Privacy Computing: How to Accurately Cut into the Vent on the Web3.0 Vent?

Editors Note: This article comes fromWebX Labs Daily (ID: gh_3bc595acebaf), reprinted by Odaily with authorization.

WebX Labs Daily (ID: gh_3bc595acebaf)

, reprinted by Odaily with authorization.

Last month, Gartner, a world-renowned information technology research and consulting company, released the strategic technology trends that need to be focused on in 2021. Among them, the technology of privacy computing is singled out as a major topic. It should be known that in the Gartner report last year, privacy computing can only appear as a small item. These are enough to show that the value of privacy computing will definitely rise in the current two years.

secondary title

The ultimate goal of private computing is not privacy

There are more and more controversies about how companies obtain benefits from consumer data. More and more consumers are gradually realizing the value contained in personal data, and people increasingly want to control their data assets. It has also increased the governments supervision of personal data, and ultimately made various organizations bear more and more pressure on personal data protection and management.

For the above phenomena, the protection of private data is the most direct starting point. But this cannot fully represent the whole concept of private computing. First of all, the motivations and needs of businesses and institutions are different when it comes to privacy. Consumers may simply want to protect their identities, credit card information or other sensitive data to prevent fraud or identity theft. However, enterprises still need to rely on these private data to bring more business growth opportunities, and at the same time bear the pressure of protecting these user information or enterprise sensitive information during the entire process of using private data.

Therefore, when we look at privacy computing, one is privacy, and then computing. The ultimate goal is to maintain user data sovereignty while allowing data to generate value after calculation. Therefore, privacy computing is not just static protection of data, but a process. protection of.

secondary title

The Absolute Prerequisite for the Migration from Web2.0 to Web3.0

Data is an asset, which has become a key feature of the transition from Web 2.0 to Web 3.0. After the user establishes the sovereignty over their own data, another problem will arise. The data is well and firmly held in the hands of the user. At this time, the data has no value, only it is circulated and processed by algorithms and computing power. After processing, a certain value will be generated.

But the question is, after I hand over the data, will it damage my data sovereignty? Will the company use my data to do something beyond the scope of user authorization? Without a solid solution, it is difficult for companies to convince users of themselves. Then the final situation is that users hold data that has no value in their hands, and enterprises cannot obtain a large number of high-quality data sources to generate commercial value.

This is the problem that privacy computing aims to solve. Why is privacy computing an absolute prerequisite for the migration from Web 2.0 to Web 3.0? How can we accurately cut into the opportunity point of this tuyere track? We need a more comprehensive understanding of private computing techniques.

The standard definition of privacy computing is: a collaborative computing problem between a group of mutually distrusting parties, under the premise of protecting private information and without a trusted third party. We can understand it well through the famous Millionaire hypothesis. Two millionaires want to compare who is richer. This is the problem we want to solve. The most direct way is to see who has the most wealth, but At this time, neither party wants to disclose how much money they have. This amount of assets is equivalent to the personal data in our hands. Then we can design an algorithm or device, and two rich people input a specific amount of wealth into that algorithm or device in places they cannot see, and the closed algorithm or device will output the result of who is richer. I dont know how much money they have. Then this process or algorithm and device is privacy computing.

This solves the previous contradiction very well, because enterprises may not need to know your specific information, what they really need is the value generated after the data is processed and calculated. Not only that, but in the real market, the amount and dimension of data held by each company is different. For example, Tencent controls the social habits data of Chinese people, and Taobao has a large amount of user shopping behavior data. Any one-sided data cannot be fully and accurately outlined. All characteristics of the target object. Data flow is a rigid demand of enterprises in the era of digital economy. More and more enterprises or organizations need to conduct in-depth cooperation with upstream and downstream business partners in the industry chain in the field of data circulation and transactions. Because only through the collaborative computing of data from all parties, can the greater value of data be released, production efficiency improved, and industrial innovation promoted. Data sharing and circulation will become rigid business requirements. However, due to many factors such as data ownership, data leakage, and their own commercial interests, companies or organizations with large amounts of data are extremely cautious about opening up their internal data, especially core data. This is the relationship between enterprises and enterprises. The Millionaire Problem.

Privacy computing can protect the data being used while ensuring confidentiality or privacy.

And as mentioned earlier, one of the core features of Web 3.0 is the confirmation of data rights, so only when the data is always in the hands of the owner and has been protected can it be said that it has complete sovereignty. Therefore, from the traffic economy controlled by the platform in the Web 2.0 era to the data economy dominated by Web 3.0 individuals, privacy computing is the absolute key to the transformation.

secondary title

The Track System of Privacy Computing

In the past one or two years, we may have heard such concepts as zero-knowledge proof, TEE, homomorphic encryption sporadically, but it is difficult to have a clear understanding of the overall concept of privacy computing. Generally speaking, privacy computing is mainly divided into two directions: trusted hardware and cryptography.

Trusted hardware direction: TEE

Among them, trusted hardware refers to the establishment of a safe area that we can trust in a piece of hardware, and then puts all data processing calculations in this closed safe area, but security needs to be completely dependent on hardware and hardware Builder of safe environment. Usually Intel or other chip manufacturers. (Intels SGX, ARMs TrustZone, AMDs SEV and other products).

The most representative one is TEE, and other technologies such as neutral country and security sandbox are based on this idea. The advantage of trusted hardware lies in its high versatility. It can handle almost all types of privacy computing tasks, and has low development difficulty and higher performance. But its biggest problem is that betting security on a manufacturer is tantamount to leaving the back door completely to the provider and designer of trusted hardware. In the eyes of the outside world, this implies huge risks. Therefore, trusted hardware solutions will be used more in scenarios that do not pursue ultimate security and require more speed and experience.

Cryptography Direction: Multi-Party Secure Computing

Multi-party secure computing is also commonly seen as MPC, which means that without trusted third-party hosting, multiple parties jointly pass a specific function to safely complete a collaborative computing. Everyone enters their own data secretly, and then everyone Only the last calculated result of this function can be obtained.

Multi-party secure computing is the direction with the longest history and the deepest technical background. All other technologies or solutions involving privacy computing will more or less adopt some technologies of multi-party secure computing. And multi-party secure computing is also the most closely integrated technology direction with blockchain in the past few years. Blockchain can use MPC technology to improve its own data confidentiality capabilities to adapt to more application scenarios. MPC can realize redundant calculation with the help of blockchain technology, so as to obtain verifiable characteristics. Blockchain+MPC has developed extremely fast in the near future, and it is also very imaginative.

Multi-party secure computing can be regarded as a protocol or a collection of technologies, such as zero-knowledge proof, homomorphic encryption, inadvertent transmission, and obfuscated circuits that we often hear are tools for multi-party secure computing. Due to its relatively low versatility and medium performance, multi-party secure computing is often used in some specific scenarios, such as joint data analysis between large institutions and enterprises, and it can also be used to remove blacklists between banks. Heavy and so on. However, in recent years, the performance has improved rapidly, and the application range and value of secure multi-party computing have increased dramatically.

Obfuscated circuits and inadvertent transmission are the core technologies of the mainstream multi-party secure computing framework: during the calculation process, logic or functions will be converted into circuits, data will be encrypted and calculated along this circuit, and the encrypted circuit and related information will be sent to other participants. The receiver then picks up the tag via oblivious transmission, and decrypts the encrypted circuit to get the calculation.

The obfuscation circuit refers to the fact that all calculation logic and problems can be converted into different circuits. For example, if I want to sum, that is the addition circuit, and then the obfuscation circuit conceals key information by encrypting and disturbing the values ​​​​of these circuits. In this way, no one can see the actual effective information in the whole process, and the task required by the circuit is also completed. Inadvertent transmission means that A sends a message to receiver B, and sender A does not know whether B has received the message.

Then there is the zero-knowledge proof of star technology in recent years. The principle of zero-knowledge proof is that A and B are separated by a door, and B needs to prove to A that I have the key to open the door, so how can A on the opposite side of the door believe that B has the key? Just let A see that B opened the door and walked through the locked door in the middle. This way A can trust the fact that B holds the key to the door.

A zero-knowledge proof is when one party states to another that something is true without revealing any information beyond that statement. The prover does not tell you the answer directly, but uses another expression to prove to you until you think the other party really knows the answer. There are also many types of zero-knowledge proof technology, such as zk-SNARKs used by Zcash and zk-STARKs often mentioned by Vitalik Buterin.

Zero knowledge proofs (Zero knowledge proofs) are currently recognized as the perfect solution. Although the technical implementation is the most difficult, it has the best effect in protecting the privacy and security of the Ethereum network.