DNA synthesis orders are automatically broken into fragments and directly compared to a database of pieces chosen at random from critical regions of bioweapons. Any ‘adversaries’ attempting to evade screening cannot know which fragments are protected, forcing them to include mutations across the entire sequence of the bioweapon.
Even mutated fragments can be reliably detected by using the best available computational tools to generate a ranked-order list of all variations predicted to remain functional. A random number of these predicted fragments are included in the database, but only after removing any that match legitimate sequences in the GenBank repository, thereby avoiding false alarms. Including variants at random ensures that adversaries cannot know how many mutations are needed to evade detection, forcing them to guess high.
This "Random Adversarial Threshold" search makes synthesizing protected bioweapons fiendishly difficult. To have even a chance of obtaining all of the necessary DNA fragments, adversaries are forced to include many mutations that are likely to inactivate their desired bioweapon throughout its entire genome, making it effectively impossible to assemble a functional version of a protected bioweapon from screened DNA.
Since the database does not contain matches to unrelated sequences in GenBank that would create false alarms, screening is accurate enough to be fully automated, greatly reducing costs.
Finally, the system can be securely implemented by a distributed network of servers to protect the privacy of both the orders and the database contents. Even hacking multiple servers would uncover nothing. The fully secure version, which is vital to protect against future bioweapons, could be implemented directly or in a stepwise manner depending on the needs of stakeholders.
Securing DNA synthesis should not impede legitimate scientific or commercial research. Because no fragments in the database will match any harmless sequences in the GenBank repository, only random chance could cause an innocent order to be incorrectly identified as hazardous and blocked. We can calculate this probability using the anticipated database size and amount of DNA likely to be synthesized in a given year. Based on projections, we expect to see approximately one such false alarm in the year 2030.
Companies or laboratories authorized to work with a blocked agent or sequence can be issued certificates by institutions or governments, which would be sent with orders to major DNA synthesis providers possessing secured machines. Any order fragments that match those listed on the certificate would be automatically approved, enabling legitimate researchers to receive shipments without delay. The whitelist mechanism would also prevent abuse of the screening system for individual or commercial gain.
Screening should never disclose the identities of DNA synthesis orders or potential bioweapons. Current screening practices cannot accomplish either: even if an order is securely transmitted to the synthesis provider, it must be accessible to human experts if flagged as a threat.
Cooperative networks of servers can perform distributed computations without any single machine having access to the relevant data. A secure distributed one-way transformation can render fragments from orders and bioweapons uninterpretable, yet still allow them to be compared to determine whether the originals were identical. The database could be made resistant to future quantum computer attacks by arranging for each server to apply an additional quantum-resistant transformation with a unique key and then combining the results.
Our team strongly recommends open-sourcing the code and offering numerous prizes for identified exploits before entrusting the system with sensitive data.
Guarding Against Future Advances
Should a minimum number of authorized experts concur on the existence of a novel threat, they can add fragments to the database by encoding the update on paper for secure physical transport to each server network. As the history of espionage suggests that as few individuals as possible should be aware of novel weapons, the system could in principle be implemented to permit updates by a handful of concurring authorized experts or even a single expert who need not tell anyone else of the specific threat. This method could guard against future bioweapons that could not be contained once unleashed.
Crucially, the existence of a well-known screening network will provide a way for well-meaning researchers who identify a potential new bioweapon to protect the world without disclosure, avoiding the risk of making the weapon credible and incentivizing well-resourced rogue actors to build the agent in order to threaten the international community.
Paths to Secure Screening
From a security perspective, it would be best if the comprehensive system outlined in this document were adopted in its entirety. Given the potential for current and future advances to weaponize agents currently deemed innocuous, the need for secure screening is dire. However, there may not be an immediate path towards a completely secure implementation.
The Secure DNA team hopes to work closely with current stakeholders to find a viable path towards complete adoption. For example, a stepwise approach might first involve current DNA providers adopting Random Adversarial Threshold search to screen against already-known bioweapons, without the additional cryptographic protection against industrial espionage conferred by the secure version. This would provide time to develop and test a secure implementation, which could then be implemented to improve privacy and security.