Inside the Briefcase

Ironclad SaaS Security for Cloud-Forward Enterprises

Ironclad SaaS Security for Cloud-Forward Enterprises

The 2015 Anthem data breach was the result of...

The Key Benefits of Using Social Media for Business

The Key Benefits of Using Social Media for Business

Worldwide, there are more than 2.6 billion social media...

Gartner IT Sourcing, Procurement, Vendor and Asset Management Summit 2018, September 5 – 7, in Orlando, FL

Gartner IT Sourcing, Procurement, Vendor and Asset Management Summit 2018, September 5 – 7, in Orlando, FL

Register with code GARTITB and save $350 off the...

Infographic: The Three Pillars of Digital Identity: Trust, Consent, Knowledge

Infographic: The Three Pillars of Digital Identity: Trust, Consent, Knowledge

8,434 adults were surveyed to gauge consumer awareness of...

FICO Scales with Oracle Cloud

FICO Scales with Oracle Cloud

Doug Clare, Vice President at FICO, describes how Oracle...

How The SPDZ MCP Protocol Will Impact Cloud Security

October 28, 2013 No Comments


In recent years, cloud computing has increasingly become a part of our day to day lives and yet many people are still wary of embracing the new technology. One of the major concerns that is behind this reluctance is security. The cloud is often perceived as being very poor in terms of secure storage and data transfer, but that is not really the case! However, people need reassurance, especially in the business world and thankfully the latest developments in cryptography could offer exactly that.

According to the Cryptography and Information Security group at the University of Bristol, a recent breakthrough in an area of cryptography known as MPC, which stands for Multi Party Computation, is set to change the face of computing and security.

Understanding The Concept of MPC

Essentially, MPC is actually a subdivision of cryptography which allows two (or more) users to perform a computation which involves them each inputting ‘secret’ data without the need to reveal that information to the other parties. The Department of Computer Science at University of Bristol and Aarhus University in Denmark are operating a joint research program which is focussed on implementing a practically viable protocol for MPC which is known as SPDZ (pronounced like the word ‘speeds’).

A Closer Look At The SPDZ Protocol

This new protocol uses message authentication code when processing secret data being shared between multiple users during a computation. This code is then authenticated by the involved parties using the section of information know to each individual. Since this relies largely on homomorphic encryption techniques the process can be fairly awkward.  It is because of that fact that the initial versions of the SPDZ protocol hit a variety of obstacles moving toward practical implementation.

However, the latest version of SPDZ has undergone an extensive overhaul, optimizing it for practical implementation in real world situations. One of the main breakthroughs is an entirely new method for verifying the message authentication code on private data which has bypassed the need to recalculate encryption keys as well as some much more efficient methods of ensuring ‘unscrupulous types’ adhere to the protocol!

Using The SPDZ Protocol In The Cloud

Using distributed key generation and decryption the SPDZ protocol ensures that even if one user’s computer is in any way compromised, the cryptography remains intact as only one part of the key has been intercepted. It is this which is really going to make the difference to data centres and cloud hosting providers as it will go some way to block hackers from spreading through various machines – or even from one provider to another, although there is still a substantial amount of work to be done before that becomes a practical reality.

In a cloud environment, users could potentially split their data into several pieces and give each one to a different cloud provider. This means that unless all of those providers collude, which is highly unlikely, then none of those providers have access to the data. When the data has to be processed, the SPDZ protocol could be utilized to perform the computation and send each part to the user where it can be reconstructed.

In a recent interview, Peter Scholl, one of the research team involved with the development of SPDZ 2.0 explained how the team were focused on addressing the speed issues with the protocol in order to ensure practical implementation is possible. ‘We compared secure computation speed with clear computation speed using our implementation and historical CPU data. Currently the online phase of our protocol has roughly the same performance (in multiplications/second) as an Intel 386, which is around 20 “computing years” ahead of where we were with things 2 years ago,” Scholl says. “Unfortunately the technology is currently only practical for small-scale scenarios – the volumes of data and types of algorithms used in most cloud services seem difficult to handle with MPC right now.’

Only time will tell if the SPDZ protocol really can be implemented in real world situations any time soon, but if it can then it will completely revolutionize the cloud computing industry. Security is still very much the stumbling block when it come to convincing individuals and businesses to embrace cloud computing, so if this can be addressed using the SPDZ protocol then the cloud will be ready to take it to the next level. Cloud computing is the future and anything that can be done to support that is well worth pursuing.

James Snowhill is a freelance tech writer who regularly contributes to a number of sites including James is interested in all types of web hosting and is currently learning more about the benefits of having a having a managed server.



Leave a Reply




Gartner IT Operations

SuperCharge Your Cloud

American CISO

IBC 2018

ITBriefcase Comparison Report