Privacy-supporting cloud computing by in-browser key translation

Mark D. Ryan


Cloud computing today means entrusting data to information systems that are managed by external parties on remote servers, in the "cloud", raising new privacy and confidentiality concerns. We propose a general technique for designing cloud services that allows the cloud to see only encrypted data, while still allowing it to perform data-dependent computations. The technique is based on key translations and mixes in web browsers.

We focus on a particular kind of software-as-a-service, namely, services that support applications, evaluations, and decisions. Such services include job application management, public tender management (e.g., for civil construction), and conference management. We identify the specific security and privacy risks that existing systems pose. We propose a protocol that addresses them, and forms the basis of a system that offers strong security and privacy guarantees.

We express the protocol and its properties in the language of ProVerif, and prove that it does provide the intended properties. We describe an implementation of a particular instance of the protocol called ConfiChair, which is geared to the evaluation of papers submitted to conferences.

This talk will cover joint work with Myrto Arapinis and Sergiu Bursuc.


Mark was an undergraduate at Cambridge University and did his PhD at Imperial College London. Now he is professor of computer security at University of Birmingham, and also EPSRC Leadership Fellow. (EPSRC is the UK national science funding agency.) He founded in 2006 and now leads the security group, which consists of 6 academics and 20 postdocs and PhD students. Mark has recently worked in protocol analysis, electronic voting, access control, cloud computing security, TPM analysis, privacy, and process calculus. In 2008 Mark spent seven months at Hewlett Packard, on a secondment from the University funded by the Royal Academy of Engineering. This experience changed his life.

Time and Place

Tuesday, October 23, 2012, 4:30pm
Gates 463A