Privacy-Preserving Techniques—and the Power of Confidential Computing

September 20, 2021

By Sarah Lynch, Offering Manager at R3

What are Privacy-Preserving Techniques?

Privacy-preserving techniques (PPTs) are a family of modern cybersecurity techniques that make it possible to protect data even when it is shared with a third party for processing or analysis. These techniques are very powerful and can provide solutions to data privacy issues by making it possible for service providers to process and analyze sensitive data without seeing or tampering with the actual data itself. 

Examples of Privacy-Preserving Techniques

Popular examples of privacy-preserving techniques include Confidential Computing, Zero-Knowledge Proofs (ZKP), cryptographic Multi-Party Computation (MPC) and Homomorphic Encryption.

    • Confidential Computing – protects data in use by performing computation in a hardware-based Trusted Execution Environment (TEE)
    • Zero-Knowledge Proofs (ZKP) – a cryptographic technique to prove facts about data without revealing anything else about the data
    • Cryptographic Multi-Party Computation (MPC) – a cryptographic technique that distributes computation across multiple parties in a way that no individual party can see the other parties’ data
    • Homomorphic Encryption – an encryption technique in which one party can perform analytical functions on encrypted data

Why Confidential Computing?

The key difference between Confidential Computing, ZKPs, MPC and Homomorphic Encryption is that with Confidential Computing, security is rooted at the hardware level while with ZKPs, MPC and Homomorphic Encryption, security is rooted at the software level with advanced math and cryptography. 

As a hardware-based technique, Confidential Computing provides significant advantages over the software-based alternatives.

    • Flexibility – Relying on math-based techniques can limit the types of calculations that can be run on datasets. For example, with ZKPs, the calculations must be “pure functions” where the output is always derived entirely from the input. This limits the set of use cases that a developer can address with each protocol. Confidential Computing, on the other hand, enables any type of algorithm (simple calculations, analytics, machine learning, AI) to be implemented within an enclave as long as it fits within the necessary parameters.
    • Stability – Even though math-based techniques have been around for 30+ years, the algorithms used to protect data are still changing. Companies that want to make a “bet” on using software-based PPTs need to have confidence that the math-based protocol will stay relevant over a long period of time. TEEs are a significantly more stable target, thus preserving your investment over time.
    • Training – Developers who use math-based techniques must have a deep understanding of the cryptographic protocols used. Confidential Computing does not require training in cryptography and is much easier to learn and use for building applications.

For these reasons, R3 has developed Conclave as a more accessible alternative to software-based techniques, making it possible to easily write applications using Confidential Computing and Intel SGX.

Why Conclave

Conclave is a platform that makes it easy to build services and solutions that securely pool and process sensitive data from multiple parties.

With Conclave, service providers can deploy their business logic or analytics into a hardware-based Trusted Execution Environment (TEE) to process their customers’ most sensitive data. Conclave and TEEs enable service providers to provide technical assurances to their customers that data will remain private and protected from misuse. 

Unlike its software-based alternatives, Conclave is the simplest and quickest way for businesses to add these new capabilities into their offerings. 

Want to learn more?

Here are some helpful resources to learn more about Conclave and Confidential Computing: