John Roach of Microsoft Research reports that the company has found a way to enable secure data exchange in the cloud, providing users with full control over how much information is passed along to other parties. It's based on secure multiparty computation, where every entity involved gets a result without having to expose their actual encrypted data to the other parties.
In an example provided by Roach, imagine a group of employees who each want to know their pay rank. Everyone chips in their yearly salary number to one trusted employee who in turn creates a list for each worker, showing their position amongst the coworkers without revealing actual numbers and names.
With Microsoft's system, the cloud becomes the trusted employee handling the sensitive information.
Roach provides another scenario, where medical centers could compare the outcomes of their treatment plans for pneumonia against other centers without each party revealing the type of plan they use to treat the problem.
According to Roach, owners of sensitive encrypted data stored in the cloud could be viewed as a "seller" while other parties wanting access are viewed as "buyers." When one of these buyers wants to make a transaction, the seller will approve by sending a key. However, the cloud cannot directly share stored, encrypted data to the buyer even with the use of this key.
Instead, with Microsoft Research's proposed method, the key will unlock a decryption process within a multiparty computation environment, allowing the buyer to get what it needs without gaining access to the seller's actual encrypted data.
"All of the computation is performed in the cloud, and the computation itself is encrypted in such a way that not even the cloud knows what is being computed, which protects any of the buyer's data used in the computation such as a proprietary algorithm," Roach explains. "If everything goes as expected, the cloud reveals the decrypted results to the interested parties."
This proposed method will also allow buyers to test-drive a portion of the seller's data before purchasing a key for the entire data bundle. For instance, a pharmaceutical company may want to purchase access to a medical center's bundle of data regarding anonymized patient genomes. The pharmaceutical company, however, may not want to purchase the package if it contains information that the company already has. In such a case, the new system allows the company to analyze a portion of the data in question before making a full purchase.
"We call this 'can we test drive your data,' because why would you buy anything without knowing what you are buying," adds Kim Laine, a post-doctoral researcher in the Cryptography Research group at Microsoft. "But the problem with data is you can't just show it."
Roach notes that the method proposed by the Microsoft Research team is simply a research project for now. However, the team does plan to release tools "in the near future" for implementing their method of exchanging secure data within the cloud. Until then, Ran Gilad-Bachrach from the Cryptography Research group, Microsoft intern Peter Rindal, and Kim Laine co-wrote a paper on the project that can be read right here in a PDF format.