From The Blog

October 08, 2021
October 08, 2021

Start Building Privacy-Preserving Applications with Conclave

Conclave is a confidential computing SDK that makes it possible to build privacy-preserving solutions that securely share, pool and process sensitive customer data. Applications range from aggregating sensitive bank account data to detect sophisticated types of anti-money laundering (AML) to training AI models with sensitive datasets. 

What is Conclave?

Conclave is a confidential computing SDK that makes it possible to build privacy-preserving solutions that securely share, pool and process sensitive customer data. Applications range from aggregating sensitive bank account data to detect sophisticated types of anti-money laundering (AML) to training AI models with sensitive datasets. 

Conclave is now available for businesses to start building privacy-preserving applications with ease. Keep reading to learn the key concepts for building a Conclave solution. 

Roles in deploying a Conclave application

There are three different roles to play in deploying a Conclave application: 

    • Clients – the parties who send and receive encrypted messages to enclaves. Clients are typically businesses that require technical assurances around how their data will be used. 
    • Enclave developer – the party who writes the application.
    • Enclave host – the party who is responsible for hosting and running the Intel® SGX infrastructure and Conclave application. This role can be filled by the enclave developer or any other third party as long as the application code is audited (see below).

Enclaves

Enclaves are small pieces of code that are isolated from the rest of the computer on which they run. Enclaves assume that the computer is owned and operated by an untrusted party, and as a result, data and code can be processed without the owner of the computer getting access to it. This makes the programs resistant to physical and software attacks from the owner or operator of the computer. 

Enclaves require clients to communicate through encrypted and authenticated messages. Conclave’s Mail APIs provide an intuitive messaging model for clients to securely send private data to enclaves. 

Business logic and host programs

Conclave applications consist of two distinct areas of code: business logic and the host program. The distinction between the two areas of code is important because the business logic operates inside the enclave, while the host program operates in the untrusted environment. Clients will interact with both the business logic and the host program.

The business logic is the algorithm that runs inside a secure enclave and processes private data.

The host program runs in the untrusted environment and is responsible for communications. 

Companies should make a clear line of separation between the business logic and the host program in Conclave applications, as this will help simplify the application development process. 

Remote attestation

Intel® SGX allows clients to process private data on a computer that is owned and operated by an untrusted party. This is great, however how does the client know that they are talking to a secure SGX-enabled machine? How do they know that the calculation that processes their data will do the computation correctly?

Intel® SGX has a feature called remote attestation which is a process through which a client develops confidence that they are talking to a genuine enclave running an algorithm with a specific fingerprint (hash of its compiled form). This allows the client to confirm that they are sending data to a secure SGX-enabled machine with the latest security patches.

Remote attestation does not provide confidence around the security of the algorithm and calculation that processes data in a secure enclave. A client can only confirm the security of the enclave by performing an audit of the enclave source code. Enclave code includes both Conclave code and business logic. An audit can be performed by the client themselves or a third party auditor to confirm the code performs exactly as intended. 

R3 provides enclave developers an audit license of the Conclave code that runs inside a secure enclave. We encourage enclave developers to make the business logic source code accessible to a regulator, third party auditor or the clients for auditing. It is up to the clients and enclave developer to choose the appropriate auditor for the use case.

Once the clients have evaluated the source code, Conclave allows clients to perform a reproducible build, where they can compile the audited algorithm hash and match it to the enclave hash from the remote attestation. Once this process has been completed, the clients successfully verified that they are talking to a secure enclave with the appropriate algorithm! 

Want to learn more?

Below are some helpful resources to learn more about Conclave and confidential computing:

    • Download the Conclave infographic!
    • Check out the Conclave docsite.
    • Download the Conclave fact sheet
    • Read the latest IDC Report to see how confidential computing can enhance the benefits of blockchain. 
    • Are you a developer? Download a free 60 day trial of Conclave today!

September 30, 2021
September 30, 2021

How to Think About Threat Modeling

When we talk about a “threat,” it doesn’t seem like a word that usually applies to computing, right? In fact, when we say threat in the context of computing, we mean any actor that would deliberately cause your program to behave in an unintended way.

When we talk about a “threat,” it doesn’t seem like a word that usually applies to computing, right? In fact, when we say threat in the context of computing, we mean any actor that would deliberately cause your program to behave in an unintended way.

Now, this definition is vague enough that it could cover almost anyone, right? Fortunately not. But we have an obligation when we write software to take some time to think diligently about what we’re going to build, why we’re going to make it, what we want to accomplish, and most importantly, who would want to work against it. This is the crucial problem that Conclave is uniquely poised to solve. 

So who would want our programs to fail? Adversaries. Simple enough, you say, but what kinds of adversaries could we face?

Most of the time in our regular lives, we imagine an adversary as a random hacker or a person who has managed to get ahold of our password. Usually this only results in some embarrassing social media posts, but this is a very narrow view of hacking. Sometimes even legitimate actors have an interest in going after digital assets. In fact, it’s estimated that 20% of all social media accounts will be compromised at some point

Let’s get more specific as there are many different kinds of bad actors to be aware of. Here are some examples: 

    • Organized Criminals – sophisticated private groups that hack websites to steal or collect money for free
    • Cyber Terrorists – these are groups that are interested in spreading fear, uncertainty, doubt, or harming the reputations of others
    • Inside Agents – these are malicious actors who happen to be a part of the institution. For example, this could be someone at Facebook misusing their account tools.
    • State-Sponsored Actors – governments and government-funded groups with theoretically infinite money looking to accomplish a specific task or cripple a target
    • Script Kiddies – this is a term referring to people who are either inexperienced or learning about hacking, so they download tools and try breaking whatever is out there to see what happens 
    • Hacktivists – these are individuals with some political goal or message they want to convey and use hacking as a means
    • Human Error – it may sound silly, but there are too many instances to count where human error or just software bugs cause crucial mistakes that can take down entire institutions

One additional category of bad actors should also be discussed: industrial actors who deliberately choose to create software that knowingly misrepresents the truth to users in order to profit. Data itself can even be misused by others who maintain platforms for you. Cybercrime can be much harder to spot until it’s too late (see movies like Office Space (1999) for an example). Conclave exists to create the safest possible computing environment that could ever be made—a checksum-verified segment of code that can only be run within the processor, where everything outside the processor is ASSUMED to be hostile.

Here’s how it works:

    • You and your counterparties write and agree on a set of software you want to run. 
    • You hash this code and create a unique remote attestation
    • Every time a user interacts with this code, the remote attestation is recreated at the enclave level, so the user knows the enclave is legitimate.
    • The host of the enclave has no visibility into what the enclave is doing or what inputs or outputs the enclave is working with.
    • Users can compute with confidence, knowing that the code that’s running is exactly what they expect.

And it’s that simple! I hope this blog post was interesting for you, and as always, happy coding.

Want to learn more?

Here are some helpful resources to learn more about Conclave and Confidential Computing.

September 23, 2021
September 23, 2021

The story behind the x86_amd64 architecture

There are many  fascinating things to understand about processors and how computer architecture works. R3’s newest product, Conclave, abstracts away a lot of the work you’d otherwise have to do in understanding the CPU, but it’s essential to understand what’s happening under the hood. Let’s zoom out a little bit to get a better view of what x86 is.

September 20, 2021
September 20, 2021

Privacy-Preserving Techniques—and the Power of Confidential Computing

Privacy-preserving techniques (PPTs) are a family of modern cybersecurity techniques that make it possible to protect data even when it is shared with a third party for processing or analysis. These techniques are very powerful and can provide solutions to key data privacy issues.

What are Privacy-Preserving Techniques?

Privacy-preserving techniques (PPTs) are a family of modern cybersecurity techniques that make it possible to protect data even when it is shared with a third party for processing or analysis. These techniques are very powerful and can provide solutions to data privacy issues by making it possible for service providers to process and analyze sensitive data without seeing or tampering with the actual data itself. 

Examples of Privacy-Preserving Techniques

Popular examples of privacy-preserving techniques include Confidential Computing, Zero-Knowledge Proofs (ZKP), cryptographic Multi-Party Computation (MPC) and Homomorphic Encryption.

    • Confidential Computing – protects data in use by performing computation in a hardware-based Trusted Execution Environment (TEE)
    • Zero-Knowledge Proofs (ZKP) – a cryptographic technique to prove facts about data without revealing anything else about the data
    • Cryptographic Multi-Party Computation (MPC) – a cryptographic technique that distributes computation across multiple parties in a way that no individual party can see the other parties’ data
    • Homomorphic Encryption – an encryption technique in which one party can perform analytical functions on encrypted data

Why Confidential Computing?

The key difference between Confidential Computing, ZKPs, MPC and Homomorphic Encryption is that with Confidential Computing, security is rooted at the hardware level while with ZKPs, MPC and Homomorphic Encryption, security is rooted at the software level with advanced math and cryptography. 

As a hardware-based technique, Confidential Computing provides significant advantages over the software-based alternatives.

    • Flexibility – Relying on math-based techniques can limit the types of calculations that can be run on datasets. For example, with ZKPs, the calculations must be “pure functions” where the output is always derived entirely from the input. This limits the set of use cases that a developer can address with each protocol. Confidential Computing, on the other hand, enables any type of algorithm (simple calculations, analytics, machine learning, AI) to be implemented within an enclave as long as it fits within the necessary parameters.
    • Stability – Even though math-based techniques have been around for 30+ years, the algorithms used to protect data are still changing. Companies that want to make a “bet” on using software-based PPTs need to have confidence that the math-based protocol will stay relevant over a long period of time. TEEs are a significantly more stable target, thus preserving your investment over time.
    • Training – Developers who use math-based techniques must have a deep understanding of the cryptographic protocols used. Confidential Computing does not require training in cryptography and is much easier to learn and use for building applications.

For these reasons, R3 has developed Conclave as a more accessible alternative to software-based techniques, making it possible to easily write applications using Confidential Computing and Intel SGX.

Why Conclave

Conclave is a platform that makes it easy to build services and solutions that securely pool and process sensitive data from multiple parties.

With Conclave, service providers can deploy their business logic or analytics into a hardware-based Trusted Execution Environment (TEE) to process their customers’ most sensitive data. Conclave and TEEs enable service providers to provide technical assurances to their customers that data will remain private and protected from misuse. 

Unlike its software-based alternatives, Conclave is the simplest and quickest way for businesses to add these new capabilities into their offerings. 

Want to learn more?

Here are some helpful resources to learn more about Conclave and Confidential Computing:

September 01, 2021
September 01, 2021

Conclave — a new approach to private set intersection protocol

Privacy, trust, and security are paramount in today’s digital era. Policy makers all over the world are pushing for further research into privacy-enhancing technologies; regulators are introducing stricter rules to govern the collection and use of private and confidential data; and even Facebook is looking for ways to reduce the amount of data it collects.… Read more »

Privacy, trust, and security are paramount in today’s digital era. Policy makers all over the world are pushing for further research into privacy-enhancing technologies; regulators are introducing stricter rules to govern the collection and use of private and confidential data; and even Facebook is looking for ways to reduce the amount of data it collects.

The privacy battle

Facebook vs Apple Inc

Big players war over data privacy.

Back in April, Apple published a paper, “A day in the life of your data”. It talks about a typical scenario where a father and daughter have their data tracked by the digital ecosystem. It was criticised by Facebook, who has historically generated revenue in the advertising space by using these types of tracking techniques.

In this blog, we talk about private set intersection (PSI), the data privacy problem it solves, and how Conclave (based on Intel SGX) can be used in a real world PSI scenario.

So, what is a private set intersection (PSI) ?

Let’s look at an example.

The National Security Agency (NSA) has a list of terrorist suspects, and an airline company has a list of passengers. Both parties wish to determine which individuals appear on both lists (the intersection). However, the airline doesn’t want to disclose details about other passengers, and the NSA doesn’t want to disclose information about other terrorist suspects. This is a typical example of the data privacy problem PSI addresses.

PSI is a technique used to determine the intersection of two sets, without leaking or disclosing any additional information of the remaining elements of either sets.

Diagram

PSI finds common data across multiple sets, without revealing data from one party to another.

In a recent article, Facebook talks about PSI, and how it can be used to solve multiparty computation problems. It also talks about its efforts in developing new algorithms to perform multiparty complex analysis on a private computation.

Are there any other practical use cases for PSI?

Tax Law and Liability diagram

Finding tax evaders using PSI.

Another example might be determining who appears on a federal tax authory’s list of suspected tax evaders, and which individuals on that list have accounts with foreign banks. The federal tax authority can’t disclose its list of suspects to the bank, and the bank clearly can’t disclose account details of all its account holders.

Satellite collisions can be avoided using PSI.

Satellite collisions can be avoided using PSI.

PSI can even help countries avoid satellite collisions by deducing orbit intersections. Neither party is aware of the other party’s satellite details, as data sets are kept confidential.

Conclave to the rescue!

We have developed Conclave SDK, an easy solution to the PSI problem. Conclave enables multiple parties to find the intersection (common elements) of two or more data sets without revealing those data sets to the other parties, including the host running the computation. Conclave achieves this by running the private computation inside an Intel SGX hardware, a trusted executive environment, or Secure Enclave.

If we take the example of calculating the conversion rate of an ad. Currently, the merchant usually shares a list of users who have completed a transaction (purchased an item), with the ad service provider. The ad service provider, for example Facebook or Google, maintains a list of users who have clicked the ad. The service provider will then compare the two lists, looking for common elements, usually using email address or credit card number as the common identifier. From this, they can then calculate the ad conversion rate:

In Conclave, the two lists are compared in a secure enclave, so neither the merchant nor the service provider can see both sets of data, only their own.

Calculating ad conversion rates inside a secure enclave.

Calculating ad conversion rates inside a secure enclave.

I have shown in this sample, how easy it is to calculate the ad conversion rate using Conclave, without compromising on privacy.

Writing a secure multiparty computation application using Conclave, is like writing a simple application that performs computation on plain text. Conclave lets you write applications in high-level languages, like Java, Scala, and Clojure. It provides you with a framework so you can test your applications using a mock enclave, and has seamless integration with Gradle plugin for building, testing, and deploying applications. Applications can be deployed in Linux, Windows, or Mac, and can also be deployed to Azure cloud with one click!

Conclusion

Conclave solves the challenges associated with multiparty computations, and can be used as an alternative to secure multiparty computation, homomorphic encryptions, or tokenization techniques. It provides you with the necessary tools to build your Conclave application, leaving you to focus on the business logic. We’re excited to see how our partners and clients are using Conclave to solve this type of complex private computations.

August 18, 2021
August 18, 2021

Confidential Computing with Conclave

In our previous blog, we introduced how confidential computing can be a useful tool to help us better protect our data while it is in use. This article will show you the inner workings of Conclave, the platform that R3 has developed to make confidential computing application development easier.

In my previous blog, I introduced how confidential computing can be a useful tool to help us better protect our data while it is in use. This article will show you the platform that R3 has developed to make confidential computing application development easier.

Introducing Conclave

Conclave is a revolutionary new platform from R3 that enables the development of solutions that securely pool and process sensitive data from multiple parties. It leverages cutting-edge technologies like confidential computing and Intel® SGX.

Intel Software Guard Extensions (Intel® SGX) offer hardware-based memory encryption that isolates specific application code and data in memory. Intel® SGX allows user-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels.

There are many ways to use confidential computing, but utilizing hardware (enclaves) is by far the most cost-efficient and effective way to adopt the concept.

As it says in the quote, the enclave will block all access to the data while it’s being used. Therefore, we are technically assured that the data used in the enclave is protected and won’t be tampered with during computation.

Components of a Conclave application

There are three parts to a Conclave application—the host, enclave and the client.

    • The host starts the enclave and passes data between the client and the enclave. Since the host is still operating in an operating system, we will view it as an untrusted environment.
    • The enclave is the isolated in-memory engine that will run your confidential computing applications.
    • The client is the external communication port that sends encrypted data to the enclave to process. However, the client does not directly communicate with the enclave. All of the data is passed to the host and the host will deliver it to the enclave.

 

 

Data communication with Conclave

The communication between the components is handled by the Mail API. The API makes it easy to deliver encrypted messages that only the enclave can read. Here’s how it works: data is packaged in a mail, and each mail has two parts—the header and the body. The header can store strong sequence numbers, which can help hold multiple conversations simultaneously. Mail also can be used by an enclave to persist (sealed) data. There may be a situation where the enclave stops and has to be restarted. It may want to save the unprocessed data somewhere and retrieve it when it is started again. As of now, this is handled by the enclave. By sending mail to itself, the enclave can store chunks of data that will be fed back to it at startup. And again, this is done with the help of the Mail API.

I hope you will find that this article answers some of the questions you have about Conclave and confidential computing. In my next blog post, I will start covering some of the implementation details of a Conclave application. Stay tuned!

Want to learn more?

Want to learn more about Conclave and confidential computing in the meantime? Here are some helpful resources:

August 12, 2021
August 12, 2021

Confidential Computing and You

Confidential computing is a breakthrough in secure data sharing/utilization methods. Hence, it can benefit anyone who is actively sharing and receiving data, which technically includes most of you who are reading this blog post on the internet.

Confidential computing is a breakthrough in secure data sharing/utilization methods. Hence, it can benefit anyone who is actively sharing and receiving data, which technically includes most of you who are reading this blog post on the internet.

What is confidential computing?

Imagine you have a piece of information that you only want to share with your dearest friend. Before you share it with your sole counterparty, the treasured information is encrypted and locked somewhere in a top-secret database. Once shared, the information is now acknowledged and in possession of this friend. But how can you continue to actively protect the information from leaking to any third party? You can sign a Non-Disclosure Agreement (NDA), but that is passive protection that would execute after the leaking happens. And that is about it.

Fortunately, confidential computing offers a whole new approach to sharing and protecting data. With confidential computing, you can now launch a program where you and your dearest friend can both utilize this piece of information, yet your friend can neither see nor own it.

Here is an example.

Let’s say you and your dearest friend want to collaboratively find out how many Hershey’s Kisses you two have put into a box. There are two types of Kisses—red and blue.

    • The red Kisses represent the newly developed flavor that only a few foodies had a chance to sample from the Hershey R&D lab. The identities of these foodies are top-secret.
    • The blue Kisses are just ordinary Kisses, which you can get from a local supermarket.

Fortunately for you, you are one of the lucky people who got to sample the red Kisses. Now you are wondering, how can you still participate in the game with your friend while not telling him that you are one of Hershey’s top-secret research participants?

How confidential computing can help

You will need two things:

    1. Some resources from each of you (this includes objects other than the Kisses)
    2. A confidential computing engine

First, you will put a red Hershey’s Kiss (the color is only known to you) into the confidential computing engine, leading to a total count of one. Next, your dearest friend will put his Hershey’s Kiss into the engine (again, the color is known only to him), leading to a total count of two.

Now, let’s make the process a bit more interesting. Let’s say your friend is looking to prank the system. He became aware that the confidential computing engine is like a black box where you have no visibility over what is inside. He then puts a random object into the engine. (Or, he simply made a mistake placing highly sensitive but not relevant data into the engine and actually became worried that you might have your hands on it.)

None of the above concerns will become a problem because as you can see from the diagram above, the count of the Kisses will remain at two because the program that you put into the confidential computing engine will process the random object (or data) and decide that it is not relevant.

And what is most important is that, as shown in the final output snapshot, no one will have visibility of what’s really inside. All the non-relevant information, or if you take it from a different angle, all the non-relevant but highly sensitive data, is not disclosed to anyone, not even you.

As for the result of the collaboration, the final output will be 2 kisses. And your friend will not find out that you are one of Hershey’s top-secret research participants! A happy ending for all.

Key takeaways

In short, the confidential computing engine grants you:

    • A perfect workstation that only executes what you (and your counterparties) want it to do
    • A highly secure place where processed information is not visible to any participants of the process

In the next blog post, I will walk you through Conclave, R3’s confidential computing platform, and show how you can make confidential computing work for you.

Want to learn more?

Want to learn more about Conclave and confidential computing? Here are some helpful resources:

July 27, 2021
July 27, 2021

Decrypting Enclaves: Encryption Key Hierarchy

Intel SGX is an implementation of a Trusted Execution Environment (TEE): an environment where data integrity and confidentiality and code integrity are protected by hardware-based encryption. Intel SGX isolates specific application code and data in a secure part of the module’s memory, called “enclaves.” 

Intel SGX is an implementation of a Trusted Execution Environment (TEE): an environment where data integrity and confidentiality and code integrity are protected by hardware-based encryption. Intel SGX isolates specific application code and data in a secure part of the module’s memory, called “enclaves.” Conclave makes it very easy for you to interact with enclaves in higher languages such as Java and Kotlin. Before we dig deep into Conclave, let’s talk a bit about the different encryption keys used throughout an enclave’s lifecycle. 

An enclave uses “keys” as the root of trust instead of using certificates. They are the foundation for the software chain of trust. 

There are multiple keys used at multiple points during an enclave’s lifecycle. To start with, Intel issues two key pairs which are fused into the CPU at the time of CPU manufacturing. All other keys are derived from these two keys. Keys are used in the attestation process to prove that a particular piece of code is running on a trusted SGX-enabled CPU. This proves the authenticity of the enclave on which your code runs. Keys are also used during sealing to encrypt your data. Now let’s dive into the different keys used for the above-mentioned scenarios.

Root Provisioning Key: This key is fused into the Intel processor by Intel at the time of CPU manufacturing. Intel acts as a certifying authority (CA) and issues a digital certificate identifying this SGX-enabled CPU’s identity. This key is securely stored in an HSM within a facility managed by Intel and allows Intel to verify that the CPU is a genuine SGX-enabled part during remote attestation.

Root Sealing Key: This key is also baked by Intel into the CPU. This key is a unique key known only to the CPU and is used for sealing.

Let’s take a look at some common structures used by Intel SGX enclaves.

MRENCLAVE: This is the enclave’s identity, a SHA-256 hash of the log that records all activity while the enclave is being built. This log consists of code, data, heap, stack, and other attributes of an enclave. Once the build is complete, the final value of MRENCLAVE represents the identity of the enclave. In short, it’s the hash of the enclave code and initial data.

MRSIGNER: Each enclave is also signed by its author. MRSIGNER contains the hash of the public key of the author.

REPORT: The enclave creates a REPORT structure consisting of MRENCLAVE, MRSIGNER, and additional enclave attributes.

Enclaves cannot access these root keys directly; instead, they use a derivation function to derive them. The derivation function uses MRENCLAVE, MRSIGNER, the current CPU microcode security version number and other enclave attributes to derive the keys. A nonce is also given as an input to this function to add entropy. Usually this is a password specific to the owner of the system, allowing the owner to cryptographically destroy any data sealed by the system when it is deprovisioned.

Below are examples of keys that enclaves can derive.

Report Key: This is derived from the root seal seal key and is used during attestation. The enclave creates a REPORT structure consisting of MRENCLAVE, MRSIGNER and some more enclave attributes. An enclave is required to prove its authenticity and code integrity to either a client or an enclave running on a different system (remote attestation) or to another enclave running on the same system (local attestation). For local attestation, the host obtains a report from the enclave. This report contains the MRSIGNER, MRENCLAVE and other report attributes, including some user data which is normally a public key for communicating with the enclave. This report is actually the same for local and remote attestation. The report structure is then signed inside the enclave using the REPORT key. The hash of the REPORT data is encrypted with the REPORT key, and the signed report is then sent into another enclave on the same system via a host process. The other enclave has access to the same REPORT key so that it can generate a new hash over the report, decrypt the hash that the other enclave used to sign, then ensure the two are the same. 

Provisioning Key: This is derived from the root provisioning key. This key is used by the CPU to identify itself to Intel for attestation. Remote attestation proves to a client that the correct code is deployed on a fully patched, SGX-enabled enclave. The attestation service could be either EPID or DCAP. 

For both types of attestation, the current host (the process on which a current enclave is loaded) sends the REPORT to another enclave called a Quoting Enclave which verifies the signed REPORT (signed using the report key) and signs it using the provisioning key.

For Enhanced Privacy Identification (EPID), the REPORT signed by the quoting enclave (called the “quote”) is sent to the Intel Attestation Service (IAS) by the host or the client, depending on the application (for Conclave, this is always the host). The IAS then verifies the quote and signs it with a certificate that is rooted within the Intel SGX root of trust. This Intel-signed verification can then be checked by the host and sent to a client, who only needs to check to see if the certificate is valid and trusted. This is mostly a legacy approach.

Data Center Attestation Primitives (DCAP) works a bit differently. The quote is signed using the same provisioning key as before, however, rather than sending the quote to Intel for verification, the host requests information about the platform from the Intel Provisioning Certification Service (PCS). This information is called “collateral” and includes Intel-signed information about the platform that can be used to verify the quote without sending it to Intel. The report/quote and the collateral are sent to a relying part (the client) which can then verify the collateral against the trusted Intel root certificate and verify the quote against the collateral. This is a newer approach focused on data centers and cloud service providers. This provisioning is based on ECDSA signatures which allow for construction of on-prem attestation services.

Seal Key: This key is derived from the root seal key. The memory used inside an enclave is encrypted using hardware and is isolated from other processes and applications. When the enclave stops, data in memory cannot be recovered. Sealing is a technique used to encrypt and export data outside the enclave without compromising data confidentiality or integrity. From outside it can be transmitted over a network or saved to an external storage location like an external database or hard disk. Sealing keys can be derived from MRENCLAVE or MRSIGNER for storing data.

Sealing to the MRENCLAVE makes the key available to any instance on the same physical system having the exact same MRENCLAVE. This will not allow any future software to read secrets of this enclave. Sealing to MRSIGNER will make the key available to any enclave running on the same physical system which has been signed by the same author, making the upgrades much easier. This will allow newer enclaves to read secrets of older versions but will require clients to trust the enclave signer. This trust can be gained through a defined enclave audit process. Sealing keys are only known to an enclave, so that only an enclave can decrypt the data.

Want to learn more?

Here are some helpful resources to learn more about Conclave and Confidential Computing:

July 06, 2021
July 06, 2021

The Why and How of Confidential Computing

R3 recently launched Conclave, a new confidential computing platform that allows multi-party data to be pooled privately and securely.

R3 recently launched Conclave, a new confidential computing platform that allows multi-party data to be pooled privately and securely.

The Data Lifecycle

When it comes to data protection and the data lifecycle, there are three states:

    1.   Data at rest (currently protected by full disk/file encryption)
    2.   Data in transit (currently protected by transport layer security)
    3.   Data in use (now being protected by zero knowledge proofs, multi-party computation and confidential computing)

For years, cloud providers have offered encryption services for protecting data at rest (in storage and databases) and data in transit (moving over a network connection). However, it wasn’t until confidential computing was created that there was a solution for protecting data in use (during processing or runtime).

Intel® SGX

Intel® SGX, the technology behind Conclave, protects data in use using secure enclaves or Trusted Execution Environments (TEEs). It was initially only applied in hardware in the CPU. However with the increasing adoption of cloud computing, the need for this protection to be available on the cloud became more urgent. This is especially true for more sensitive workloads. It was with this awareness the industry realized it needed a name for the conceptand confidential computing was chosen.

With SGX, you can prove exactly how the data will be used. The content of the enclave—the data being processed and the techniques used to process it—are accessible only to the parties submitting the information and invisible to anything or anyone else, including the cloud provider. 

Conclave

SGX addresses the problem of how to protect data in use, but what does Conclave add to the mix? The key problem that Conclave addresses is the fact that implementing and using these technologies usually requires a deep understanding of data security in order to prevent side channel exposure, data leaks, holes in your implementation and other problems. Conclave makes it very easy to develop protected applications without having to hire data security specialists. 

There are other solutions in the market that seek to address this problem. One solution, known as “Lift and Shift,” involves taking a virtual machine and running it in the protected environment. However, when you access the data it will be vulnerable. Therefore, you have to compromise between protection and the need for access. 

Another solution is to develop a custom application or modify your existing application to separate the most important parts of the data and put them into the enclave. The problem with this is that it is very complex. You would need to do it in C++, go through lots of documentation and have a deep understanding of data security. 

In contrast to the above, Conclave provides deep protection in a JVM so you can build in Java, Kotlin or JavaScript. This offers a solution that will be secure and easier to use for the developer. 

By leveraging confidential computing, you will be able to provide technical assurances/cryptographic proof that you are running a real SGX-protected enclave (also known as attestation). With these assurances in hand, you won’t need to rely on a firm’s reputation to determine whether or not you can trust them with your data, as you will have technical attestation of how it is being used. The ability to prove how your data will be processed is making it possible for businesses to collaborate and share more sensitive datasets. 

How ClaimShare leverages the power of Conclave

As discussed, Conclave allows the pooling of sensitive data in a secure, invisible manner. This means companies can pool data together and run mutually beneficial algorithms and processes without exposing customer information or trade secrets to the other parties involved.

One application where this could be useful is in detecting multi-party insurance fraud. This could involve an item being purchased and then insured with multiple companies. The below example is from Richard Gendal Brown, R3’s CTO:

“Say a car is bought for $10,000. The car is then insured at a cost of $500. This insurance will net a compensation of $8,000 in the event the car is written off in an accident. Now more policies are taken out, until we have 10 policies on the same car all with different insurers. 10 policies x $500 = 5,000 + the price of the car = $15,000. Now we crash the car and start claiming all of those policies, 10 x 8,000 = $80,000.” 

This fraud is difficult for insurers to detect because there is no centralized insurance claims database. However, with confidential computing, this type of sensitive data can be pooled in a protected area, processed by verifiable algorithms, and only the fraudulent claims will be highlighted (all other claims will be kept private, even to those running the algorithm). Through collaboration with KPMG, IntellectEU used Conclave to develop ClaimShare, a solution designed to address the problem of duplicate claims in the insurance space. 

Want to learn more?

Here are some helpful resources to learn more about Conclave and Confidential Computing.

July 01, 2021
July 01, 2021

Confidential Computing: Secure Data Analysis on the Cloud with Conclave

Is it possible for organizations to use machine learning and big data technologies without affecting the privacy of users? How could companies derive insights from their data without compromising on security and protect against possible data breaches and fraudulent attacks that could happen in cloud computation? The answer may be confidential computing, an emerging technology… Read more »

Is it possible for organizations to use machine learning and big data technologies without affecting the privacy of users? How could companies derive insights from their data without compromising on security and protect against possible data breaches and fraudulent attacks that could happen in cloud computation? The answer may be confidential computing, an emerging technology that protects data even when in use. This new technique makes it possible for organizations to securely share, pool and process data in the cloud without exposing any of it to the outer world. 

The data lifecycle

With the rise of new data-driven applications, companies are collecting and storing huge amounts of data that would have seemed impossible a decade ago. If most of this data becomes user privacy-related, it becomes crucial to protect and secure the data against attacks and breaches. A data breach could violate GDPR laws in countries where they apply, so a system architect’s most important task is often to identify sensitive data and determine approaches for how to best protect it. Thus, data needs to be protected throughout its lifecycle: at rest, in transit and in use.

Data at rest means inactive data which is stored in any of the following digital forms: databases, data lakes, or other types of storage technology. This data is currently protected using techniques such as tokenization, encryption, and access control, meaning that even during transfer from one database to another, it cannot be breached. 

Data in transit includes any data being moved through the network between applications, servers, or clients. This data is protected from unauthorized access using the TLS/SSL protocol. 

But what about when data is being computed, a.k.a when it is in use? To run any sort of analysis, the data must be in clear text.

The problem—and solution—to protecting data in use

Organizations often need to perform operations on data in use such as search, query, analysis, and machine learning. However to do this, the encrypted data from databases must be decrypted into clear text before it could be used for any sort of computation.

Once decrypted, this clear text data gets exposed to the underlying operating system and the host machine, meaning that any malware application running on the host machine could dump the memory contents and steal sensitive information. So even if your data remains encrypted in storage, it becomes vulnerable to exposure in memory during computation.

When these types of computation are hosted on the cloud, this becomes an even bigger risk. Your data is exposed to the vulnerabilities of the host operating system, hypervisor, hardware, and the cloud provider’s orchestration system. As a result, companies dealing with highly sensitive user data such as credit card details, user information, and KYC documents are often reluctant to host computation on the cloud.

Fortunately, confidential computing solves this problem. This emerging technology isolates sensitive data in a secure enclave, or Trusted Execution Environment (TEE), during processing. By doing so, the contents of the enclave, the data being processed, and the techniques used for computation are accessible only to authorized programming code and invisible to all external parties, including the cloud provider. This enables organizations to share, pool and process sensitive datasets in the cloud, safe in the knowledge that it won’t fall into the wrong hands.

Conclave

R3’s new Conclave platform makes it easy to perform confidential computing either in a machine or in the cloud. The only requirement is support for the Intel SGX enclave. 

With Conclave, you can build applications that securely pool and process data from multiple parties. Conclave-powered solutions are so secure that no one sees the source data without permission—not even the cloud provider. You can see examples of applications you could build with Conclave, as well as tutorials, on our docsite.

Want to learn more about Conclave and Confidential Computing?