Privacy-Enhancing Computation? It would not be unreasonable for you, as a business owner with some form of IT support, to believe that you already have that. In 99 out of 100 cases, you would be wrong. Firewalls, Anti-virus (AV) and password authentication are nowhere near the be-all and end-all of the Cybersecurity measures that are necessary for modern network communications.

This is an area to ask your IT services provider, whether it’s an in-house IT support department or an outsourced Managed IT Services provider. Fire anyone who does not know what Privacy-Enhancing Computation is. Within the IT Support Los Angeles community there are drastically varying degrees of knowledge and competence. Anyone can advertise and do business as an IT services company.

Today’s Cybersecurity is not a single technology that you download or buy in a box. The modern network methods enterprise uses to do business faster and more efficiently also create new vulnerabilities, because nothing is ever perfect. To stay profitable, cyber criminals must (and do) continue to grow ever more sophisticated – they will find the flaws in new technology faster than you, the software/hardware vendor or your IT services will.

It is amazing in this day and age how many CEOs and administrators do not take the protection of their data seriously. The hard, simple truth is: Your data is the life blood of your enterprise. Lose it, and you will most likely lose your business.

To conduct business, some data must be shared, and in order to control the sharing – and who is able to have access to sensitive data, a Privacy-Enhancing Computation regimen must be put in place. Solid Cybersecurity is the key to business privacy and protection, and a qualified IT support firm should implement the technologies.

What is privacy enhancing computation?

PEC is not one single thing – it is a strategy or regimen in Cybersecurity. It is a way to share data to an extent that facilitates the flow of business, allowing a second party to extract the value they need, but without exposing your most confidential data. The two parties to the transaction only receive the ability to share actionable data without passing on sensitive information as well.

There are a number of steps involved in making this happen: encryption and Zero-Knowledge Proofs are the first two.

What are the technologies used for enhancing privacy?

The tools used vary. Typically, a top-notch Managed IT Services provider will know the nature and electronic flow of a company’s data and will implement the procedures that best protect their client’s data. The most common tools or technologies used to establish the highest protocols for Privacy-Enhancing Computation are:

Zero-Knowledge Proofs:
This is a method for verifying the proof of knowledge of some bit of information offered by the ‘prover’ to the ‘verifier’ without revealing the actual information itself. (See the FAQ below).

Secure Multi-Party Computations (SMC
Secure Multi-Party Computation (SMC) allows multiple workers within one company or several, to collaborate on projects together using computing functions over their inputs without revealing them individually. While the computational operations are shared among among all parties, no single party has knowledge of what was done by any other party at any time during the process. This keeps all collaborators on a ‘need-to-know’ basis.

Homomorphic Encryption
This goes a step beyond standard cryptography. Homomorphic encryption protects data while it is being used in computations. Workers and collaborators see and work with data that appears decrypted, but in fact it is encrypted the entire time. Too many IT support companies still use standard encryption.

Differential Privacy
The technical definition for Differential Privacy (DP) is that it is: “A system for publicly sharing information about a dataset by describing the patterns of groups within the dataset while withholding information about individuals in the dataset.” The data necessary for the work or transaction is shared, but the identities of those involved remain hidden.

Trusted Execution Environments (TEE)
A trusted execution environment (TEE) is a section within the main processor of any device that is separate from the device's main operating system (OS). This ensures that data is stored, processed and protected in a secure environment and does not travel through less secure areas.

Also used in the overall strategy are:

Communications anonymizer: This hides a user’s true online identity, replacing it with a disposable, non-traceable identity.
Pseudonymization: Replaces a true identity with artificial identifiers (pseudonyms), which hides data from potential hackers.
Obfuscation: Adding misleading data to a profile or log to defeat intrusive algorithms by masking the data.
Format-Preserving Encryption: A cryptographic tool that encrypts in a way in which the ciphertext (output) is in the same format as the plaintext (input).

Frequently Asked Questions

Q: What is encryption and how does it work?

A: Encryption has been around since ancient times. It is a method of encoding data in a way that makes it available only to authorized parties. Encryption software scrambles the data as it sent. The data can be decrypted on the other end by using a key provided by the sender.

All business data should be encrypted when communicated or stored. If a hacker manages to breach the data, they will not be able to read it.

Q: What is a Zero-Knowledge Proof?

A: A Zero-Knowledge Proof is a method of using encryption to verify knowledge of a certain thing without revealing the thing itself, such as proof of a personal identity.

Example: Party A needs access to something from Party B. Party B has agreed to allow access to Party A, but needs proof that Party A is in fact Party A. A ZK proof enables Party A to prove they are Party A without revealing Personally Identifiable Information (PII), such as name, address, etc. The long, technical name of the application used by Blockchain and Zcash is ‘zk-SNARK’ (zero-knowledge, Succinct, Non-Interactive Argument of Knowledge).

For a better understanding of a ZK Proof, cryptographer Jean-Jacques Quisquater developed the story of ‘The Ali Baba Cave’ in his paper "How to Explain Zero-Knowledge Protocols to Your Children."

Q: What is a zero-knowledge proof example?

A:  Aside from ‘The Ali Baba Cave’ story, 101 Blockchains provides a few simpler examples HERE.

Q: Is VPN a privacy enhancing technology?

A: Virtual Personal Networks (VPNs) offer some very limited online protections, but are only basic tools, and technically not prominent in an advanced Privacy-Enhancing Computation strategy.

How secure is your network?

IT Support LA offers a FREE, no-risk network and security assessment. No strings, and no obligation to ever employ our Managed IT Services. We perform the analysis and deliver a report that is yours to keep.

Just fill out the form on this page or call IT Support LA at:
818-805-0909