New Encryption System Prevents Server Snooping

By

MIT's innovative Mylar platform encrypts at the browser and supports keyword searches over encrypted documents.

MIT computer scientists have developed a new privacy system designed to protect data even from attackers who have full access to the server. The Mylar platform encrypts file data in the browser and then stores the data on the server in encrypted form. The data is thus protected from snooping by NSA or anyone else who might have server access. The user's browser then decrypts the data the next time the user accesses the file.
Client-side encryption is nothing new, but Mylar adds some innovations that make it especially practical for production environments. For instance, Mylar supports keyword searches over encrypted documents, even if the data is encrypted using different keys. Mylar also offers a secure means for users to share keys and encrypted data, and it provides a way of ensuring that client code is authentic -- even if the server is malicious.   
Prototype versions of Mylar are built on the Meteor web framework. The Mylar developers say the presence of the Mylar encryption layer adds an overhead of only 17% with 50 ms latency increase for sending a message in a chat application.

04/01/2014

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.