A look inside privacy enhancing technologies

There is a growing global recognition of the value of data and the importance of prioritizing data privacy and security as critical cornerstones of business operations. While many events and developments could be viewed as contributing to this trend, it would be difficult to argue that the increased discussion generated by today’s accelerating regulatory environment has not played a significant role.

Consumers are more aware of what constitutes personal data, who they do (or do not) trust to manage it, and are demanding a data-centric approach to address privacy and security. A survey conducted by Pew Research Center last year found that 79% of adults were concerned about how companies were using the data collected about them, and 52% said they had opted not to use a product or service because they were worried about the personal information that would be collected.

Privacy enhancing technologies

Businesses are looking for ways to alleviate these concerns, not only in their interactions directly with consumers, but also in a B2B context. This has led to a resurgence of interest, advances, and commercialization in the area of privacy enhancing technologies, or PETs, a powerful category of technologies that enable, enhance, and preserve data privacy throughout its lifecycle. By adopting a data-centric approach to privacy and security, these technologies help ensure that sensitive data remains protected during processing (“data in use”).

PETs is an umbrella term describing technologies that secure data in use and are essential to preserving and enhancing privacy and security while searches or analytics are performed. These technologies include homomorphic encryption, private set intersection, secure multiparty computation, differential privacy, and trusted execution environments – and many of them have intersection points and/or can be used in conjunction with one another, depending on the use case.

privacy enhancing technologies

While there is some nuance depending on application and use case, in general, the more secure the technology, the more privacy enhancing or privacy-preserving capabilities it provides. Of the technologies mentioned previously, homomorphic encryption offers the strongest security positioning (and hence is most privacy-enhancing). Trusted execution environments (TEE) offer the weakest (and hence are the least privacy-preserving). While it may be tempting to default to the highest level of security in all circumstances, it is important to understand each technology in order to determine which is the right choice for a given use case.

Homomorphic encryption

Homomorphic encryption is the most secure option. Widely considered to be the “holy grail” of encryption, it allows for computation in the encrypted or ciphertext space. Homomorphic encryption is not a new technology — it has been studied in the academic space for more than 30 years. And while it has been historically computationally intensive, recent breakthroughs now make it practical for a wide range of commercial applications.

At its core, homomorphic encryption provides two primitive operations in the ciphertext/encrypted space: 1) the ability to multiply two homomorphically encrypted values together and/or 2) the ability to add two homomorphically encrypted values together such that when you decrypt the product or sum you get a meaningful value. This is the only type of encryption in which you can combine encrypted values and get a meaningful result.

The two basic types of homomorphic encryption correspond to the ability to deliver these two primitives. Fully homomorphic encryption gives both multiplication and addition in ciphertext space and partially homomorphic encryption gives multiplication in ciphertext space. Both types are powerful and, as with all things in computing, those simple operations can be built together into algorithms that enable core business functionalities—including encrypted searches and encrypted analytics such as machine learning/AI.

It can be leveraged in techniques such as private set intersection to securely compute the overlapping items from two sets of data. It is important to note that implementations of homomorphic encryption algorithms and software products leveraging it to provide business capabilities are not hardware bound — although they may optionally leverage special types of hardware (GPUs, FPGAs) to accelerate some of the mathematical computations.

Secure multiparty computation

The secure multiparty computation (SMPC or MPC) family of techniques allow multiple parties to jointly operate on data while keeping their individual inputs private. Like homomorphic encryption, the technology is roughly 30 years old and has been an active area of research in academic circles since the mid-1980s. Breakthroughs in academia as well as solutioning by a number of technology providers in the commercial space have matured SMPC to the point of practical applicability in certain use cases.

Ultimately, the security and hence privacy of SMPC varies widely and depends on which type is used. For example, some implementations of SMPC leverage homomorphic encryption and thus can offer strong security guarantees.

Differential privacy

In differential privacy, randomly generated noise is added to the underlying data for obfuscation purposes and, as a result, any computations performed on the altered data are only statistically/directionally correct (i.e., not accurate). Thus, the use cases are narrower for DP than for other PETs since accurate results are not guaranteed and the possible computations are limited.

Trusted execution environments (TEE)

The least secure of the PETs is TEE, sometimes also referred to as secure enclave technologies. The security of TEEs is essentially a perimeter-based security model — in TEEs, the perimeter is very small and exists on the hardware chip itself instead of at a network boundary. As with any perimeter security model, if you can break through the perimeter, you can gain access to all data within. As everything is decrypted within the perimeter of the on-chip enclave, TEEs enable very fast computational abilities, at a trade-off of a weakened security and privacy posture. This may be suitable for some use cases that have more relaxed security and privacy constraints (i.e., that don’t require nation-state level security or regulatory privacy adherence).

The best-known commercial offering in the TEE space is the Intel SGX. Since the discovery of the Spectre and Meltdown vulnerabilities a few years ago, the space has unfortunately been rife with security issues that seem to be unearthed on a continual basis. As TEEs are hardware-bound, applications leveraging them for securing data in use will be as well. There are API abstraction layers that are being developed to aid in application portability between different hardware TEEs.

Conclusion

The desire for privacy is not a passing trend. Whether led by government regulation or consumer demand, organizations must be ready to operate in a world that prioritizes data security and privacy.

Privacy enhancing technologies deliver technical solutions to this challenge. With broad and increasingly prevalent applications for PETs in the commercial space, a growing number of businesses will want to take advantage of these business-enabling capabilities. When doing so, it’s imperative to realize that not all PETs are created equal. One must first identify the privacy-centered business challenge to be solved and then select the PET that’s best positioned to address it.

Don't miss