Ziroh Labs Pvt Ltd.
Ziroh Labs as an organization has solved this problem in an entirely new way by the development of new cryptographic and distributed system techniques that preserve privacy and security of information being stored in the cloud computing storage infrastructure. At present, there are broadly two classes of encryption methods that are used for communication (Encryption-during-Transit) and storing data (Encryption-at-REST). During Encryption during Transit, the data is encrypted by using secure channels such as SSL/TLS. During Encryption-at-REST, data is stored in the encrypted form during the storage at the secondary storage media. Although this leaves the data security secure if the data is stolen, it exposes the data when the data is processed in the main memory. For example, in present-day RDBMS systems, there are facilities to store the relational data in an encrypted form in the database. But when an SQL query needs to be executed, the index of the data or the relations must first be decrypted to process it. This loophole in the security of the data is precisely the problem in cloud computing as the smote infrastructure’s security is not under the control of the enterprise that is using the cloud to store the application and the data. Ziroh Labs cryptographic techniques solve this problem. Using Ziroh Labs encrypted techniques, the data is stored and processed in the encrypted form. That is data stored in the cloud is never required to be decrypted to process, unlike the current practice where the encrypted data at disk is first decrypted to process it. Since the data is still in the encrypted form and the ‘key’ to the encryption is with the user, the cloud service provider remains clueless about its content. Using Ziroh Labs “Zero-Knowledge” system, data can be stored in any cloud service provider premises, and at the same time queries and computations can be executed on top of the encrypted data. Under this system, there is no requirement for Key Servers (including Hardware Key Modules), and the problem of data theft or identity theft by external and internal attackers never succeed.