Key Terms
Explaining Key Cryptographic Terms
ZKP (Zero-Knowledge Proofs): A zero-knowledge proof is a cryptographic method that allows one party (the prover) to prove to another party (the verifier) that they know a value x, without conveying any information apart from the fact that they know the value x. It's a way of sharing proof of knowledge without revealing the knowledge itself.
MPC (Multi-Party Computation): Multi-party computation (MPC) is a branch of cryptography that enables parties to jointly compute a function over their inputs while keeping these inputs private. MPC enables secure cross-organization data analysis and processing while maintaining data privacy.
TEE (Trusted Execution Environments): Trusted Execution Environments (TEEs) are secure areas of a main processor. They guarantee code and data loaded inside to be protected with respect to confidentiality and integrity. A TEE provides a way to run specific code in isolation from the main operating system, enhancing security.
OT (Oblivious Transfer): Oblivious transfer is a type of protocol in which a sender transfers one of potentially many pieces of information to a receiver, but remains unaware of what piece has been transferred. It's a fundamental protocol in the field of secure multi-party computation and private data retrieval.
GC (Garbled Circuits): Garbled Circuits are a cryptographic protocol that allows the execution of a computation (a circuit) on encrypted inputs to produce an encrypted result. The entity evaluating the circuit does not learn anything about the inputs, outputs, or the function itself.
Intel SGX (Software Guard Extensions): Intel SGX is a set of security-related instruction codes that are built into some modern Intel central processing units (CPUs). They allow user-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels.
AMD SEV (Secure Encrypted Virtualization): AMD's Secure Encrypted Virtualization (SEV) is a hardware feature aimed at securing virtual machines by encrypting the memory of each VM with a unique key, isolating it from the hypervisor or other VMs, and reducing the attack surface from privileged software.
ARM TrustZone: ARM TrustZone technology is a system-wide approach to security for a wide array of client and server computing platforms, including handsets, tablets, and other embedded devices. It creates an isolated secure world, separated from the normal world (non-secure world), where confidential and integrity-sensitive code can be executed.
Set-membership Proofs: These are cryptographic protocols that allow a prover to demonstrate that a certain piece of information belongs to a specific set of values, without revealing the actual piece of information and without the verifier needing to know all elements in the set.
DCAP (Data Center Attestation Primitives): DCAP refers to a set of technologies used to verify the integrity and trustworthiness of hardware platforms, particularly in data centers. These primitives allow for the attestation of an enclave (secure execution environment) in a more scalable manner suitable for cloud or data center environments.
Remote Attestation: This is a process used in Trusted Computing in which a hardware device's integrity and authenticity are verified by a remote verifier. By this process, the device proves that it is running the intended software, free from malware or tampering, without revealing the data contained within the software.
ORAM (Oblivious RAM): Oblivious RAM is a cryptographic protocol designed to obfuscate the pattern of access to a storage system. It allows a client to interact with a remote server to store and retrieve data securely, without the server learning which data is being stored or retrieved by the client.
Last updated