Enveil announced its ZeroReveal Compute Fabric technology on July 3, providing organizations with an encrypted data in-use platform that can protect against nation-state level threats.
Ellison Anne Williams spent 12 years working as a senior researcher at the National Security Agency (NSA), helping to develop technologies to keep secrets safe. In 2016, Williams founded Enveil, based on technologies she and her team were working on at the NSA. Enveil is backed by investment firm In-Q-Tel, which helps startups build technologies that are of interest to U.S. government intelligence agencies.
“We focus completely on securing data when it’s being used or processed,” Williams told eWEEK. “Today we’re announcing the ZeroReveal Compute Fabric, which really allows enterprises to secure their usage of data no matter where it is.”
Enveil had a precursor product in the market prior to the new Compute Fabric launch, Williams said, that included a client stand-alone application that enabled point-to-point secure usage of data. The Compute Fabric expands on the initial product, enabling an entire enterprise to be secure with multiple deployment options, including on-premises and in the cloud.
The core innovation behind Enveil’s technology is its implementation of homomorphic encryption at scale. With homomorphic encryption, regular usage operations, including search, can be conducted on encrypted data without ever needing to decrypt the data. Williams noted that homomorphic encryption is a concept that has been around for 30 years, though historically it has been very computational intensive and slow, making it impractical for many use cases.
“So that’s the major breakthrough that we had—really taking the holy grail of encryption that for the last 30 years hasn’t been practical for any kind of commercial use and making it practical and commercializing it into a product,” she said.
Given her company’s origins at the NSA, Williams said the level of cryptography used in the Enveil platform is certified for nation-state protection and it is never decrypted at any point during the processing. Beyond protecting against nation-state level threats, Williams sees Enveil’s technology aiding financial services as well. For example, a bank can use Enveil to perform encrypted searches on sensitive data.
“If you have a trader, they’re researching a potential trade and they don’t want to tip their hand before they execute the trade. [ZeroReveal Cloud Fabric] enables them to do that,” she said.
The Enveil ZeroReveal Compute Fabric includes client and server applications. Williams explained that the client application encrypts the searches conducted by an organization.
“The server application’s job is to function as really a brain and understand how to take the encrypted searches that it received and have them processed, without ever decrypting anything,” she said.
Enveil’s platform enables organizations to use whatever key management system (KMS) is already in place for cryptographic key generation and management.
There are multiple vendors in the market with data in-use encryption platforms. Among them is Baffle, which announced an update to its Advanced Data Protection Service on June 4 that also enables users to search and use encrypted data.
Williams sees Enveil as being different from other encryption platforms in the market for several reasons. “We’re really the first practical application of homomorphic encryption and certainly the first to have any kind of nation-state security certification coming out of active deployment in an operational capacity,” she said.
Looking forward, Williams said that her company will continue to expand its capabilities and improve performance. She added that Enveil will also develop an expanded range of analytical capabilities that go beyond search to help serve different customer use cases.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.