The magic of secure computation

Episode 1: The basics of decentralized data analytics

In this first video of the series, our CTO Niek explains the basics of our data analytics solution. Our technology is based on MPC, a very powerful technology that allows you to run your logic across multiple data sources. Watertight, always encrypted.

MPC in brief

We introduce secure multi-party computation (MPC), a paradigm that enables multiple parties to perform computations on their joint data set, such that each party learns nothing beyond the output of these computations. 

Simplified GDPR Compliance

The European Commission and the United Nations sponsored three studies that explain that a technique called Secure Multi-Party Computation (MPC) is a “state of the art privacy preserving tool”. 

Multi-party computation explained

How does MPC work?

MPC is a cryptographic technique that enables multiple parties to perform computations on data, in such a way that no party learns anything beyond its own input and output of these computations. In other words, the data input by one party remains hidden to the other parties. This is explained in the video below.

The way MPC works: The data is encrypted by means of randomly splitting the data into so-called “secret-shares”, which have the property that single shares reveal absolutely no information about the data. These secret-shares are distributed among multiple servers. The principle of secret sharing is explained in the video below.

Each server is controlled by a different trustee. The servers are set up to perform the necessary computation jointly. There can be two or multiple trustees, and privacy is ensured when a subset of the trustees acts honestly (i.e., that those trustees do not collude).

Each server consists of an MPC engine that follows the necessary cryptographic steps, together with the other servers, to perform almost any given arithmetic recipe on the secret shares correctly, e.g. multiplication, division, comparison, etc. With these recipes we can build nearly any computer program. Academic progress since the late 1970s has given us many strong cryptographic primitives to run very complex programs in this encrypted way. (See also this Wiki article.)

The beauty is that this technique can also be used by a single organization: After data collection, the data can be stored in secret-shared form, and several internal servers perform the secure computation. In this model, even inside a single organization, the data ‘at-rest’ and ‘in-use’ is fully protected against prying eyes.

If you are interested in learning more about Cranmera, which is our MPC Engine, click here