Developer-first secure computation

Davis Treybig
Innovation Endeavors
4 min readMay 18, 2022

Announcing our investment in CipherMode Labs

The Ciphermode Team

Over the past decade, data infrastructure and data science tooling have improved massively, driven by an increasing acknowledgment that data-driven organizations will vastly outcompete those incapable of incorporating data into the way they make decisions. Yet increasing scrutiny around data privacy and data security has led a huge portion of the world’s data to be relatively inaccessible despite its utility. Regulations like CCPA and GDPR, data residency requirements, contractual obligations tied to how data is used and shared, and general consumer demand for proper data stewardship have massively curtailed when and how data can be utilized.

These two countervailing forces — the demand for data and the increasing scrutiny on data access — have created an enormous need for so-called confidential computing techniques which allow data security and privacy to be preserved while data is analyzed. Privacy-enhancing techniques ranging from PII masking, tokenization, federated learning, synthetic data, homomorphic encryption, secure multiparty computation, secure enclaves, and differential privacy have all emerged as ways to solve this problem in one way or another, and numerous startups and corporations have attempted to incorporate them in recent years.

Unfortunately, thus far the promise of these techniques has significantly outweighed their impact. Adoption has been bottlenecked by poor performance, terrible developer experiences, statistical inaccuracies that limit trust and utility, and a general lack of scalability across use cases. More broadly, almost all of these techniques have traditionally been extremely complex to implement, configure, and use, often requiring completely rewriting your code to fit into their paradigms.

We at Innovation Endeavors had been observing this space for a few years and looking for a solution that addressed these pitfalls. We felt that to build a truly foundational company in the secure compute space, you needed a solution that combined developer friendliness, performance, correctness, and support for a wide array of computational techniques, but we didn’t know exactly what this would look like or what needed to be figured out in order to enable it. A few months ago, we were lucky enough to get introduced to Sadegh Riazi and Ilya Razenshteyn, who had seemingly built the foundation of exactly what we were looking for.

Sadegh and Ilya are world-class researchers in cryptography who have spent most of the past decade studying secure compute across MIT, UC San Diego, and Microsoft Azure’s cryptography division. While their research touched many areas of secure computing including secure enclaves and homomorphic encryption, they ultimately saw the most promise in secure multiparty computation (SMPC), a cryptographic technique for doing analysis on encrypted data which was first discovered in the 1980s. In the simplest sense, SMPC allows a set of parties to share a series of partial computations in a specific way such that they can collaboratively compute something without anyone revealing anything about their individual input data.

Although SMPC is an old technique, it has not seen widespread usage for two core reasons. First, it is slow; in many situations, an algorithm run via SMPC might take 100–1000x as much time as an algorithm run over plaintext. Second, SMPC hasn’t historically scaled well across analysis types; SMPC protocols have traditionally had to be hand-tuned for each algorithm, meaning the way you might want to run k-means clustering via SMPC is completely distinct from how you might compute a weighted average via SMPC.

CipherMode Labs is the result of Sadegh and Ilya’s innovative work addressing these two foundational problems.

First, they have pioneered a “mixed-protocol” approach to SMPC optimization which has demonstrated profound performance improvements relative to the state of the art. Second, and perhaps more importantly, they have developed an intermediate representation layer that allows for higher-level programming constructs to be compiled into SMPC protocols, similar to MLIR in the machine learning space or LLVM in programming languages. The result is a platform that will allow for code written in PyTorch, Tensorflow, SQL, and other high-level data analysis frameworks to be natively executed on encrypted data without the developer needing to know anything about cryptography or change anything about their code.

By abstracting SMPC to such an extent, CipherMode Labs has the potential to become the first company to truly provide privacy-enhancing computation at scale. The first step will be helping companies to better manage and utilize internal data sets — some of CipherMode Labs’ early design partners are using the product for everything from training better fraud prediction models to building better models for optimizing semiconductor fabrication. But, the broader opportunity here is for CipherMode Labs to create the base layer that facilitates secure cross-party data sharing in industries like finance, healthcare, and security.

At Innovation Endeavors, we love partnering with teams building breakthrough technology companies to solve the world’s hardest problems. CipherMode Labs certainly hits the mark and extends on our prior investments in secure compute such as Unbound and Replica. So, we couldn’t be more excited to announce our lead investment in CipherMode Labs’ $6.7M seed round. Joining us are a number of notable figures across data science and cryptography including, Jeff Dean; Sergey Gorbunov, CEO of Axelar; and Jit Saxena, board member of DataRobot. Dr. Yehuda Lindell, one of the foremost researchers in the world in SMPC, will also be joining the company as an advisor.

--

--

Davis Treybig
Innovation Endeavors

Early stage investor at Innovation Endeavors, former Google PM