Highlighting Enveil’s ZeroReveal technology for encrypted processing
In this article, Jem Brown, Engineering Lead for National Security at BAE Systems Applied Intelligence, highlights the power of Enveil’s ZeroReveal technology to enable encrypted processing while allowing the requesting organization to keep its interests secure from a third-party data provider. Excerpt:
"We are all familiar with encryption of data at rest, which is inactive data stored physically in any digital form such as databases, data warehouses, archives and so on. We’re also accustomed to data encryption when it’s in transit – i.e. when it moving from a sender to a recipient, like a WhatsApp message, for example.
But what Homomorphic Encryption (HE) offers for the first time is encrypted processing. The maths behind HE has been around for 20 years but a practical – i.e. sufficiently cheap and fast enough – implementation has always been difficult to achieve. Indeed, it is still many years away if the solution is to be able to secure any arbitrary type of processing.
Recently, researchers have looked at applying HE to a limited problem space. In the last couple of years Enveil, a US start-up, has launched a new product, ZeroReveal, which allows the requesting organisation to keep what they are interested in encrypted and secure from the partner organisation providing the data.
When the requester searches the partner data set, the matching algorithm uses HE so that even the database administrators who own the data can’t see what data has been selected and returned as a result set. HE will always come with a processing overhead but working with Enveil, BAE Systems have demonstrated that ZeroReveal can return results in time frames which can fit with how investigators operate.
This secure, surgical search capability is valuable in many ways. For example, in intelligence investigations many private organisations may hold pertinent data about a suspect but the fact that an individual is being investigated may be highly sensitive and not sharable with these data providers. Another example is in financial services, where financial crime (such as money laundering) will normally involve interactions between multiple financial institutions. An informed and insightful picture can really only be constructed if data is shared between these financial institutions, data which generally needs to be protected on both privacy and commercial grounds."
Read the full piece here.