Image: Flickr/Ian Britton
Advertisement
Raluca Ada Popa: Mylar can help against NSA forced disclosure, but saying that something is NSA-proof is a very vague term, with no precise technical meaning.
Advertisement
A slide showing the basic idea of Mylar. Image: Raluca Ada Popa
Mylar encrypts each user's data in the user's browser using a key derived from the user's password. The service provider only receives encrypted data.Previous schemes store encrypted data on the disks of the service provider, but the service provider has the decryption key and decrypts the data when it computes or searches on it—so data is encrypted at rest, but is not encrypted when in use (when the service computes on it). This means that if the NSA forces the service provider to disclose data, the NSA can obtain the encrypted data and the decryption key from the service provider, which means that the NSA does get access to the whole data because it can decrypt it!With Mylar, the data is always encrypted at the service provider: at rest, in use and in motion as well. Despite this strong encryption, Mylar still allows web application to provide important functionality to users: users can share data and users can search over the data.
Advertisement
Almost everyone who hosts a web application and stores sensitive data is vulnerable to server attacks and should use Mylar.A particular example is the pay-per-use cloud model: many companies host their web application on a cloud and pay the cloud for the service. Since the companies store confidential data on the cloud, Mylar can prevent curious cloud employees (or other insiders in the cloud) from looking at these companies' data.On a practical level, how would they use it?
If someone wants to write a new web application, they need to write it in the Mylar framework. If they already wrote it, they need to convert it to the Mylar platform. If a web application is already written in Meteor (a modern web framework), it will be very easy to port to Mylar. But if it is written in a different platform than Meteor, they need to rewrite their application from the beginning in the Mylar/Meteor framework. We are working on making it much easier for such existing applications to move to Mylar.You’re already running a small trial with Mylar. Could you ever see the tech giants—Google, Facebook, etc—using something like this?
I am very optimistic about this. At the moment, tech giants could use Mylar for some of their services but not for all. For example, Amazon and Google offer cloud services to companies in the pay-per-use model: namely, companies pay for hosting their applications in these clouds and using their resources. Companies could use Mylar to put their web applications in the cloud without Amazon or Google seeing their data.Google could not use Mylar quite now for their email service or Facebook for their social network because these companies rely on seeing customer data to show ads or make recommendations. We are developing some techniques that allow Google and Facebook to still present ads to users without actually seeing user data. So stay tuned!