The future of Confidential Computing
It’s clear that we live in the age of the digital economy. Just look at the top public companies in the world: most in S&P500’s Top-10 are tech companies. Information technology and big data are for the core of their business, with the focus more and more on big data. Google, Meta, and others give user data to advertisers. A massive trove of data is processed every second using more and more advanced technology.
Looking closely at recent trends, it’s obvious that the volume of data is growing exponentially, and with it so does the complexity of the systems used to process it. Another very important trend is how pervasive technology is becoming in our daily lives. Long gone are the days when only our email and name were exposed on the Internet. At this point, these tech giants know everything about us: our interests, purchases, travel, relatives, friends — everything. They can even predict our next purchase before we even think about it, basically manipulating our behavior. Perhaps they know a bit too much about us.
That’s why people keep raising the question of privacy more and more. Moreover, an entire industry of privacy tech is developing: encrypted messaging services, private browsers, VPNs, blockchain solutions with various levels of anonymity, and more. The demand for confidentiality is especially on the rise among corporations. The growing popularity of confidential computing (CC) is a testament to that. The most mature CC technology at this time is Intel SGX. The biggest cloud services providers started offering such solutions in 2020, and the variety of available offerings keeps growing.
One can see two trends developing in parallel. On the one hand, the rapid growth of the digital economy leads to an exponential growth in the need for data as the services get smarter and the algorithms underpinning them get more complex. On the other hand, owners of that data understand the value and want to have more control over it. Clearly, this conflict needs to get resolved or technological development will stall.
This problem is too vast to be solved with a single magic pill. But, at least, we can identify the biggest holes in the modern tech stack and start there.
Let’s start with data basics. Data can exist in three stages: rest (storage), transit (moved along communication channels), and processing (used in calculations). There is already well-tested encryption solutions for the first two stages. But protecting data during processing is a relatively new concept and requires more complicated and well-thought-out solutions, such as the trusted execution environment (TEE).
TEE originated in 2010 as a solution for mobile devices. In 2015, Intel announced SGX as its own implementation of TEE for server solutions. The technology allows applications to create enclaves — regions of memory protected from outside access by other processes, including the core of the operating system. Initially, the technology was meant to divide applications into trusted (executed in the protected area) and not trusted (classic application). This way, a developer could put all of the functionality of an application where confidentiality is required into the trusted zone. The main drawback of such an approach is that it doesn’t allow the use of this technology in already existing applications without very laborious refactoring.
Nonetheless, Intel SGX technology got the attention of a wide circle of specialists in the market who started finding ways to adapt it to more convenient use. This is how the open-source Gramine and several commercial solutions came about, allowing the launch of unmodified applications, including docker-containers, within SGX enclaves. At this point, all of these solutions are available in some major cloud services providers.
So why exactly is this technology gaining such traction? What practical benefits does it offer to market participants and how can it help resolve the abovementioned conflict of trends?
TEE technology opens up a unique opportunity to process data and create value without access to source data. This way, one can develop solutions that allow the user to fully control access to his own data and give out permissions to various services to use that data for advertising and other purposes. Throughout this, the data will be protected at every stage of processing, and only those algorithms explicitly approved by the user will get access to it.
But the biggest value for using confidential computing is in the areas where data is so sensitive that working with it was impossible. We’re talking healthcare, first of all, where the processing and privacy of data have recently risen to prominence. With TEE technology, one can now process confidential patient data to develop better diagnostics and research methods without compromising data privacy.
Also, the rapidly growing ecosystem of decentralized apps based around blockchain technology is a perfect use case for confidential computing. The openness of public blockchain is beneficial for some tasks and detrimental for others where confidentiality is important. Several projects have been experimenting with Intel SGX to solve this. Some blockchains are even wholly-built around this tech. Blockchain tech and CC are quite complementary: the former allows the creation of open, decentralized, trustless systems while the latter adds the protection of confidential data into the mix.
CC should play a much bigger role in future tech and thus in the development of the global economy. In time, confidentiality will be a basic standard for cloud computation and any services built on it.
“By 2025, 50% of large organizations will adopt privacy-enhancing computation for processing data in untrusted environments and multiparty data analytics use cases.”- Gartner
Super Protocol is the implementation of CC in the blockchain space. With the founder being one of the early builders of the CC movement, he saw the market need and has the know-how on making CC work in the decentralized space. The market potential is massive too. According to an Everest Group report, the Total Addressable Market (TAM) for confidential computing in 2021 is around $2B, with CAGR of up to 95% through 2026.