

How-To

Here’s how it’s done: Using a computer algorithm, the team encrypts a message into a sequence of DNA. They then chemically synthesize the DNA. The DNA is read via DNA sequencing and translated and decoded using the same computer algorithm.

Upon succeeding with the tweet, last fall the team encoded an abridged version of a letter written by former President Harry Truman into DNA. They then spotted the DNA onto a Sandia Labs letterhead and mailed it, along with a conventional letter, around the country. After the letter’s cross-country trip, the Bachands extracted the DNA out of the paper, sequenced the DNA and decoded the message in about 24 hours at a cost of $45.

Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada July 30 through Aug. 4, 2016. Click for information on the conference schedule and to register.

Therein lies the rub. While storage costs are cheap and there are many new biotech companies doing DNA sequencing, it can take four to six weeks to make a DNA sequence. Bachand says synthesizing just 3,000 characters can cost up to $5,000.

But its potential is dramatic:  Instead of needing a 15,000 square-foot building to store 35,000 boxes of inactive records and archival documents, Sandia National Laboratories can potentially store information on much less paper, in powder form, in test tubes or petri dishes, or even as a bacterial cell.

“It sounds funny, but even if someone sneezes and the powder is lost, it’s possible to recover all the information by just recovering one DNA molecule,” Bachand explains.

Related Content:

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ChristopherJames
50%
50%
ChristopherJames,
User Rank: Strategist
6/29/2018 | 3:16:11 AM
Re: Hi
It is amazing what technology has evolved into today in this 21st century we are living in currently. Data storage is an asset not only to individuals but especially to businesses as well. Technology has risen to a level that will enable people to own data storage that is basically unlimited using their very own DNA. That is most certainly a breakthrough in this sector but what consumers need to know is how much it will eventually cost.
Row3n
50%
50%
Row3n,
User Rank: Strategist
1/6/2017 | 2:15:33 AM
Hi
This sounds like some seriously futuristic stuff. The stuff that movies are made up of when you have a cyborg who is just pure information and value to a company or something. When the finance companies and businesses of the world start getting into this sort of thing, I'd start getting scared, wouldn't you?
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/13/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14300
PUBLISHED: 2020-07-13
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in th...
CVE-2020-14298
PUBLISHED: 2020-07-13
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
CVE-2020-15050
PUBLISHED: 2020-07-13
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
CVE-2020-10987
PUBLISHED: 2020-07-13
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10988
PUBLISHED: 2020-07-13
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.