SPDZ set to make the cloud more secure
SPDZ set to make the cloud more secure
Joint research by British and Danish universities could soon be used to ensure working via the cloud will be both more secure and private for multiple users of the same system, potentially encouraging a greater take-up.
The teams from the University of Bristol and Aarhus University are presenting their work at the 18th European Symposium on Research in Computer Security this week. They will unveil the SPDZ protocol – pronounced Speedz – which has been created to allow different users to input work into the same system at the same time, without being able to see what the other users are doing. It will create a multi-party computation system, which the developers say will be secure against both outside attack, while providing privacy for different users working within the same company.
The two groups previously worked on the theory of the system but development of the SPDZ protocol means that it can now be applied practically. The development is likely to be especially appealing to business users inputting information into shared cloud applications, as well as the financial, chemical and pharmaceutical sectors which frequently need to compute secure data.
Nigel Smart, Professor of Cryptology at the University of Bristol's Department of Computer Science, led the Anglo-Danish project.
He said: “We have demonstrated our protocol to various groups and organisations across the world, and everyone is impressed by how fast we can actually perform secure computations.
"Only a few years ago such a theoretical idea becoming reality was considered Alice in Wonderland style over ambitious hope. However, we in Bristol realised around five years ago that a number of advances in different areas would enable the pipe dream to be achieved.”
Bristol University is looking at commercial options to bring the SPDZ protocol to the market. Professor Smart has co-founded a company with Professor Yehuda Lindell from Bar-Ilan University in Israel to explore the options.
Businesses looking to move services into the cloud, should evaluate the performance of their existing network and consider setting up a leased line or MPLS network.