SBA Live Academy, What the heck is secure computing

SBA Research
SBA ResearchSBA Research
Klassifikation: Öffentlich Welcome to the SBA LiveAcademy #bleibdaheim #remotelearning Today: What the Heck is Secure Computing? by Matthias Gusenbauer You are automatically muted by entry, please use the chat for interacting with us. This talk will be recorded as soon as the presentation starts! Recording will end BEFORE the Q&A Session starts.
Klassifikation: Öffentlich What the Heck is Secure Computing and why should I care? SBA Research gGmbH, 2020
Klassifikation: Öffentlich 3 Whatis Secure Computing? • Compute on encrypted data o Secure Multiparty Computation (MPC) – Jointly compute on private data – "Data sharing without sharing data" o Fully Homomorphic Encryption (FHE) – Compute on ciphertext – Outsource computation without losing privacy SBA Research gGmbH, 2020
Klassifikation: Öffentlich 4 MPC vs FHE + - Basis MPC • Faster • More tool choice • More communication • Secret sharing • Oblivioustransfer FHE • Less communication • Slower • Less tool choice • Mathematical properties of ciphertext SBA Research gGmbH, 2020
Klassifikation: Öffentlich 5 MPC Example • Average salary of Academy participants • Only learn output (nothing else) • Secret sharing o Additive Secret Sharing SBA Research gGmbH, 2020
Klassifikation: Öffentlich 6 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR Z2: 2350 EURZ3: 2000 EUR
Klassifikation: Öffentlich 7 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900
Klassifikation: Öffentlich 8 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 S3,2 | S2,3
Klassifikation: Öffentlich 9 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650
Klassifikation: Öffentlich 10 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650 T3 | T2
Klassifikation: Öffentlich 11 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650 T1+T2+T3=SumFinal Average=SumFinal/3 = 2283,33
Klassifikation: Öffentlich 12 MPC Use Cases SBA Research gGmbH, 2020 Awesome Company C1 C3 C2 SecurityPrivacy
Klassifikation: Öffentlich 13 MPC Use Cases • Privacy o Machine learning o Credit score computation o Combining health data • Security o System resiliency o Remove single point of failure (e.g. key splitting) o Protection of assets SBA Research gGmbH, 2020
Klassifikation: Öffentlich 14 ImportantConsiderations • 2PC or MPC? • Honest or dishonest majority? • Semi-honest or malicious security? • Cryptography knowledge in house? o Some pitfalls (inadvertent leakage, performance) • Open to work with research code? o Proprietary platforms (tech support) o Open source tools (more choices) SBA Research gGmbH, 2020
Klassifikation: Öffentlich 15 Existing Tools • Proprietary o Unbound o Cybernetica (Sharemind) • Open source o JIFF o Scale-Mamba o … SBA Research gGmbH, 2020
Klassifikation: Öffentlich 16 My 3 Key Take-Aways 1. Secure Computation is possible (MPC) 2. MPC replaces trusted third parties 3. MPC can enable new business cases and increase my security SBA Research gGmbH, 2020
Klassifikation: Öffentlich 17 My Study • MPC adoption and lack thereof • 30-45 minute interview (recorded – 20 EUR Amazon voucher) • Strict protection of participants' privacy • https://de.surveymonkey.com/r/PCB29X9 (or send me an email) SBA Research gGmbH, 2020
Klassifikation: Öffentlich 18 Matthias Gusenbauer SBA Research gGmbH Floragasse 7, 1040 Wien MGusenbauer@sba-research.org SBA Research gGmbH, 2020
Klassifikation: Öffentlich 19 ProfessionalServices Penetration Testing Architecture Reviews Security Audit Security Trainings Incident Response Readiness ISMS & ISO 27001 Consulting Bridging Science and Industry Applied Research Industrial Security| IIoT Security| Mathematics for SecurityResearch | Machine Learning| Blockchain | Network Security| Sustainable Software Systems | Usable Security SBAResearch Knowledge Transfer SBA Live Academy | sec4dev | Trainings | Events | Teaching | sbaPRIME Contact us: anfragen@sba-research.org
Klassifikation: Öffentlich 20 References • Character images "Shadow Tactics – Blades of the Shogun • MPC overview paper "SoK: General Purpose Compilers for Secure Multi-Party Computation" by Hastings et al. • Unbound - https://www.unboundtech.com/ • Sharemind - https://sharemind.cyber.ee/ SBA Research gGmbH, 2020
Klassifikation: Öffentlich 21 #bleibdaheim #remotelearning Coming up @ SBA Live Academy Datum einfügen, 13.00 Uhr, live: „Talk Titel einfügen“ by „Speaker einfügen“ Join our MeetUp Group! https://www.meetup.com/Security-Meetup-by-SBA-Research/ Insert here a picture related to the next talk, if you don‘t get / find one use the Academy Picture
Klassifikation: Öffentlich 22 Abschnitt Untertitel für Abschnitt SBA Research gGmbH, 2020
Klassifikation: Öffentlich 23 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650 T1+T2+T3=SumFinal Average=SumFinal/3 S3,2 | S2,3
Klassifikation: Öffentlich 24 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650 T1+T2+T3=SumFinal Average=SumFinal/3 T3 | T2
1 von 24

SBA Live Academy, What the heck is secure computing

Downloaden Sie, um offline zu lesen
Technologie

"What the heck is secure computing?" What is “secure computing”? Why should it be important to me? Now that it is important to me, how can I use secure computing for my work? This presentation will give an overview of the two main types of secure computing. We explain the fundamental ideas behind the technology and point out important details. We also present ideas on how this technology can be used for new applications, and last but not least, we answer your questions. Speaker: Matthias Gusenbauer, Talk language: English About the Speaker: ********************* I am a researcher at SBA Research in Vienna, Austria. My research focuses on bridging people and technology to solve issues in security and privacy. In order to accomplish this I focus on usable security and privacy with an interest in applied cryptography. I have been a research fellow at the National Institute of Informatics (NII) in Tokyo to work on visualizing network traces. During a second stay with the NII as part of Echizen Laboratory I worked on visualizing the Bitcoin blockchain. Now I continue to work in the domain of usable security, cryptography and privacy.

SBA Research
SBA ResearchSBA Research

Recomendados

SBA Live Academy - Physical Attacks against (I)IoT-Devices, Embedded Devices,...SBA Live Academy - Physical Attacks against (I)IoT-Devices, Embedded Devices,...
SBA Live Academy - Physical Attacks against (I)IoT-Devices, Embedded Devices,...SBA Research
183 views41 Folien
SBA Live Academy - Angriffe auf Windows Domains und Delegation by Reinhard Ku...SBA Live Academy - Angriffe auf Windows Domains und Delegation by Reinhard Ku...
SBA Live Academy - Angriffe auf Windows Domains und Delegation by Reinhard Ku...SBA Research
400 views28 Folien
SBA Live Academy: A Primer in Single Page Application Security by Thomas KonradSBA Live Academy: A Primer in Single Page Application Security by Thomas Konrad
SBA Live Academy: A Primer in Single Page Application Security by Thomas KonradSBA Research
271 views36 Folien
SBA Live Academy: Software Security – Towards a Mature Lifecycle and DevSecOp...SBA Live Academy: Software Security – Towards a Mature Lifecycle and DevSecOp...
SBA Live Academy: Software Security – Towards a Mature Lifecycle and DevSecOp...SBA Research
374 views41 Folien
SBA Live Academy - CRLite – Revocation for X.509 certificates in the browser ...SBA Live Academy - CRLite – Revocation for X.509 certificates in the browser ...
SBA Live Academy - CRLite – Revocation for X.509 certificates in the browser ...SBA Research
180 views17 Folien
SBA Live Academy - After the overflow: self-defense techniques (Linux Kernel)...SBA Live Academy - After the overflow: self-defense techniques (Linux Kernel)...
SBA Live Academy - After the overflow: self-defense techniques (Linux Kernel)...SBA Research
140 views25 Folien

Más contenido relacionado

Was ist angesagt?

Was ist angesagt?(18)

Trusted Environment. Blockchain for business: best practices, experience, tipsTrusted Environment. Blockchain for business: best practices, experience, tips
Trusted Environment. Blockchain for business: best practices, experience, tips
Kaspersky399 views
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APT
Simone Onofri499 views
A Stratagem on Strategy: Rolling Security Testing into Product TestingA Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product Testing
Kevin Fealey125 views
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE ATT&CKcon 2018: Detection Philosophy, Evolution & ATT&CK, Fred Stankows...
MITRE - ATT&CKcon1.8K views
Mitre getting-started-with-attack-october-2019Mitre getting-started-with-attack-october-2019
Mitre getting-started-with-attack-october-2019
Thang Nguyen124 views
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
JPCERT Coordination Center1.9K views
DevTalks 2021 Cloud Engineering @CrowdstrikeDevTalks 2021 Cloud Engineering @Crowdstrike
DevTalks 2021 Cloud Engineering @Crowdstrike
Cosmin Bratu244 views
Vulnerabilities of machine learning infrastructureVulnerabilities of machine learning infrastructure
Vulnerabilities of machine learning infrastructure
Sergey Gordeychik346 views
Making Network Security RelevantMaking Network Security Relevant
Making Network Security Relevant
HP Enterprise Italia964 views
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare NelsonZero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson
SSIMeetup5.8K views
NuCypher ICO Review, Ratings And Complete AnalysisNuCypher ICO Review, Ratings And Complete Analysis
NuCypher ICO Review, Ratings And Complete Analysis
CoinGape57 views
[OPD 2019] Threat modeling at scale[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale
OWASP316 views
Mobile Application Penetration TestingMobile Application Penetration Testing
Mobile Application Penetration Testing
BGA Cyber Security6.9K views
Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...
Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledg...
Clare Nelson, CISSP, CIPP-E2.7K views
Guardicore - Shrink Your Attack Surface with Micro-SegmentationGuardicore - Shrink Your Attack Surface with Micro-Segmentation
Guardicore - Shrink Your Attack Surface with Micro-Segmentation
CSNP336 views
Webinar–OWASP Top 10 for JavaScript for DevelopersWebinar–OWASP Top 10 for JavaScript for Developers
Webinar–OWASP Top 10 for JavaScript for Developers
Synopsys Software Integrity Group715 views
Adversary Emulation - DerpConAdversary Emulation - DerpCon
Adversary Emulation - DerpCon
Jorge Orchilles1.8K views
Software Engineering Process at SSLSoftware Engineering Process at SSL
Software Engineering Process at SSL
SSL784 views

Similar a SBA Live Academy, What the heck is secure computing

Similar a SBA Live Academy, What the heck is secure computing(20)

2017 06-08 2nd BIG IoT Webinar2017 06-08 2nd BIG IoT Webinar
2017 06-08 2nd BIG IoT Webinar
BIG IoT Project947 views
2016-04-CI-Transformation-cross-border-Nauheim2016-04-CI-Transformation-cross-border-Nauheim
2016-04-CI-Transformation-cross-border-Nauheim
Christina Sterenborg MBA1.3K views
2017 06-01 1st BIG IoT Webinar2017 06-01 1st BIG IoT Webinar
2017 06-01 1st BIG IoT Webinar
BIG IoT Project1.1K views
BIM and Scrum in construction BIM and Scrum in construction
BIM and Scrum in construction
Adrian August Wildenauer1.8K views
More scalable and valuable market intelligence with deep text analytics - Mea...More scalable and valuable market intelligence with deep text analytics - Mea...
More scalable and valuable market intelligence with deep text analytics - Mea...
MeaningCloud1.9K views
Azure for gamingAzure for gaming
Azure for gaming
Angelo Gino Varrati63 views
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Ulf Mattsson155 views
Speeding Up Data Science: From a Data Management PerspectiveSpeeding Up Data Science: From a Data Management Perspective
Speeding Up Data Science: From a Data Management Perspective
Jiannan Wang582 views
IT Mega Projects in BankingIT Mega Projects in Banking
IT Mega Projects in Banking
Frank Schwab11.3K views
Mehr und schneller ist nicht automatisch besser - data2day, 06.10.16Mehr und schneller ist nicht automatisch besser - data2day, 06.10.16
Mehr und schneller ist nicht automatisch besser - data2day, 06.10.16
Boris Adryan705 views
BIM for health and safety - Its a No-BrainerBIM for health and safety - Its a No-Brainer
BIM for health and safety - Its a No-Brainer
Stefan Mordue RIBA1.3K views
Lessons from Analyzing All of Europe's DataLessons from Analyzing All of Europe's Data
Lessons from Analyzing All of Europe's Data
Inspirient16 views
Advices and strategies I learned from my first business attemptAdvices and strategies I learned from my first business attempt
Advices and strategies I learned from my first business attempt
Kyriakos Chatzidimitriou74 views
Global C4IR-1 Masterclass Adryan - Zuehlke Engineering 2017Global C4IR-1 Masterclass Adryan - Zuehlke Engineering 2017
Global C4IR-1 Masterclass Adryan - Zuehlke Engineering 2017
Justin Hayward371 views
CloudCamp Chicago - November 2013 Fighting Cloud FUDCloudCamp Chicago - November 2013 Fighting Cloud FUD
CloudCamp Chicago - November 2013 Fighting Cloud FUD
CloudCamp Chicago1.7K views
InTTrust_intro_ai_2019InTTrust_intro_ai_2019
InTTrust_intro_ai_2019
InTTrust S.A.42 views
The Fine Art of Time Travelling - Implementing Event Sourcing - Andrea Saltar...The Fine Art of Time Travelling - Implementing Event Sourcing - Andrea Saltar...
The Fine Art of Time Travelling - Implementing Event Sourcing - Andrea Saltar...
ITCamp1.6K views
Ypo 20190131 v1 Ypo 20190131 v1
Ypo 20190131 v1
ISSIP486 views
Watson IoT at Think 2018Watson IoT at Think 2018
Watson IoT at Think 2018
Helen Fisher772 views
BDE SC3.3 Workshop - BDE review: Scope and Opportunities BDE SC3.3 Workshop - BDE review: Scope and Opportunities
BDE SC3.3 Workshop - BDE review: Scope and Opportunities
BigData_Europe206 views

Más de SBA Research

Más de SBA Research(19)

NDSS 2021 RandRunner: Distributed Randomness from Trapdoor VDFs with Strong U...NDSS 2021 RandRunner: Distributed Randomness from Trapdoor VDFs with Strong U...
NDSS 2021 RandRunner: Distributed Randomness from Trapdoor VDFs with Strong U...
SBA Research74 views
SBA Security Meetup – Security Requirements Management 101 by Daniel Schwarz ...SBA Security Meetup – Security Requirements Management 101 by Daniel Schwarz ...
SBA Security Meetup – Security Requirements Management 101 by Daniel Schwarz ...
SBA Research75 views
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...
SBA Security Meetup: Building a Secure Architecture – A Deep-Dive into Securi...
SBA Research86 views
SBA Security Meetup: I want to break free - The attacker inside a ContainerSBA Security Meetup: I want to break free - The attacker inside a Container
SBA Security Meetup: I want to break free - The attacker inside a Container
SBA Research104 views
"Rund um die ISO27001 Zertifizierung – Nähkästchentalk" by Thomas Kopeinig"Rund um die ISO27001 Zertifizierung – Nähkästchentalk" by Thomas Kopeinig
"Rund um die ISO27001 Zertifizierung – Nähkästchentalk" by Thomas Kopeinig
SBA Research147 views
Secure development on Kubernetes by Andreas FalkSecure development on Kubernetes by Andreas Falk
Secure development on Kubernetes by Andreas Falk
SBA Research168 views
SBA Live Academy - "BIG BANG!" Highlights & key takeaways of 24 security talksSBA Live Academy - "BIG BANG!" Highlights & key takeaways of 24 security talks
SBA Live Academy - "BIG BANG!" Highlights & key takeaways of 24 security talks
SBA Research231 views
SBA Live Academy, Rechtliche Risiken mit externen MitarbeiternSBA Live Academy, Rechtliche Risiken mit externen Mitarbeitern
SBA Live Academy, Rechtliche Risiken mit externen Mitarbeitern
SBA Research181 views
Tools & techniques, building a dev secops culture at mozilla sba live a...Tools & techniques, building a dev secops culture at mozilla sba live a...
Tools & techniques, building a dev secops culture at mozilla sba live a...
SBA Research220 views
HydRand: Efficient Continuous Distributed Randomness. IEEE S&P 2020 by Philip...HydRand: Efficient Continuous Distributed Randomness. IEEE S&P 2020 by Philip...
HydRand: Efficient Continuous Distributed Randomness. IEEE S&P 2020 by Philip...
SBA Research169 views
SBA Live Academy - Secure Containers for Developer by Mathias TausigSBA Live Academy - Secure Containers for Developer by Mathias Tausig
SBA Live Academy - Secure Containers for Developer by Mathias Tausig
SBA Research154 views
SBA Live Academy - Passwords: Policy and Storage with NIST SP800-63b by Jim M...SBA Live Academy - Passwords: Policy and Storage with NIST SP800-63b by Jim M...
SBA Live Academy - Passwords: Policy and Storage with NIST SP800-63b by Jim M...
SBA Research154 views
SBA Live Academy - Threat Modeling 101 – eine kurze aber praxisnahe Einführun...SBA Live Academy - Threat Modeling 101 – eine kurze aber praxisnahe Einführun...
SBA Live Academy - Threat Modeling 101 – eine kurze aber praxisnahe Einführun...
SBA Research213 views
SBA Live Academy - Angriffe gegen das Stromnetz – Wenn der Strom nicht mehr a...SBA Live Academy - Angriffe gegen das Stromnetz – Wenn der Strom nicht mehr a...
SBA Live Academy - Angriffe gegen das Stromnetz – Wenn der Strom nicht mehr a...
SBA Research211 views
SBA Live Academy: Cyber Resilience - Failure is not an option by Simon TjoaSBA Live Academy: Cyber Resilience - Failure is not an option by Simon Tjoa
SBA Live Academy: Cyber Resilience - Failure is not an option by Simon Tjoa
SBA Research206 views
SBA Live Academy: Datenschutz Teil 1: Wozu Datenschutzgesetze? by Gerald SenderaSBA Live Academy: Datenschutz Teil 1: Wozu Datenschutzgesetze? by Gerald Sendera
SBA Live Academy: Datenschutz Teil 1: Wozu Datenschutzgesetze? by Gerald Sendera
SBA Research148 views
SBA Live Academy: Remote Access – Top Security Challenges – Teil 2 by Günther...SBA Live Academy: Remote Access – Top Security Challenges – Teil 2 by Günther...
SBA Live Academy: Remote Access – Top Security Challenges – Teil 2 by Günther...
SBA Research285 views
SBA Live Academy, Supply Chain & Cyber Security in einem Atemzug by Stefan Ja...SBA Live Academy, Supply Chain & Cyber Security in einem Atemzug by Stefan Ja...
SBA Live Academy, Supply Chain & Cyber Security in einem Atemzug by Stefan Ja...
SBA Research219 views
SBA Live Academy - Remote Access – Top Security Challenges, Part 1 - Günther ...SBA Live Academy - Remote Access – Top Security Challenges, Part 1 - Günther ...
SBA Live Academy - Remote Access – Top Security Challenges, Part 1 - Günther ...
SBA Research235 views

Último

Último(20)

Data-centric AI and the convergence of data and model engineering: opportunit...Data-centric AI and the convergence of data and model engineering: opportunit...
Data-centric AI and the convergence of data and model engineering: opportunit...
Paolo Missier25 views
AI: mind, matter, meaning, metaphors, being, becoming, life valuesAI: mind, matter, meaning, metaphors, being, becoming, life values
AI: mind, matter, meaning, metaphors, being, becoming, life values
Twain Liu 刘秋艳32 views
TE Connectivity: Card Edge InterconnectsTE Connectivity: Card Edge Interconnects
TE Connectivity: Card Edge Interconnects
CXL Forum95 views
Transcript: The Details of Description Techniques tips and tangents on altern...Transcript: The Details of Description Techniques tips and tangents on altern...
Transcript: The Details of Description Techniques tips and tangents on altern...
BookNet Canada106 views
Level-up Your Cloud Visibility Into AWS With ThousandEyesLevel-up Your Cloud Visibility Into AWS With ThousandEyes
Level-up Your Cloud Visibility Into AWS With ThousandEyes
ThousandEyes88 views
The Research Portal of Catalonia: Growing more (information) & more (services)The Research Portal of Catalonia: Growing more (information) & more (services)
The Research Portal of Catalonia: Growing more (information) & more (services)
CSUC - Consorci de Serveis Universitaris de Catalunya59 views
Samsung: CMM-H Tiered Memory Solution with Built-in DRAMSamsung: CMM-H Tiered Memory Solution with Built-in DRAM
Samsung: CMM-H Tiered Memory Solution with Built-in DRAM
CXL Forum101 views
Photowave Presentation Slides - 11.8.23.pptxPhotowave Presentation Slides - 11.8.23.pptx
Photowave Presentation Slides - 11.8.23.pptx
CXL Forum120 views
CXL at OCPCXL at OCP
CXL at OCP
CXL Forum203 views
ChatGPT and AI for Web DevelopersChatGPT and AI for Web Developers
ChatGPT and AI for Web Developers
Maximiliano Firtman161 views
Spesifikasi Lengkap ASUS Vivobook Go 14Spesifikasi Lengkap ASUS Vivobook Go 14
Spesifikasi Lengkap ASUS Vivobook Go 14
Dot Semarang34 views
The details of description: Techniques, tips, and tangents on alternative tex...The details of description: Techniques, tips, and tangents on alternative tex...
The details of description: Techniques, tips, and tangents on alternative tex...
BookNet Canada103 views
"Fast Start to Building on AWS", Igor Ivaniuk"Fast Start to Building on AWS", Igor Ivaniuk
"Fast Start to Building on AWS", Igor Ivaniuk
Fwdays34 views
Web Dev - 1 PPT.pdfWeb Dev - 1 PPT.pdf
Web Dev - 1 PPT.pdf
gdsczhcet49 views
How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...
How to reduce cold starts for Java Serverless applications in AWS at JCON Wor...
Vadym Kazulkin56 views
.conf Go 2023 - SIEM project @ SNF.conf Go 2023 - SIEM project @ SNF
.conf Go 2023 - SIEM project @ SNF
Splunk178 views
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
Splunk186 views
"Thriving Culture in a Product Company — Practical Story", Volodymyr Tsukur"Thriving Culture in a Product Company — Practical Story", Volodymyr Tsukur
"Thriving Culture in a Product Company — Practical Story", Volodymyr Tsukur
Fwdays39 views
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About Postman
Postman22 views
Micron CXL product and architecture updateMicron CXL product and architecture update
Micron CXL product and architecture update
CXL Forum23 views

SBA Live Academy, What the heck is secure computing

  • 1. Klassifikation: Öffentlich Welcome to the SBA LiveAcademy #bleibdaheim #remotelearning Today: What the Heck is Secure Computing? by Matthias Gusenbauer You are automatically muted by entry, please use the chat for interacting with us. This talk will be recorded as soon as the presentation starts! Recording will end BEFORE the Q&A Session starts.
  • 2. Klassifikation: Öffentlich What the Heck is Secure Computing and why should I care? SBA Research gGmbH, 2020
  • 3. Klassifikation: Öffentlich 3 Whatis Secure Computing? • Compute on encrypted data o Secure Multiparty Computation (MPC) – Jointly compute on private data – "Data sharing without sharing data" o Fully Homomorphic Encryption (FHE) – Compute on ciphertext – Outsource computation without losing privacy SBA Research gGmbH, 2020
  • 4. Klassifikation: Öffentlich 4 MPC vs FHE + - Basis MPC • Faster • More tool choice • More communication • Secret sharing • Oblivioustransfer FHE • Less communication • Slower • Less tool choice • Mathematical properties of ciphertext SBA Research gGmbH, 2020
  • 5. Klassifikation: Öffentlich 5 MPC Example • Average salary of Academy participants • Only learn output (nothing else) • Secret sharing o Additive Secret Sharing SBA Research gGmbH, 2020
  • 6. Klassifikation: Öffentlich 6 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR Z2: 2350 EURZ3: 2000 EUR
  • 7. Klassifikation: Öffentlich 7 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900
  • 8. Klassifikation: Öffentlich 8 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 S3,2 | S2,3
  • 9. Klassifikation: Öffentlich 9 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650
  • 10. Klassifikation: Öffentlich 10 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650 T3 | T2
  • 11. Klassifikation: Öffentlich 11 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650 T1+T2+T3=SumFinal Average=SumFinal/3 = 2283,33
  • 12. Klassifikation: Öffentlich 12 MPC Use Cases SBA Research gGmbH, 2020 Awesome Company C1 C3 C2 SecurityPrivacy
  • 13. Klassifikation: Öffentlich 13 MPC Use Cases • Privacy o Machine learning o Credit score computation o Combining health data • Security o System resiliency o Remove single point of failure (e.g. key splitting) o Protection of assets SBA Research gGmbH, 2020
  • 14. Klassifikation: Öffentlich 14 ImportantConsiderations • 2PC or MPC? • Honest or dishonest majority? • Semi-honest or malicious security? • Cryptography knowledge in house? o Some pitfalls (inadvertent leakage, performance) • Open to work with research code? o Proprietary platforms (tech support) o Open source tools (more choices) SBA Research gGmbH, 2020
  • 15. Klassifikation: Öffentlich 15 Existing Tools • Proprietary o Unbound o Cybernetica (Sharemind) • Open source o JIFF o Scale-Mamba o … SBA Research gGmbH, 2020
  • 16. Klassifikation: Öffentlich 16 My 3 Key Take-Aways 1. Secure Computation is possible (MPC) 2. MPC replaces trusted third parties 3. MPC can enable new business cases and increase my security SBA Research gGmbH, 2020
  • 17. Klassifikation: Öffentlich 17 My Study • MPC adoption and lack thereof • 30-45 minute interview (recorded – 20 EUR Amazon voucher) • Strict protection of participants' privacy • https://de.surveymonkey.com/r/PCB29X9 (or send me an email) SBA Research gGmbH, 2020
  • 18. Klassifikation: Öffentlich 18 Matthias Gusenbauer SBA Research gGmbH Floragasse 7, 1040 Wien MGusenbauer@sba-research.org SBA Research gGmbH, 2020
  • 19. Klassifikation: Öffentlich 19 ProfessionalServices Penetration Testing Architecture Reviews Security Audit Security Trainings Incident Response Readiness ISMS & ISO 27001 Consulting Bridging Science and Industry Applied Research Industrial Security| IIoT Security| Mathematics for SecurityResearch | Machine Learning| Blockchain | Network Security| Sustainable Software Systems | Usable Security SBAResearch Knowledge Transfer SBA Live Academy | sec4dev | Trainings | Events | Teaching | sbaPRIME Contact us: anfragen@sba-research.org
  • 20. Klassifikation: Öffentlich 20 References • Character images "Shadow Tactics – Blades of the Shogun • MPC overview paper "SoK: General Purpose Compilers for Secure Multi-Party Computation" by Hastings et al. • Unbound - https://www.unboundtech.com/ • Sharemind - https://sharemind.cyber.ee/ SBA Research gGmbH, 2020
  • 21. Klassifikation: Öffentlich 21 #bleibdaheim #remotelearning Coming up @ SBA Live Academy Datum einfügen, 13.00 Uhr, live: „Talk Titel einfügen“ by „Speaker einfügen“ Join our MeetUp Group! https://www.meetup.com/Security-Meetup-by-SBA-Research/ Insert here a picture related to the next talk, if you don‘t get / find one use the Academy Picture
  • 22. Klassifikation: Öffentlich 22 Abschnitt Untertitel für Abschnitt SBA Research gGmbH, 2020
  • 23. Klassifikation: Öffentlich 23 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650 T1+T2+T3=SumFinal Average=SumFinal/3 S3,2 | S2,3
  • 24. Klassifikation: Öffentlich 24 MPC Example SBA Research gGmbH, 2020 Z1: 2500 EUR S1,1=1000 S1,2=250 S1,3=1250 Z2: 2350 EUR S2,1=150 S2,2=700 S2,3=1500 Z3: 2000 EUR S3,1=300 S3,2=800 S3,3=900 Add S1,1+S2,1+S3,1 T1=1000+150+300=1450 Add S2,2+S1,2+S3,2 T2=700+250+800=1750 Add S3,3+S1,3+S2,3 T3=900+1250+1500=3650 T1+T2+T3=SumFinal Average=SumFinal/3 T3 | T2