BlueHat IL 2017 - Prof. Yehuda Lindell - Securing Data-In-Use in the Cloud - Myths and Facts

Securing Data-In-Use in the Cloud - Myths and Facts One of the greatest challenges facing companies who wish to move to the cloud is the potential theft of confidential and private data. There exist strong encryption solutions that enable the protection of data at rest, but they are actually more problematic than they look (in many of the offered solutions, you do not own your key). In addition, the power of the cloud is in data processing and this leaves data unprotected and vulnerable. There has therefore been much interest in new format-preserving and order-preserving encryption schemes that enable a cloud service to process data without ever decrypting it. At first sight, this solves the problem since the data always remains encrypted, and the cloud provider is never given the decryption key. In this presentation, we will discuss the problems that arise when attempting to encrypt in the cloud. We will begin by discussing why key ownership is a big issue and problem, and what other alternatives exist. Next, we will show that format and order preserving encryption methods provide a very low level of security. We will describe concrete attacks on realistic use cases for these methods. Finally, we will propose a new paradigm for solving the problem of protecting data in use based on secure multiparty computation. This is a technology which has only recently become practical and can now be used to compute on data without ever revealing it. We will describe how multiparty computation techniques (combined with other advanced cryptographic methods) can be used to process data in the cloud without ever revealing it. New technologies and solutions for processing encrypted data are appearing now in products and there is much interest in adopting them. In this talk, we will demystify these solutions and provide a deep understanding that is necessary for analyzing their security. Attacks will be presented that show that strong security claims often attributed to some solutions do not hold up.