DNI Wants Research into Secure Multiparty Computation

Comments

JG4 • July 7, 2017 7:03 AM

Interestingly enough, this touches on one of the few key problems of the old blue marble of entropy maximization, which is something like scalability of trust. That problem is difficult enough without having a distribution of psychopaths and sociopaths at the key levers of power. The concept that Reagan expounded, “Trust but verify,” generally would benefit from greater access to the distrusted partner’s data.

A closely related key problem is conflict of interest. The more disturbing and unexpected conflicts of interest are between our present self and future selves, which applies to both individuals and groups. Politicians generally arbitrage conflicts of interest. If they weren’t liars, thieves and murderers, the results might be more positive.

I recall a discussion of homomorphic encryption, which I have been meaning to ask about. I had an almost-good idea for an application. The general concept was a method for maintaining an on-line library of books in a form that doesn’t violate copyright, but is text-searchable. Clive or other titans of the forum may have explicitly suggested this application.

B • July 7, 2017 7:21 AM

This is not new; a few years ago, DARPA had a big grant called PROCEED and more recently another called BRANDEIS, both of which fund research into MPC. DARPA did not specifically indicate what real-world applications they had in mind, but the researchers in PROCEED came up with quite a few contrived use-cases, including the one Bruce mentioned. I think the goal of the grants was to foster the development of the technology generally so that the US government could find off-the-shelf software when and if a government need for MPC arises.

Andrew • July 7, 2017 7:57 AM

@jg4
“The general concept was a method for maintaining an on-line library of books in a form that doesn’t violate copyright, but is text-searchable”
It’s a good and old idea to separate index from data. What they want is kind of restricted data sharing that can only be based on homomorphic encryption and references to data. I don’t see any kind of invention here, only hard work… but who knows…
I thought companies like Palantir are already working on this kind of things.

Parabarbarian • July 7, 2017 9:48 AM

The may be to intended to facilitate data analysis between disparate surveillance programs but it also will enable Google and Microsoft etal to do behavior analysis on data in countries that forbid revealing the private information.

John Macdonald • July 7, 2017 10:17 AM

Security is not the only area with need for sharing analysis while limiting the sharing of the raw data. It is a common need in medical/disease research too – where many organizations have collected patient data to which they are legally required to restrict access, but being able to analyse the result of merging together a number of these data sets could be extremely informative. Lots of studies end up being able to draw useful conclusions only about the most common sub-cases because there isn’t enough data to give reliable results for the less common cases; merging multiple data sets would provide additional power to the analysis.

Testes • July 7, 2017 11:29 AM

Sounds like something that could be solved by blockchains, at least partially.

Wael • July 7, 2017 11:37 AM

@JG4,

Yes, Homomorphic encryption would be the primary technology to utilize.

Wael • July 7, 2017 11:46 AM

@JG5,

The general concept was a method for maintaining an on-line library of books in a form that doesn’t violate copyright, but is text-searchable …

CryptDB enables similar applications. I believe it has been abandoned three years ago.

https://github.com/CryptDB/cryptdb

Wael • July 7, 2017 12:05 PM

@JG4,

Sorry, I “fat-fingered” your name!

Ross Snider • July 7, 2017 12:41 PM

I had a startup in Secure Multi-Party Computation for which I was looking for first-round funding. Nobody got it except some VCs in Virginia, who told me how awesome these technologies would be for intelligence sharing. One VC in particular warned me that while the idea would have little competition, it’s likely NSA would copy all of the technology and run an internal branch of the software for their own purposes and that this would probably be my biggest competitor – so I’d need to find differentiators like making my system more accessible or available with less paperwork, etc. I chickened out and got another office job, mostly because I didn’t really want to risk getting pulled harder into the lonely intelligence and natsec world.

Dirk Praet • July 7, 2017 12:51 PM

My guess is that this is to perform analysis using data obtained from different surveillance authorities.

If that’s the case, I propose no one sends in a proposal. Or just really well done dummies the flaws in which take months to figure out.

S • July 7, 2017 1:57 PM

@Bruce,

Yes, this seems to implement the recommendations for automated use control recommended by the NAS for bulk collection of signals intelligence (http://www.nap.edu/openbook.php?record_id=12050).

S • July 7, 2017 1:59 PM

@Wael

I can’t speak to CryptDB specifically, but Raluca Popa has had a number of follow-up projects to CryptDB, including Mylar and Arx (https://people.eecs.berkeley.edu/~raluca/) and also has a startup (https://www.preveil.com).

See also the MIT LL survey paper on “cryptographically-protected database search” (https://arxiv.org/pdf/1703.02014)

S • July 7, 2017 2:07 PM

IARPA has also previously had programs in this space, including SPAR (Security and Privacy Assurance Research) (https://www.iarpa.gov/index.php/research-programs/spar). IARPA conveniently has a link to the published output from that work, too:

http://scholar.google.com/scholar?q=D11PC20201+OR+D11PC20194+OR+D11PC20202+OR+FA-8721-05-C-0002+OR+D12PC00522+OR+D11PC20199+OR+D11PC20200+OR+D11PC20195+OR+D12PC00520+OR+D11PC20196&btnG=&hl=en&as_sdt=0%2C47

Yes, I agree that much of DARPA’s process involves fostering the technology development that can turn into off-the-shelf software for later government use. I’m less certain of IARPA’s process.

Jesse Thompson • July 7, 2017 5:27 PM

A couple of decades back I was very interested in “Encrypted Virtual Machines”, or the idea of trying to discover a cryptographic process that would allow a host machine to iterate over an opaque mound of data through a repeated process that would result in the true information stored within that data blob evolving over time in a turing-complete fashion. Data blob would also emit packets of cleartext and be able to accept a queue of cleartext input packets in order to communicate with it’s host and with any wider network.

In principal, one could run an EMV in the cloud (or in the parlance of the day “hosted at a third party”, lol) and it could discretely carry out ordinary encryption routines to allow remote operators and clients to connect to it via SSH or SSL with unmatched confidentiality, while the provider of computing resources would have no bare capability to eavesdrop on or to manipulate the EMV short of service denial or attempted replay attack by trying to run old backup copies of the blob.

I didn’t get very far before I ran into enough ambiguous feedback that somebody had mathematically proven that turning complete operations can’t survive this process of discretion (eg, that I wasn’t the first to try to bark up this tree) that I eventually lost my personal motivation to research it, though. 🙁

Schneier on Security

Comments

Leave a comment Cancel reply