Jointly analysing cyber security information without sharing
Jointly analysing cyber security information without sharing
On July 7th, 2020, at a webinar organized for members of CIO Platform Nederland, TNO introdced an ongoing research project in the field of the exchange of cyber security information and Secure Multi-Party Computation (MPC). In this blog post, we'll make the information from the webinar more widely available, as MPC and cyber security can be an interesting and valuable combination for anyone who is working on cyber security (threat) information.
TNO is conducting exploratory research into Secure Mult-Party Computation (MPC) and cyber security information because it expects that valuable analyzes are possible when calculating confidential 'information security data' using MPC. The strength of this technology is that it makes analyzing sensitive data from multiple parties possible, without actually sharing this data.
Throughout 2020 TNO will be working together with other interested parties in order to gain experience with MPC and generate ideas and solutions. They have a lot of freedom to choose partners, test this technique in practice and to investigate its viability.
What is MPC?
Secure Multi-Party Computation (MPC) is a ‘toolbox’ of cryptographic techniques that allows several different parties to combine their (encrypted) data with (encrypted) data from other parties, with the aim of having previously agreed analyzes take place. The agreements are recorded in a mathematical protocol that can replace a trusted third party, and only in accordance with this protocol do analyzes take place on the data. Distinctive and of added value is the fact that the data itself is not exchanged.
Important features of the technique are: the data remains safe, data is not decrypted for the analyzes, it is not possible to deviate from (the number of) parties included in the protocol, the data from the parties cannot be traced, many calculations can take place and it can be integrated with existing tooling. The only thing that is shared is the outcome of the analyzes. Please watch the video about MPC. For more information and videos, please visit www.tno.nl/mpc.
Looking for use cases
The relevance of MPC has been proven in various economic sectors and domains. Application in the cybersecurity domain is relatively new, but could potentially make a major contribution to an information sharing paradox:
Yes Information about how others are doing or what they are seeing is useful. |
Paradox |
NO |
Due to the new character of the technique, identifying a use case is a challenge. Many companies have cyber security (threat) information at their disposal, but how does that compare with the information of others? Can we learn more when we compare data, or merge without knowing exactly what is being merged? Does MPC complement the informal relationship of trust? These questions form the starting position of the exploratory TNO research.
Does your company have any cyber security information that you would like to know from other companies, but which you are hesistant or unable to share yourself?
Do you want to know more? Please contact the project leader of this project Marie Beth van Egmond, marie_beth.vanegmond@tno.nl.