It’s mathe-magics !

State-of-Art encryption techniques allow now for processing calculations over sensitive data without ever accessing nor exposing the data in clear text. Confidential data can either be encrypted and stays encrypted during processing, and never is revealed in clear text anymore.  Or confidential data stays in clear text and the calculation environment is protected by encryption, with no possibility to access to the underlying data in clear text.

It is like asking a question (aka a calculation) and getting an answer that is mathematically correct without ever accessing the underlying input.

Cosmian’s technology exploits “deep tech” encryption schemes – based on the most advanced, fundamental cryptographic research. Since its inception, Cosmian has received the support of world-renowned cryptographers and established strong ties with the top notch ENS Ulm/CNRS/Inria mathematical team led by M. David Pointcheval. And world-renowned cryptologist, M. Nigel Smart, Professor, at the COSIC//Computer Security & Industrial Cryptography group, KU Leuven.

These cryptographers share Cosmian’s passion for bridging the gap between fundamental research and impactful, everyday privacy-by-design applications.

It’s mathe-magics !

State-of-Art encryption techniques allow now for processing calculations over encrypted data. Confidential data, once encrypted, stay encrypted during processing and never need to be revealed in clear text anymore. It is like asking a question (aka a calculation) and getting an answer that is mathematically correct without ever accessing the underlying input.

Cosmian’s technology exploits “deep tech” encryption schemes – based on the most advanced, fundamental cryptographic research. Specifically, the latest encryption technologies (functional & homomorphic) now allow to perform calculations/insights over encrypted data without ever revealing the underlying data.

Since its inception, Cosmian has received the support of world-renowned cryptographers and established strong ties with the top notch ENS Ulm/CNRS/Inria mathematical team.

These cryptographers share Cosmian’s passion for bridging the gap between fundamental research and impactful, everyday privacy-by-design applications.

Functional Encryption.

Authorize computations on encrypted data and only reveal the results.

Read more

Functional Encryption is a cryptographic technique that enables entities to execute specific operations on encrypted data without having access to data in clear. Applying Functional Encryption evaluations to some encrypted inputs will process this initial data and output the result in clear, but it will never reveal the inputs of the computation nor the intermediate values.

Performing computations on the data and obtaining the results of these computations is allowed only to authorized entities by data owner who will generate specific keys associated to specific computations.

Thanks to Functional Encryption, multiple data owners can choose who can execute operations and determine which service providers are able to decrypt the computed results.

Key advantages of this technique are:

  • Secure Computations without exposing confidential data to any breach
  • Data Insight and analytics on encrypted data 
  • Clear text results computation on pregenerated encrypted data
  • Sensitive Data Anonymization, Pseudonymization and masking

Cosmian develops and incorporates into its platform unique Functional Encryption primitives in order to optimize performance and security for sensitive assets.

Secure Enclave.

To protect sensitive data and algorithms from software attacks.

Read more

A Secure Enclave is an isolated hardware environment where code and data are completely isolated from other applications. Processes running on the same device or server have no access to the secure partition.

Main advantages of a secure enclave rather than software isolation are a better protection against software attacks and a clearer security software architecture.

These architectures are used in order to:

  • Protect data from unauthorized access 
  • Protect IP when algorithms run in third party premises
  • Guarantee high performance for secure computations

Cosmian platform leverages Secure Enclaves in order to deploy sensitive algorithms and protect critical data assets.

Fully Homomorphic Encryption.

Processing encrypted data into encrypted results.

Read more

Fully Homomorphic Encryption is a form of encryption that allows to perform operations on ciphertexts without having access to the underlying source data or manipulating any secret key.

Results of these computations are also encrypted and only data provider having the secret key is able to decrypt them. This technique it does not require any trusted authority to distribute the keys, the entities act independently, not assuming any trusted party.

Homomorphic encryption enables innovative use cases: it is possible for a service provider to run algorithms on encrypted data.

Main advantages of this set of techniques are:

  • Delegation of confidential computations to an untrusted service provider without exposing data and results to any breach.
  • Data sharing of encrypted data to an untrusted execution environment
  • Distribution of a computation between untrusted nodes without sharing clear text data.

Cosmian develops and incorporates into its platform Fully Homomorphic Encryption algorithms designed to optimize performance and security for sensitive assets.

Secure Multi-Party Computation.

Share computation without sharing data.

Read more

Secure Multi-party Computation (S-MPC)  is a set of techniques allowing several entities to jointly compute results on their inputs without revealing their individual data to others.

Thanks to S-MPC, service providers can run distributed services without compromise data security: data is never shared between entities.

Main advantages of this technique are:

  • Distributed complex computations without exposing the source data
  • Insight and analytics on virtual databases
  • Multi-Party Search in a distributed database where each entity remains owner of its data.

Cosmian designs and incorporates into its platform a state-of-the-art S-MPC topology to optimize network consumption and to guarantee the best security for sensitive assets.

We foster collaborative co-calculations projects with maximum confidentiality and security for the data in use or the algorithms at execution.

We foster collaborative co-calculations projects with maximum confidentiality and security for the data in use or the algorithms at execution.

Data enrichment preserving identifier confidentiality

Cosmian has developed a proprietary technique to anonymize confidential IDs thanks to probabilistic encryption while enabling blind matching on those IDs. In addition, with Cosmian, only authorized entities are able to operate on encrypted data and performing specific operations.

Data science teams are now able to join data from different sources without having access to sensitive data in clear.

Data joins can be executed on a centralized or distributed data lake.

Computation enforcing data source protection

Cosmian enables data science model design on confidential data without exposing the data in clear text.

Data science teams can now run algorithms on additional (internal or external) confidential data sets without ever accessing the underlying data in clear text.

Models can easily be deployed to production in order to guarantee that data is never accessed in clear. Data is never manipulated in clear text, even at execution.

Model & Algorithm Protection at execution

With Cosmian, algorithms providers can now deploy code in customer premises in a secure way.

Cosmian has developed a proprietary technique to encrypt the code and allow for its execution at the data provider’s premises.

Data providers are only able to execute the model on data sets without accessing the compiled code in clear.

Attribute-based Encryption

When encrypted, confidential data can be tagged with specific attributes. This allows for selective use of confidential data as only keys with the ability to decipher one given attribute will be able to unlock access to the data itself – or to the ability to perform calculations over the corresponding tagged confidential data.

Attribute-based Encryption proves very secure & robust to deploy fully trusted, decentralized  access management system – no more third-party involved.

Confidential Cloud

Advanced encryption technologies allow now for computation on encrypted data.  This is a massive step forward to execute end-to-end encrypted, secure computation in the cloud.

Encrypted data can now be processed by encrypted models in the cloud, and return encrypted results – deciphered only when brought back on premise.

Secure Computation over Multi-Party confidential data sources

Cosmian enables computation between multiple parties without ever accessing each other’s confidential data. Data is never exposed to others’ party in clear.The algorithm runs in each party premises sharing intermediate encrypted results. The algorithm processed intermediate encrypted results that never exposed the underlying data in clear text.

Final Results can be accessed only by authorized entities.

We love encryption and coding great software.

Cosmian is not invasive and does not replace your existing data infrastructure.

It provides a set of software to augment the functionalities of your existing data tools and applications, avoiding re-architecturing or change management.

The software is delivered in mainly 3 forms: plugins, connectors and back-end servers. Cosmian software is deployed on-premise or on your hoster’s cloud infrastructure.

Encryption libraries

Add encryption capabilities to your current data engineering flows (BDD, Spark…)

APIs

Expose processing APIs to allow computation over encrypted data

Plug in your data science tools

Add the required primitives for encrypted data manipulation and processing to existing end-user tools (Dataiku DSS, Jupyter notebooks, Python scripts etc…)

News, Articles, Resources.