Keeping Data Secret, Even From Apps That Use It September 9, 2013
News

Nerval’s Lobster writes “Datacenters wanting to emulate Google by encrypting their data beyond the ability of the NSA to crack it may get some help from a new encryption technique that allows data to be stored, transported and even used by applications without giving away any secrets. In a paper to be presented at a major European security conference this week, researchers from Denmark and the U.K. collaborated on a practical way to implement a long-discussed encryption concept called Multi-Party Computation (MPC). The idea behind MPC is to allow two parties who have to collaborate on an analysis or computation to do so without revealing their own data to the other party. Though the concept was introduced in 1982, ways to accomplish it with more than two parties, or with standardized protocols and procedures, has not become practical in commercial environments. The Danish/British team revamped an MPC protocol nicknamed SPDZ (pronounced ‘speeds’), which uses secret, securely generated keys to distribute a second set of keys that can be used for MPC encryptions. The big breakthrough, according to Smart, was to streamline SPDZ by reducing the number of times global MAC keys had to be calculated in order to create pairs of public and private keys for other uses. By cutting down on repetitive tasks, the whole process becomes much faster; because the new technique keeps global MAC keys secret, it should also make the faster process more secure.”… Nerval’s Lobster writes “Datacenters wanting to emulate Google by encrypting their data beyond the ability of the NSA to crack it may get some help from a new encryption technique that allows data to be stored, transported and even used by applications without giving away any secrets. In a paper to be presented at a major European security conference this week, researchers from Denmark and the U.K. collaborated on a practical way to implement a long-discussed encryption concept called Multi-Party Computation (MPC). The idea behind MPC is to allow two parties who have to collaborate on an analysis or computation to do so without revealing their own data to the other party. Though the concept was introduced in 1982, ways to accomplish it with more than two parties, or with standardized protocols and procedures, has not become practical in commercial environments. The Danish/British team revamped an MPC protocol nicknamed SPDZ (pronounced ‘speeds’), which uses secret, securely generated keys to distribute a second set of keys that can be used for MPC encryptions. The big breakthrough, according to Smart, was to streamline SPDZ by reducing the number of times global MAC keys had to be calculated in order to create pairs of public and private keys for other uses. By cutting down on repetitive tasks, the whole process becomes much faster; because the new technique keeps global MAC keys secret, it should also make the faster process more secure.”

Read more of this story at Slashdot.






Read more http://rss.slashdot.org/~r/Slashdot/slashdot/~3/xYV9IJvP0OQ/story01.htm