When two millionaires meet on the street, how can they let each other know who is richer without divulging their property? This is the idea of “millionaire” put forward by Chinese scientist Yao Qizhi in 1982, in which he gave the solution of “multi-party secure computing”.
This seemingly fairy tale proposition actually uses the theory, which later became an important theoretical framework of modern cryptography. At the turn of the century in 2000, Yao Qizhi also won the Turing prize, the Nobel Prize in the computer field, for his important contribution in the computer field.
Forty years later, academician Yao himself did not expect that with the advent of the digital era, data has gradually become an important factor of production, and the use of data and its data security have become a global issue. The MPC theory (multi-party secure computing) originated by him has gradually formed a unique technical track collectively referred to as “private computing” through evolution and combination with other technologies.
Privacy computing refers to a series of information technologies that analyze and calculate the data on the premise of ensuring that the data provider does not disclose the original data, so as to ensure the “availability, invisibility” and “calculable, unrecognizable” of data in the process of circulation and integration. Privacy computing integrates many disciplines such as cryptography, computer hardware and AI, and gradually forms a relatively mature technical system represented by multi-party secure computing, federated learning and trusted execution environment, with confusion circuit, secret sharing and inadvertent transmission as the underlying cryptography technology, and homomorphic encryption, zero knowledge proof and differential privacy as auxiliary technologies.
In 2021, private computing entered the first year of application commercialization. A year has passed. What are the market achievements of privacy computing and where will it go in the future?
On April 22, 2022, IDC China, an authoritative international consulting organization, released the report IDC perspective: a panoramic study of private computing, which revealed that the scale of China’s private computing market exceeded 860 million yuan in 2021, and is expected to achieve a market growth rate of more than 110% in the future.
According to public information and relevant research, “Dachang” technology company represented by ant group and start-up company represented by “nebula cluster” entered the market earlier, and have become two mainstream forces in China’s privacy computing market.
After 40 years of private computing technology, why has it erupted in recent years?
An undeniable fact is that the demographic dividend brought by the Internet wave has gradually become saturated, and the redevelopment of data assets is becoming a new round of growth point.
According to the data of 2020, the global volume reached 59zb People have skillfully mastered the technology of data mining and data analysis. In the current era of informatization and digitization, whether it is data analysis of a single subject or data fusion across fields and multiple subjects, its value has been shown. For the circulation and development of data, if it can be continuously connected from more dimensions, more industries and larger volume, the value of data as a factor of production will be released to the greatest extent.
However, it can not be ignored that there is a “sword of Damocles” naturally hanging over the head of the data circulation field to avoid its “barbaric growth” – more and more stringent data protection policies.
In 2016, the EU issued what was called the strictest general data protection regulation at that time. Some technology giants suffered a lot because they ignored data security. Last July, the US e-commerce giant Amazon was fined 7.5% by the Luxembourg authorities responsible for supervising Amazon’s data protection for violating EU data protection regulations 4.6 billion euros (about 5.729 billion yuan), becoming the largest penalty for data privacy disclosure in the history of the EU.
In September 2021, after three reviews, China’s data security law was officially implemented, and the personal information protection law came into force in November. In December, the general office of the State Council issued the overall plan for the pilot of comprehensive reform of market-oriented allocation of factors. Article 20 of the establishment and improvement of data circulation and trading rules emphasizes that “original data cannot go out of the field”. A number of laws, regulations and policy documents on data security have been issued, highlighting the strong demand for data compliance development.
Let data be used safely within the scope of laws and regulations. Privacy computing is considered to be an extremely effective technical measure. The development of privacy computing technology has become an indispensable part of data circulation and data protection. In the short term, the increasingly stringent data security policy has promoted the rapid development of the privacy computing market, and the value system formed by the circulation of data as a factor of production is the fundamental driving force for the long-term sustainable development of the privacy computing market.
The reaction of the market also confirms this judgment. Around 2019, China’s start-up technology companies that take privacy computing as the solution have aimed at the data security market and mushroomed. The head Internet technology companies that have laid out privacy computing for many years in advance have gradually matured and emerged a number of successful application cases.
privacy computing market prototype emerging
The privacy computing industry originated abroad and gained popularity in the Chinese market.
Once the EU’s general data protection regulations were published in 2016, it aroused thousands of waves in the data security protection industry. International traditional technology giants have responded quickly at the theoretical and application levels. For example, Google took the lead in proposing the distributed machine learning system federal learning in a paper in 2016. Now it has become one of the three major technical routes of private computing, and some companies have quickly seized the track through the open-source algorithm library; Some start-ups have also begun to compete for the private computing market by cutting into a single technology route.
Since 2017, some technology manufacturers in the field of private computing have appeared sporadically in China, and a number of product solutions with different technology paths have emerged intensively by 2019; After 2-3 years of dormancy, the overall competition situation of the privacy computing industry began to accelerate in 2021, entering the first year of commercialization, and the market pattern also emerged.
At present, the privacy computing market is roughly divided into three types of Companies: the privacy computing Department of technology companies, start-ups focusing on privacy computing, and companies with existing businesses combined with privacy computing technology.
Generally, due to their own business needs, technology companies have a natural high demand for data security. They have advantages in data volume, algorithm, hardware development, technology research and development (including patent and thesis research) and application scenarios. The layout of talents is also relatively complete, and can smoothly integrate new technologies with original businesses. From the perspective of public information and market applications, typical ones such as ant group, Tencent cloud, Alibaba cloud and Baidu security entered the track of privacy computing technology in the early stage.
Taking ant group as an example, it began to lay out private computing in 2016. Its technical capabilities include multi-party secure computing, privacy protection, federal learning, confidential computing, blockchain technology, etc. it launched moss multi-party secure computing platform, trusted privacy computing framework argot, ant chain data privacy cooperation platform fair, ant privacy computing all-in-one machine and other products in joint risk control, government data Joint marketing and other business scenarios have been mature applications. It is a typical company that forms private computing technology capabilities based on the original business needs and gradually opens to the outside world.
The IDC report shows that ant group’s privacy computing has formed a rich and diverse product line with excellent performance, maintained leading performance, and passed a number of authoritative certifications and security compliance. After more than 4 years of polishing and large-scale commercial application, it has begun to take shape.
Start up privacy computing companies generally focus on a certain technology. Most of the core R & D teams have many years of research experience in the field of privacy computing, and have strong progressiveness and differentiation advantages in the exploration of multi-party security computing efficiency, the richness of federal learning model, interconnection and other technologies. For example, there are private computing technology providers that take computing power as the core advantage, as well as companies that promote the open circulation of data with software and hardware solutions; There are also privacy computing application products that focus on a specific field. Interestingly, such entrepreneurial privacy computing enterprises and Internet technology companies have also tried to cooperate, complement and interconnect, and launch privacy computing products or services with better performance and wider applicability through strong combination. Novak technology, a privacy computing manufacturer, has built a privacy protection all-in-one machine by combining the domestic CPU and hardware architecture, kawasin privacy protection computing core with the trusted native integrated solution of ant group, privacy protection computing accelerator card, autonomous and controllable trusted execution environment, national secret accelerator card, security and trusted technology stack and other technologies.
In recent years, such companies have also won the favor of the capital market. In 2021 alone, nebula cluster received $11 million in a + round of strategic financing, Yifang Jianshu completed more than 300 million yuan of B + round financing, Weiwei technology won 100 million yuan of B round financing, and Huakong clearing completed 500 million yuan of B round financing, setting the highest financing record in the privacy computing industry so far.
In addition, there are other companies that combine their own business and technical advantages, quickly enter the game in a short and fast way, and complete the construction of private computing power in the form of technology complementarity. For example, the blockchain is combined with privacy computing to create the full life cycle data flow of privacy computing; Companies that are good at creating privacy protection software such as data sandbox in the field of security.
Due to the short starting time of marketization, the relatively high cost and the threshold brought by systematic operation, the current income scale of players in the privacy computing market is small, but with their respective technical characteristics, product ability and other advantages, they have great potential for future growth.
On the whole, the advantages of leading manufacturers will be further highlighted in the future, especially at the level of large-scale industrial application, interconnection and industrial ecological construction; In the competitive environment of the industry, manufacturers in subdivided fields will eliminate a number of top players by giving full play to their special technical advantages.
where is the future of privacy computing technology
In fact, privacy computing is still in the early stage of the industry, and technology development, policies and regulations, connectivity and business model need to be further improved.
First of all, we need to make a breakthrough in the security of privacy computing technology itself. Although the theoretical basis of the single technology of privacy computing is perfect, the performance and computing power of privacy computing are correspondingly constrained in response to the huge data volume, and the single technology of privacy computing is not foolproof in terms of security. Taking federated learning as an example, IDC found that federated learning is an important development direction of privacy computing. However, federated learning technology is still relatively new, and there is still a long way to go in terms of security, decentralized architecture, model analyzability and so on.
For the security of privacy computing products, in 2021, the Chinese Academy of information technology first launched two privacy computing security assessments: multi-party security computing and federal computing. From the results, a total of 9 privacy computing products passed the security assessment, and ant group and insight technology became enterprises that passed both assessmentsP align = “center” two security assessments of privacy computing of China Academy of communications and communications, ant privacy computing passed all (picture source: Official wechat of China Academy of communications and communications)
Secondly, in terms of connectivity, the current privacy computing products and their technical architecture are homogeneous, but there are different theoretical models, technical paths and business logic. The state of blooming flowers in the early stage of emerging technology routes has released their respective technical charm, but after a period of verification and application, there must be some technologies shelved or even eliminated.
To achieve interconnection, it technically covers interconnection at different levels from nodes and management systems to data level, algorithm protocol and so on. On the other hand, the construction of industry standards is also crucial. By clarifying the technology use scenarios and frameworks, we can promote the cognition of privacy computing technology and accelerate the implementation. At present, China Academy of communications and related departments have led a number of industry standards and group standards, and Chinese mainstream manufacturers have actively participated in them. Chinese enterprises also actively participate in the formulation of international standards.
For example, China United Network Communications Limited(600050) , ant group and Zhijiang laboratory took the lead in the standard of “machine learning technology framework for privacy protection” issued by the International Telecommunication Union (ITU), and the world’s first international standard for all-in-one privacy computing led by ant group also passed the ieee-sa project.
At the level of market-oriented key business model, although the data compliance demand fundamentally urges relevant enterprises to transform and upgrade data security, the current business model of private computing is still in the early exploration stage. From the perspective of income form, by building privacy computing technology infrastructure, product sales and platform construction are the main sources; The other is to provide SaaS services, mainly for small and medium-sized customer groups, such as multi center privacy computing protection needs or cross domain analysis, consulting services and other business models have begun to take shape. More models are still in the exploratory period. With the gradual maturity of the market, the business model will also keep pace with the times.
At present, privacy computing technology is mainly used in industries with rigid demand for privacy computing, such as finance, government affairs, joint marketing, medical treatment and so on.
Huakong qingjiao, a privacy computing company established in 2018, has many technical backbones from “Yao ban” of Tsinghua University. It has undertaken to build China Everbright Bank Company Limited Co.Ltd(601818) ‘s multi-party secure computing platform and helped China Everbright Bank Company Limited Co.Ltd(601818) deploy the industry’s first multi-party secure computing platform to enter the bank production system. On this basis, China Everbright Bank Company Limited Co.Ltd(601818) can cooperate with the insurance, trust, tourism and other member units of the parent company Everbright Group to carry out the joint statistics and modeling of customer financial assets, consumption preferences, risk preferences and other data, and strengthen the data interconnection within the group China Everbright Bank Company Limited Co.Ltd(601818) is discussing data cooperation with a number of enterprises outside the group, and may jointly develop more application scenarios such as joint risk control in the future.
In the medical field, data value is also released due to privacy computing. Taking the application of ant privacy computing as an example, ant trusted privacy computing framework “argot” cooperated with Alibaba cloud digital medical team to build a data fusion platform for hospital operation and management for a tertiary hospital in Zhejiang. The management efficiency of pathological quality control and medical insurance DRG (diagnosis related group) has been significantly improved. In the three months of 2021, the hospital has optimized hundreds of thousands of medical insurance settlement, By coding into the group, the workload of medical insurance feedback analysis was significantly reduced, and the pathological quality control of grade a disease cases was also improved by 10 ~ 20%. In this case, based on ant privacy computing technology, the joint modeling of data security sharing of multiple hospitals has helped solve the problem of insufficient data volume and data richness of a single class III hospital; At the same time, in Cross hospital cooperation, ensure that the model of joint modeling can be optimized, and give better play to its own value on the premise of ensuring that the data is safe, controllable, available and invisible.
IDC judged that with the gradual refinement and introduction of compliance standards, the demand for private computing in manufacturing, energy and other industries will also rise steadily. At the same time, with the improvement of medical models and the follow-up of information construction, this market will usher in rapid growth biomedicine, which is the next competitive market and explosive point.
Conclusion
In fact, in the past 40 years, the real answer to why the theory of privacy has been born is that it has been popular in the past 40 years. A technology is widely accepted, which needs three stages: theoretical development, practical certification and large-scale application. Privacy computing technology is a good verification. Without perfect policies and regulations and mature technology, there is no possibility of privacy computing from theory to large-scale application. Some practitioners expressed emotion many years ago that private computing is a “patch” in the world of science and technology, and someone needs to “debug the world”. Now, perhaps, is the best time for the technology of privacy computing to debug the world.
