Sharemind

What is Sharemind?

Sharemind is a novel database and application server that collects data in an encrypted form and uses techniques like homomorphic encryption, secure multi-party computation and hardware isolation to process it without leaking the private inputs even to the machine memory, providing end-to-end encrypted data processing. As such, Sharemind helps achieve compliance with the General Data Protection Regulation (GDPR) and similar laws.

How to use Sharemind?

The Sharemind Application Server is a commercial offering from Cybernetica that offers consulting, licensing and engineering services for secure computing applications. Find contacts on the Sharemind web page.

Can I try Sharemind?

The Sharemind Software Development Kit (SDK) that you can download on this page contains the SecreC 2 programming language that separates public data and secrets on a type system level and an emulator that you can use to try out the privacy-preserving programming paradigm and estimate the running time of your application in a fully encrypted environment.

DISCLAIMER: performance of a program run on the emulator can be significantly worse than the final performance of a solution engineered by expert developers.

How can I deploy later?

Your SecreC programs will be fully compatible with the Sharemind Application Server, that runs the code using full cryptographic protection and provides support for enterprise applications.


Download SDK version 2023.09

There are two ways for getting the SDK:

  1. Download a preinstalled virtual machine image from the SDK download page. The image can be used with virtualization products like VirtualBox, VMWare on x86_64 machines (Intel and AMD processors) or UTM on arm64 (Macs with Apple Silicon, see tutorial here).
  2. Build the tools from the source code found on Github.

Getting started

The following assumes that you have installed the virtual machine image into a tool like VirtualBox.

Inside the VM:

  1. Run the Qt Creator tool from the desktop.
  2. Open an example program from /home/sharemind/Sharemind-SDK/demos with Ctrl+O (or select File->Open File or Project... from the menu).
  3. Compile the program with Ctrl+F1 (or select Tools->External->Sharemind SDK->Compile SecreC from the menu).
  4. Run the program in the emulator with Ctrl+F2 (or select Tools->External->Sharemind SDK->Run SecreC from the menu).
  5. Read the printed output and the estimated running time from the console window.

Supported protocol suites

Name Description Emulator AppServ/AcadServ Standalone runtime
shared3p Secret-shared data, collected on three servers, passive security Supported Supported Sharemind
shared2p Secret-shared data, collected on two servers, passive security - In development Sharemind
sharednp Secret-shared data, collected on N servers, passive security - In development Sharemind
shared2a Secret-shared data, collected on two servers, active security - In development Sharemind
aby Additive, boolean and Yao's circuits, collected on two servers, passive security Supported - ABY
spdz_fresco Arithmetic circuits, collected on two servers, active security Supported - Fresco

NOTE: the protocols have no limit on the number of clients. E.g., you can have any number of data sources or data users.

Documentation

The following developer resources are currently available:

Support and feedback

We are very interested in your feedback. Please report technical issues on the SDK Github issues page.

We would also like to know what features to focus on next. What did you try to do with the SDK? What new features would you like? Please let us know at sharemind@cyber.ee.

Known issues

The SDK is limited to developing and profiling single secure programs. To license the full Sharemind system, please contact Cybernetica.

These issues affect version 2023.09:

Please report other issues on the SDK Github issues page.

About Performance

Secure computing has its distinct overhead. Also, optimizing algorithms for secure computing is a complex task. E.g., parallel operations are much more efficient than sequential operations (try multiplying two integers vs multiplying two 100 000-element vectors). For further information see our research page.