How it works
Leveraging cryptography and trusted execution environments to power our decentralised and cloud-native ecosystem.
Privacy by design
Data is always encrypted at rest, in transit, and even during processing
Data is processed inside secure hardware, no human ever has access to the data
Leverages the latest privacy techniques to prevent information leakage
Decentralised and cloud native, built for ecosystems
Secure connection protocol uses the latest cryptography and provides effortless web interfaces
More flexible and orders of magnitude faster than homomorphic cryptography
Confidential Computing protects data during processing by performing computation in a hardware-based Trusted Execution Environment (TEE).
TEE programs are called enclaves. They prevent unauthorised access or modification of applications and data while in use.
Intel SGX comes with remote attestations that provide verification for three things:
If a person, or a rogue program, attempts to tamper with the underlying ledgers, it would be spotted as fraudulent.
If a required piece of information has been tampered with, the system would not reply rather than provide an inaccurate response.
Secure connection protocol
The Secretarium Connection Protocol uses multi-layered TLS to guarantee a secure and inspection-resistant connection to the TEE while providing integration flexibility with routing infrastructures.
Cryptographic evidence is provided at every stage of remote processing, enabling a fully trustworthy service.
This allows organisations that manage sensitive and regulated data to increase their security assurances.
Building on the Secretarium secure cloud
Now, you can build game-changing cloud services off the shelf. The platform makes it simple to deploy trustworthy, privacy-preserving apps powered by tamper-proof technology.
The Secretarium SDK allows simple creation of confidential computing apps by wrapping cryptographic complexity.
Remotely attestable with out-of-the-box cryptographic evidence of integrity.
Data is encrypted in memory during processing. It is not even visible to cloud engineers.
Secretarium only uses low energy machines which, when possible, are hosted at Swisscom's hydroelectricity-powered datacentres.
Trusted processing via smart contract business logic
In the Secretarium environment, a smart contract is business logic that runs inside an Intel SGX enclave.
They have their own ledgers and encryption keys. The platform also provides a mechanism for updates.