NYUAD builds microprocessor that safeguards encrypted data
CoPHEE mitigates data leakage by computing directly using encrypted data without decryption
Scientists at NYU Abu Dhabi (NYUAD) have designed a Co-processor for Partially Homomorphic Encrypted Execution (CoPHEE), a microprocessor that provides support for data privacy using cryptography.
CoPHEE aims at mitigating data leakage and limiting the threats and vulnerabilities from hackers, by computing directly using encrypted data without decryption. This is unlike regular PCs and smartphones’ processors, which compute on ordinary (unencrypted) data only, such as calculating numerical figures.
“Existing data protection solutions protect data at rest in our hard disks and data in transit over the internet, similar to Whatsapp’s end-to-end encryption,” said Maniatakos. “These solutions are not suitable to manipulate encrypted data i.e. perform operations directly on the encrypted domain. With this new processor, non-trivial encrypted data manipulation is a reality and anyone stealing our data from our computers can do nothing with it since everything is encrypted. We are confident that any smart technology using data can benefit from the new processor including PCs, personal tablets, and smartphones,” he added.
The project is led by NYUAD Assistant Professor of Electrical and Computer Engineering Michail Maniatakos, with contributors including research engineers at NYUAD’s Centre for Cyber Security (NYUAD CCS) Mohammed Nabeel and Mohammed Ashraf, NYUAD CCS Post-doctoral Associate Eduardo Chielle, and NYU alumni and Assistant Professor of Electrical and Computer Engineering at the University of Delaware Nektarios Tsoutsos.
Encrypting a value would mean that no further operations can be performed on the data unless it is decrypted using a secret key to operate on the value. Research suggests that CoPHEE allows users to operate on the data without having to decrypt.
With the Middle East region increasingly dependent on cloud services, there is a concern regarding the security and privacy of outsourced data. Third-party cloud services contain user-sensitive information regarding a user’s financial status, healthcare, and much more, leading to a dire need of protecting outsourced data than ever before.