BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Secure Multiparty Computation May Enable Privacy-Protecting Contact Tracing Solutions

Secure Multiparty Computation May Enable Privacy-Protecting Contact Tracing Solutions

This item in japanese

The current COVID-19 pandemic has fueled several efforts to implement contact tracing apps, based on a number of different cryptographic approaches.

Smartphones are being used in many countries to track COVID-19 transmission, with adopted solutions varying largely in terms of how well they preserve citizens' privacy. Apple and Google have recently introduced a Bluetooth-based exposure notification protocol for their mobile operating systems that guarantee a certain level of data privacy. Such protocol is meant to be only a component of a larger system operated by health authorities. Those systems should also implement the required cryptographic solutions to ensure data privacy protection.

InfoQ has spoken with HashiCorp principal product manager for cryptography and security Andy Manoske to learn more about Secure Multiparty Computation and how it can enable privacy-protecting analysis on private data from different sources.

InfoQ: Due to COVID-19, there has been a lot of public discussion and growing interest for Contact Tracing apps, which are considered key for a safe way back to normal life. What are the privacy implications of contact tracing and why is cryptography key?

Andy Manoske: Most contract tracing suites will likely require sensitive information such as an individual’s name, contact information, and their history of travel and social interactions. While this information is necessary for tracking the spread of a disease through a population, it can also be used by a malicious adversary to commit identity fraud.

Cryptography’s role is to ensure that only identified and permitted applications can access, i.e. decrypt, this sensitive information. Without verification of valid identity (and ideally intent) an adversary is forced to break the encryption protecting this sensitive information.

InfoQ: Could you explain what Secure Multiparty Computation can bring to this kind of solution and how it could be implemented?

Manoske: SMPC ensures that sensitive data is constantly encrypted, and that valid analysis of that data does not require the data to be unencrypted to be processed/analyzed.

A common technique for voiding encryption is to avoid it altogether with a “side channel attack.” Rather than using math to attempt to guess the key, side channel attacks allow an attacker to exploit vulnerabilities in a system or use malware such as keyloggers or Remote Access Trojans (RATs) to steal encryption keys or valid credentials to decrypt data.

With SMPC, valid analysis can be done on constantly encrypted data. This minimizes the possibility for an adversary to launch a side channel attack to decrypt protected data.

InfoQ: Could you provide additional examples of systems or applications where SMPC is essential to protect privacy?

Manoske: SMPC allows for groups of valid users - who may not completely trust each other - to operate collaboratively on protected data. When combined with strong rules on how those valid users operate on protected data, SMPC can greatly enhance the security of use cases such as:

  • Financial Information Disclosure: Allow companies to disclose sensitive information such as earning reports in a way such that nobody gains early access to that data (and can commit insider trading to profit off of non-public information). SMPC can protect data rooms for upcoming IPO/M&A transactions and other disclosure systems akin to the SEC’s EDGAR filing system, thereby minimizing the possibility of a side channel attack to commit market manipulation as seen in the 2016 EDGAR cyberattacks.

  • Electronic Medical Records (EMR): Allow organizations such as hospitals, pharmacies, and insurance manufacturers to share EMR about patients widely across systems without exposing sensitive HIPAA-protected personally identifiable information (PII). Using SMPC, valid organizations could be granted temporary access to PII in such a way that an adversary couldn’t steal their credentials or decrypted copies of the PII data.

  • Defense and National Security Information: Side channel attacks are not just used by criminal hackers. Intelligence organizations frequently use side channel attacks to compromise well-protected data. Major cyberattacks such as the campaign of attacks on American aerospace manufacturers during the early 2010s/late 2000’s have employed side channel attacks to steal encryption keys protecting classified information. In the case of these attacks, spies were able to infiltrate classified environments and exfiltrate unencrypted system data using legitimate credentials. SMPC allows that data to remain constantly encrypted and minimize a “walk away” side channel attack where a temporarily validated user can steal decrypted data.

InfoQ: What are the inherent complexities to using SMPC?

Manoske: SMPC requires software to employ one of the following: comprehensive, and often complicated, key management by trusted external systems, or new cryptography ciphers that allow for some analysis in-line within encryption.

Building systems hardened to protect encryption keys while not complicating applications’ ability to validate their identity (and not complicate making it harder to develop software) is a major challenge. This challenge is made even harder by having to manage keys over large, distributed infrastructures with parties who do not necessarily trust each other.

There are new cryptographic ciphers that use homomorphic encryption to allow applications to perform analysis on encrypted data. Some of these algorithms are being vetted by the cryptographic community. For example, the US National Institute of Standards and Technology (NIST) is reviewing homomorphic encryption ciphers in the Post-Quantum Cryptographic Standardization project, as they are resilient to attacks from quantum computers.

It will still take some time for the community to confirm homomorphic encryption is safe for use, and projects like NIST’s PQCSP won’t be completed until the mid-2020s.

InfoQ: How does HashiCorp Vault fit into this picture? What features does it provide and how can it enable to create SMPC-based applications and systems?

Manoske: HashiCorp Vault manages keys for how all applications and systems access secrets. By ensuring that no systems have access to the keys used to encrypt Vault-protected secrets at rest, adversaries cannot steal keys to extract secrets from Vault.

HashiCorp Vault also abstracts identity away from a single credential, allowing for administrators to set policies to access data based on a logical identity rather than a single credential.

For example, a person may have a number of ways of verifying their identity in their wallet: a credit card, a driver’s license, business cards, etc. Vault treats applications as people by allowing them to have their logical identity attributed by any of those elements in their “wallet.” This allows for identity-based security, ensuring administrators can write policies for the logical identity of a workflow while letting Vault handle the complexity of identifying and attributing users or applications from their various credentials.

When combined with secret engines such as Vault’s Transform Secret Engine, Vault can be used to implement SPMC by ensuring all data residing in a shared system is encrypted. That data can be encrypted using data type protection to ensure that sensitive data preserves its type and formatting, and only approved parties can temporarily access sensitive data in a way that doesn’t allow them access to encryption keys. This allows parties, who may not trust each other, to collaboratively operate on encrypted data without accessing the keys used to protect that data.

InfoQ will keep reporting on efforts to build privacy-protecting systems to track COVID-19.

Rate this Article

Adoption
Style

BT