The Business Value of Trust. The Business Value of Computing on Encrypted Data4 months ago Guest - Bhaskar Medhi
Let’s start with this word ‘Trust.’ Google, who we all ‘trust,’ promptly serves the definition as ‘Firm Belief in the Reliability, Truth, or Ability of Someone or Something.’ Now, I have relied on Google to get me through many things in life, e.g., keeping an eye on the wellbeing of the one-that-got-away. Most of us implicitly trust our parents as folks who have our best interest at heart unconditionally. I will say that about Oscar too, my five-year-old lab. We can remove the word ‘unconditional,’ and the circle of trustworthy individuals in our lives can be expanded to also include better halves, siblings, friends, etc. This type of trust also has another fail-safe characteristic. It is not very scalable — the precise reason why we all trust just a handful of individuals in our lives. We will leave the neuroscience of ‘Trust’ to the wisdom of Yoda and Obi-Wan Kenobi for now.
In the interim, there are Emerging Computing Paradigms that have potential to solve this vital question of ‘Trust’. In the normal, intuitive world, ‘Trust’ is built over decades — a stretch of time in which hundreds of ‘trustworthy’ events have occurred. But this is not always the case in the business context. The business context is somewhat like this — “The board needs these insights by next week. Ship our data to AWS, run the algorithms and put the insights in a presentation. Make sure the company logo is visible and follows the brand guidelines. Don’t forget — the footer needs to say strictly confidential”.
A high moral ground and a loudspeaker make a good combination for keynote addresses but have almost zero impact on the field, where it matters most. What does seem to work instead, in my personal experience, is “empowering.” i.e. Giving the business leaders and decision-makers the right set of tools and technologies. I cannot imagine that the majority of business leader would voluntarily engage in an “untrustworthy” transaction. If they do so, it is probably because the choices available today are grossly inadequate.
Why are choices available today grossly inadequate?
Let’s start with the simple. The Client side (in a client-server architecture) can get Storage & Computation services from the Server side (e.g., AWS). However, when this happens, the server side gets to know what is being stored and what is being computed. (No, Jane Doe is not sitting on the server side trying to manually look at what is being stored or what is being computed. But there are massive algorithms running on the server side which do that). Of course some knowledge of the data is mandatory for storage and compute resources to be provisioned in real time. However, what is mandatory and necessary can be very deliberately expanded to plain simple profiling, snooping, cutting corners, etc. You, as the customer will never know when that line is crossed. This phenomenon of ‘having to trust what you cannot see or enforce’ has historically been solved by ‘Terms and Conditions.’ We all sign them. None of us read them (ok, you do). We all simply ‘Trust’ them.
Now, before I get you security admin guys all mad at me because you diligently use encryption, let me address the data paradox in that aspect as well. If you are using legacy encryption like AES, you would be aware that for any computations to be performed, the encrypted data must be Decrypted first. And Decryption = Plain text = Vulnerability. Not to mention the sheer inefficiency of this endless cycle of Encrypt-Decrypt-Encrypt.
In contrast, can we develop a system where we can get storage and computations without the service provider knowing what is being stored or what is being computed? Something like the electricity company who gives you electricity without knowing if you are running your blender or your microwave?
Enter “The Always Encrypted Computing Paradigm”:
All Data in the world has three states — Data-At-Rest, Data-In-Motion, and Data-In-use. Much like the very familiar three states of water — solid, liquid and gas. Almost all of the encryption in existence today protects Data-At-Rest and Data-In-Motion. With an oversimplifying assumption that data spends equal amounts of time in all the three stages in its lifecycle, this would translate to Data being unsafe and vulnerable one-third of the time, every time. That would be true if Data-At-Rest Encryption, for example, was universally applied to all data, like each one of us gets a name after birth. However, that is not the case. Data-At-Rest Encryption itself has very poor adoption because it involves an endless and inefficient cycle of Encrypt-Decrypt-Encrypt. Conspiracy theorists would have you believe that the massive, monopolistic storage and compute resources providers (simply put Cloud Service Providers) do not want Data-At-Rest Encryption widely adopted because it can risk their advertisement business models which depend on unauthorised profiling of customer data.
In The Always Encrypted Computing Paradigm, data is protected throughout its lifecycle — Data-At-Rest, Data-In-Motion and even Data-In-Use. The ability to compute on data while it is In-Use is made possible by advances in cryptographic techniques like Homomorphic Encryption. A breakthrough technique, because now you can perform computations directly on encrypted data without having to decrypt it first. It can make Data-At-Rest Encryption more acceptable by getting rid of the inefficient cycle of Encrypt-Decrypt-Encrypt. I have written about Homomorphic Encryption here.
More importantly, cryptographic techniques like Homomorphic Encryption can give us a more meaningful way to think about ‘Trust’ when we outsource and delegate storage and computing to cloud service providers. We can now have SLAs with Provable Privacy Guarantees and Enforceable Trust.
You can store and compute all your data on any cloud, the most sensitive kind and rest assured the cloud provider can never profile your information or invade your privacy while you enjoy all the benefits the cloud provides. It is like someone can give you vital insights about your data which can help you make informed decisions, but you do not have to expose your data. Grandpa would call that — Having your cake and eating it too.
Now, this approach to ‘Trust’” is scalable. It is Enforceable because it provides Provable Privacy Guarantees.
In summary, Data Security & Privacy are vital for enterprises. Now more than ever before. Keep-The-Bad-Guys-Out approaches like Perimeter Security are breached every day. Strict Regulations will have a positive impact, but the technology available is antiquated. The data-centric approach is a must. However existing encryption technology destroys data usability.
Ergo, the solution will have to include adoption friendly, scalable & secure cryptographic technologies that retain high data usability.
Bhaskar Medhi is the co-founder and CEO of Ziroh Labs. Prior to Ziroh Labs, Bhaskar held several positions in high growth, software products, and services companies. He is an alum of the Indian Business School, Hyderabad and an engineer from National Institute of Technology, Bhopal