Cloud breakthrough? Microsoft plots way to enable secure data exchange in the cloud for users
Microsoft researchers are touting a potential security breakthrough that will give users the ability to fully control the exchange of data, securely in the cloud.
It comes after the researchers said that too often nowadays users are faced with a trade-off between data usability and security.
Essentially, Microsoft is touting a way for encrypted data to be processed via the cloud without prior decryption. The user will also have “full control” over how much information is passed along to the other party.
It’s based on secure multiparty computation, where every entity involved gets a result without having to expose their actual encrypted data to the other parties.
“New research from Microsoft aims to unlock the full value of encrypted data by using the cloud itself to perform secure data trades between multiple willing parties in a way that provides users full control over how much information the exchange reveals,” Redmond blogged.
“What we are trying to do is keep the data private and, at the same time, get the value out of it,” said Ran Gilad-Bachrach, a researcher in the Cryptography Research group within Microsoft’s research organisation.
According to Microsoft, ‘multiparty computation’ is where “two or more parties agree to evaluate their data in a way that one or more of the parties gets a result, but none of the parties learns anything about the others’ data, except for what can be inferred from the result.”
It likened ‘multiparty computation’ to a group of employees who want to know where their individual salary is ranked in relation to the group as a whole. But at the same time no one wants their salary details to be revealed to the group. It sounds like an impossible problem to solve, but Microsoft thinks it has cracked it.
Using the above example, each employee would tell their salary (in confidence) to a trusted colleague. This colleague then calculates the average salary and shares the result with the group.
That results in the employees being able to see where their salary in ranked with their co workers, but they don’t learn how much their fellow employees are actually paid. And the trusted colleague then conveniently forgets everything.
“This secure data exchange emulates that, but without the need for the trusted colleague,” said paper co-author Peter Rindal, who is a PhD candidate doing his second internship at Microsoft. He also happens to be an expert on secure multiparty computation.
How It Works
So how does it actually work? Well the data owner encrypts his or her data and sends it to the cloud for storage. In a traditional setup, if someone wanted that data they would have to have the decrypt keys for the data sent to them by the data owner.
But since those keys can decrypt the data stored in the cloud, the cloud can’t directly share the stored data with the buyer, otherwise security and privacy would be compromised.
“Instead, we want to use the keys to decrypt the data inside a multiparty computation,” said paper co-author Kim Laine. Doing so unencrypts the data for a computation “without actually revealing anything to anyone except the result” of the computation.
Microsoft says that all of the computation is performed in the cloud, and the computation itself is encrypted in such a way that not even the cloud knows what is being computed, which protects any of the buyer’s data used in the computation such as a proprietary algorithm. If everything goes as expected, the cloud reveals the decrypted results to the interested parties.
It is worth noting that the cloud is an increasingly important revenue stream for Microsoft.
Last month Redmond revealed that revenue from Microsoft Azure had grown more than 100 percent year over year, as usage of the platform doubled.