Microsoft researchers find way to securely exchange data in the cloud

Day one of the Microsoft Research Faculty Summit on July 13, 2016. (Photography by Scott Eklund/Red Box Pictures)
(Photography by Scott Eklund/Red Box Pictures)

Microsoft researchers have find way to securely exchange data in the cloud. New research project from MSR aims to unlock the full value of encrypted data by using the cloud itself to perform secure data trades between multiple willing parties in a way that provides users full control over how much information the exchange reveals. “What we are trying to do is keep the data private and, at the same time, get the value out of it,” says Ran Gilad-Bachrach, a researcher in the Cryptography Research group at Microsoft’s research.

Abstract of this project,

A vast amount of data belonging to companies and individuals is currently stored in the cloud in encrypted form by trustworthy service providers such as Microsoft, Amazon, and Google. Unfortunately, the only way for the cloud to use the data in computations is to first decrypt it, then compute on it, and finally re-encrypt it, resulting in a problematic trade-off between value/utility and security. At a high level, our goal in this paper is to present a general and practical cryptographic solution to this dilemma.

More precisely, we describe a scenario that we call Secure Data Exchange (SDE), where several data owners are storing private encrypted data in a semi-honest non-colluding cloud, and an evaluator (a third party) wishes to engage in a secure function evaluation on the data belonging to some subset of the data owners. We require that none of the parties involved learns anything beyond what they already know and what is revealed by the function, even when the parties (except the cloud) are active malicious. We also recognize the ubiquity of scenarios where the lack of an efficient SDE protocol prevents for example business transactions, research collaborations, or mutually beneficial computations on aggregated private data from taking place, and discuss several such scenarios in detail.

Our main result is an efficient and practical protocol for enabling SDE using Secure MultiParty Computation (MPC) in a novel adaptation of the server-aided setting. We also present the details of an implementation along with performance numbers.

Download the paper here for more info.