Microsoft's 'Secure Multiparty Computation' Targets Cloud Privacy

Microsoft has detailed a new development in its efforts to protect data privacy in the cloud, one focused on the exchange of encrypted data between users.

Using a concept called "secure multiparty computation," Microsoft researchers can enable individuals to share encrypted data through the cloud while giving the owners of that data complete control over specific pieces of information. Users can encrypt and store their data online and share pieces of earmarked information with specific parties. This is done without compromising the security and privacy of the larger dataset, according to Ran Gilad-Bachrach, a member of Microsoft's Cryptography Research team and co-author of a paper published in June.

Microsoft gave an overview of its researchers' breakthrough in a blog post this week, suggesting the technology might be available broadly soon.

The idea behind secure multiparty computation is to allow an individual holder of data to share it with multiple parties in a group, but ensure that no one sees information about other members of that transaction. For example, if a group of employees wanted to determine how their salaries compare without actually telling everyone how much they earn, the group would have to find one trusted person to whom they would disclose each of their information. That trusted person who would then compute everyone's information and share the results with the group.

However, with cloud-based secure multiparty exchange, the employees could create this data without needing to share their salaries with one trusted colleague. That's according to another co-author of the paper, Peter Rindal, a Microsoft intern and Ph.D. candidate at Oregon State University with expertise secure multiparty computation.

An exchange like this could be useful for those who want to share expensive medical research findings at a lower cost, but want to ensure the privacy of certain information. Those who own any kind of data could encrypt hundreds or even thousands of components and issue a key specific to a buyer and their data for them to decrypt, according to the report.

Because keys are stored in the cloud, the Microsoft researchers noted that data security and privacy would be compromised if shared directly.

"Instead, we want to use the keys to decrypt the data inside a multiparty computation," explained Kim Laine, a post-doctoral researcher, a co-author of the paper and also a member of Microsoft's Cryptography Research team. Laine is studying how to compute on encrypted data.

Microsoft said that while secure multiparty computation is a research project now, "the team aims to publicly release the library, or tools, needed to implement the secure data exchange in the near future."

About the Author

Jeffrey Schwartz is editor of Redmond magazine and also covers cloud computing for Virtualization Review's Cloud Report. In addition, he writes the Channeling the Cloud column for Redmond Channel Partner. Follow him on Twitter @JeffreySchwartz.