This needs more explanation of what's going on and what the benefit is. Don't tell us it's big deal ("the holy grail of secure computation"), show us why it is.
I had to stare at the animated gif for a quite a long while before I realized the two spreadsheets were different, and I still don't get quite what's happening here. Computations are not automatically updated when input data changes like they usually are in spreadsheets? Do both sides have to agree to compute the cell before the operation is performed?
There's a succint description of the steps at the webpage:
1- Both parties have to agree to the same formulas that will be computed
2- The spreadsheets are different because the inputs of the two parties are different, not the formulas
3- When both parties agree to compute the same cell, the secure multi-party computation between both parties starts: when it's finished, the result is displayed on a destination cell or as a comment
The point is that computer users, not knowing advanced cryptography, will be able to securely compute in a transparent way (ie. "cryptography dissappears").
1. Two complex spreadsheets, they look similar (therefore, assume they're the same)
2. Click some cells
3. Wait...
4. TADA, A number appears!?!??
What is this number? How is this different from regular spreadsheets, is it just a super slow formula eval? Why are there two identical sheets (it's moving way too fast to notice that they're different)? Why did you select the cell first? Before any of these questions could be answered by actually reading the spreadsheet the animation jumps straight to the next one, which is essentially the exact same as the last with a different title at the top.
Also, why are you demoing starting from selecting the output cells, like 5 times? That's the most boring and repetitive part of your whole product.
Your demo should be MUCH simpler. Start with a single blank spreadsheet and solve the millionaire problem (you mentioned it elsewhere) in 15 seconds, including typing the formula and sending the sheet to the second person. This problem is simple to conceptualize and easy to motivate.
> There's a succint description of the steps at the webpage:
You put a colon there as if what's below is the "succinct explanation," but that explanation is no where on the site.
Also useful would be a better use-case for both parties needing to keep their numbers secret. Perhaps this is a common scenario, but I don't understand why (although I can't imagine it's that common if there's no tool yet).
One of your examples (Leveraged Buyout Analysis) shows the two views, one of which is the bank's view. In the bank's view, their premiums and fees are hidden. Why would this be secret information?
I'm not exactly sure what is being sold here. Is it an ostensibly-secure spreadsheet as a service?
If I wanted a secure spreadsheet my instinct would be to use LibreOffice on an airgapped system and store it in an encrypted container of some kind... I'm not sure any sort of cloud solutions would even enter into my deliberations if I had truly sensitive stuff to work with.
I agree it's confusing, but from my reading I think they're talking about a different kind of security than what you describe.
It's more like this: you and I have some process we're collaborating on, and we both have an interest in getting accurate outputs from some kind of computation related to that process. But the only way to get really accurate outputs is to feed in proprietary, "secret" data from both your company and mine, and while we both have an interest in those outputs, neither of us wants to share our proprietary data with the other.
This solves that problem by letting us each put our data into our own Excel workbook, mine visible only to me and yours only to you, and then get the output of some mutually-agreed-upon calculation using both of our inputted data, without ever seeing the numbers the other party put into their workbook. So if you and I can agree on formulas that would provide the outputs we want, and I trust you to enter accurate data on your end and you trust me on mine, we can now do a lot of interesting analysis without ever having to open our respective kimonos, as the saying goes (http://www.npr.org/sections/codeswitch/2014/11/02/360479744/...).
I have no idea how well it actually works, or how secure the data flowing between the workbooks actually is. But it's an interesting idea!
>It's more like this: you and I have some process we're collaborating on, and we both have an interest in getting accurate outputs from some kind of computation related to that process. But the only way to get really accurate outputs is to feed in proprietary, "secret" data from both your company and mine, and while we both have an interest in those outputs, neither of us wants to share our proprietary data with the other.
Ahh, that makes a little more sense. Seems like I could get your "secret" data by simply reversing the operation that gives us our shared result, though, doesn't it? Unless it's some kind of modulo type thing.
In general you are correct, but there are still easy cases where reversing is trivial.
For example if the shared output is the average (AVG = (X1 + X2) / 2). If I know X1 and AVG, I can easily calculate X2 (X2 = AVG * 2 - X1).
However, usually you want to calculate something more interesting, that depends on more variables, so you won't get an exact number on the other parties secret inputs.
It's not about encrypting files (encryption at rest): you can do the secure multi-party computations over your private LAN, and the encrypted network traffic will never leak to anybody (ie. no way to cryptanalyze anything in the future).
It's about encrypting the computation between the parties: this kind of technology is being used to prevent satellite collisions on secret orbits, for example.
>It's not about encrypting files (encryption at rest): you can do the secure multi-party computations over your private LAN, and the encrypted network traffic will never leak to anybody
Honest question: Can't I do that already by using SFTP or ssh and uploading a spreadsheet? I just feel like I'm missing something. Do you have some kind of real-time aspect going on?
Second question: How do I know that your closed-source app isn't exfiltrating the data clandestinely?
> (ie. no way to cryptanalyze anything in the future).
Assuming no flaws are ever going to be discovered in your crypto scheme in the future is pretty bold.
>It's about encrypting the computation between the parties: this kind of technology is being used to prevent satellite collisions on secret orbits, for example.
Given that anything orbiting the earth can be observed from the ground with sufficient resolution, there's no such thing as a secret orbit. This sounds more and more like snake oil.
>Honest question: Can't I do that already by using SFTP or ssh and uploading a spreadsheet? I just feel like I'm missing something. Do you have some kind of real-time aspect going on?
No, you aren't encrypting the computation, just encrypting some data. Using secure computation (garbled circuits, secret sharing, homomorphic encryption, ...), you are encrypting every mathematical operation.
> Second question: How do I know that your closed-source app isn't exfiltrating the data clandestinely?
>Assuming no flaws are ever going to be discovered in your crypto scheme in the future is pretty bold.
What I've written is: if you are carrying the secure computation on your private LAN and nobody is sniffing the traffic (potentially gigabytes), in the future they will have no way to cryptanalyze what the inputs were. And you can check that no information is being sent to anywhere during the secure computations: all the encrypted data is sent between the two computers carrying out the secure computation.
> Given that anything orbiting the earth can be observed from the ground with sufficient resolution, there's no such thing as a secret orbit. This sounds more and more like snake oil.
The text is aggressively sales-y in quite an old-fashioned and cheesy way. I share other commenters' confusion about what's actually happening here too. Having read a bit on secure multi-party computation, you've made something interesting but it's not coming across on your website.
For explaining to business, it's generally better to describe a problem and then show how your thing solves it. This is a gentler approach than the 'hard sell' and draws people in, not least because it shows that you do understand their world and their challenges.
what is this meant to do? The demonstration video just looks like a regular interaction with excel, with some coloured cells. My immediate questions as a clueless user (one with a cryptographic background nonetheless) are:
- How is this different from a regular collaborative spreadsheet?
- What attacks am I protected against if I use this product?
- Is the attack a real risk to my business, or largely theoretical?
- What problem does this solve that encrypting and emailing a .xlsx doesn't?
Overall it's quite hard to catch the value proposition.
Both parties are computing some spreadsheet formulas contributing their own secret inputs, in such a way that both learn the result but not the input of the other party: it's cryptographically impossible to do so. Regular collaborative spreadsheet software doesn't do that: actually, this is the first program for normal computer users that is able to do so (and not cryptographers specialized in secure multi-party computation).
It depends on your business: if you are bank, a financial firm or any other that handles very valuable and confidential data, you need secure computation on any of its forms (garbled circuits, secret sharing, homomorphic encryption).
Encrypting and emailing is encryption at rest, you're not encrypting the computation.
Looks like a closed-source implementation of a Homomorphic Encryption algorithm.
"Homomorphic encryption is a form of encryption that allows computations to be carried out on ciphertext, thus generating an encrypted result which, when decrypted, matches the result of operations performed on the plaintext."
https://en.wikipedia.org/wiki/Homomorphic_encryption
It's not homomorphic encryption: it's garbled circuits and oblivious transfer (order of magnitudes faster than homomorphic encryption, a cryptographic technique with lots of publicity but it'll take some years before it's practical) supporting floating-point operations (there are no opensourced libraries with floating-point support).
The point is letting others use your data (vg. your valuations, prices, ...) without others learning/stealing your information, et vice versa.
It's usually explained using the Millionaires' Problem (https://en.wikipedia.org/wiki/Yao's_Millionaires'_Problem): "two millionaires, Alice and Bob, who are interested in knowing which of them is richer without revealing their actual wealth."
Closed-source "patent-pending" cryptography technology and absolutely no contact info other than an e-mail? Sounds like the kind of place where I would input my most secure data.
Perhaps you didn't mean it this way but your comment takes the form of the snarky dismissal, which is something we need less of on HN and is particularly against the Show HN guidelines:
https://news.ycombinator.com/showhn.html
All new work is vulnerable to easy dimissal, so it's important not to spray this sort of pesticide on it.
It's secure multiparty computation, specifically tailored for spreadsheets: your secret inputs never get out of your computer in plaintext form, only in encrypted form between the participants of the computation.
For the moment, it's closed-source: but it'll be gradually open-sourced in the future, just give it some time.
Sorry, but if I had data so sensitive that even my business partners cannot see it, I wouldn't certainly input this data into a closed source application provided by an anonymous third-party. This is data security 101.
"Cutting-edge cryptography: Benefit from the latest advances in cryptography research with our Patent-pending technology" as your website says, is a scary statement. If you're not using well vetted cryptography, that's a huge red flag. The Harry Potter quote sums it up best:
“Ginny!" said Mr. Weasley, flabbergasted. "Haven't I taught you anything? What have I always told you? Never trust anything that can think for itself if you can't see where it keeps its brain!”
As relatively security-literate users of an app where we'd be putting personally identifiable information or other details we don't want getting out, it stands to reason we want to see a history of commits on an open source project and a history of security audits and preferably be able to refer to RFC's for the algorithms and protocols used.
Unless you guys open source and publish audit details, it's not worth my time to consider this product. No disrespect meant, it's just common sense.
I don't agree with the statement "because is open-source is more secure"; for example, OpenSSL has been open-source for almost 20 years and it's difficult to consider it really secure. Only code reviews by experts make software more secure.
BTW: quoting Harry Potter doesn't make you look serious.
If you've really got something groundbreaking here, you're going about selling it in the totally wrong way. As you say, your most likely customers are banks and financial institutions. They are not going to buy something like this, and introduce a major new concept into their business process, by clicking the "buy" button on your website.
You need to convince them to implement the new process (secure multiparty computation) before you even begin selling your product.
To do this you need high touch sales, for high prices, to a small group of big clients. Go to New York City, setup some meetings, and get in a room with decision makers. First, sell them on the advantages of secure multiparty computation. Show them a nice demo of a scenario they can understand. Then, once they're sold on that, sell them your product for a few million dollars.
You should probably raise capital and build an experienced sales team to do this for you.
The ENCRYPTO group put together an implementation of garbled circuits protocols called Tasty a good while ago if it helps anyone. https://github.com/encryptogroup/tasty
basically homomorphic encryption is being able to perform mathematical operations against encrypted values. So you can for example add two numbers and get an accurate result (also encrypted) with zero knowledge of the underlying values before or after the operation.
I had to stare at the animated gif for a quite a long while before I realized the two spreadsheets were different, and I still don't get quite what's happening here. Computations are not automatically updated when input data changes like they usually are in spreadsheets? Do both sides have to agree to compute the cell before the operation is performed?