Investors Bet Big on Attempts to Solve Encryption ‘Holy Grail’


News Analysis: Venture capital investors are pumping millions of dollars into privacy enhancing technology (PET) projects, betting that hardware and software innovation is finally coming together to solve one of the “holy grails” of encryption.

Just this month, a handful of ambitious startups — Duality Technologies ($30 million, Series B), Tonic.ai ($35m Series B), and Gretel ($50 million, Series B) — banked a combined $115 million to keep pace in the race to allow “privacy enhancing computation” on encrypted data without the need to decrypt and expose sensitive data.

The latest funding flurry follows a recent Gartner report picking privacy-enhancing computation as one of 2021’s top strategic technology trends and predicting that by 2025, half of large organizations will adopt privacy-enhancing computation as a means of processing data.

Existing encryption products seek to protect data while stored or in transmission, but the data must be decrypted — and exposed — if entities want to run computations or train machine learning models. The category of Privacy Enhancing Technologies — particularly homomorphic encryption — has emerged as a way to allow multi-party data sharing and computation without the need to decrypt and expose sensitive data or intellectual property.

Even in the PET category, there are multiple different approaches with fully homomorphic encryption (FHE) considered the “holy grail” because of the promise of enabling computation on encrypted data, or ciphertext, rather than plaintext, or unencrypted data – essentially keeping data protected at all times.

Homomorphic encryptionDespite its potential, FHE requires enormous computation time to perform even simple operations, making it exceedingly impractical to implement with traditional processing hardware. Earlier this year, the U.S. government’s Defense Advanced Research Projects Agency (DARPA) announced investments and projects in homomorphic encryption space.

One of the companies cashing in on the DARPA moves is Duality Technologies, an Israeli/US tech startup founded by world-renowned cryptographers. Duality’s tools offer a blend of homomorphic encryption with data science expertise to secure analysis on encrypted data — while complying with data privacy regulations and protecting intellectual property.

The company has scored partnerships with a range of big-name companies, including Intel Corp. (Intel Capital is a Duality investor), Scotiabank, Oracle, IBM and the World Economic Forum (WEF) and recently snagged a $14.5M DARPA contract to develop an advanced privacy-preserving hardware accelerator for machine learning applications.

A second player making waves is Gretel.ai, a San Diego company that sells a “privacy engineering as a service” platform for developers to share and collaborate on sensitive data across teams and even external organizations.

Gretel.ai, which has so far raised close to $68 million in funding, is innovating around the use of synthetic data sets to preserve privacy during computation and data-sharing.   Gretel.ai says its tools offer developer APIs and utilities that provide the highest quality results through data operations to label and classify, transform and anonymize, and generate synthetic data.

Gretel says its products can be used to train machine learning models on datasets and generate synthetic data that is statistically equivalent; transform data via automatic labeling and classification.

Another startup banking investor dollars is Tonic, a company that describes itself as “the fake data company.” Tonic just secured a $35 million Series B round to continue developing its own tools to generate synthetic data sets to mimic production data for development.

“When we launched Tonic.ai in early 2018, we knew there’d be challenges tied to the fact that we were entering a very new industry with a very original angle,” says Tonic co-founder and chief executive Ian Coe.

Coe said Tonic’s platform is used by developers to safely and realistically mimic existing production data across databases to capture the full complexity and nuance of their data’s behavior. “Fake datasets that once took developers days or weeks to build in-house can now be generated in minutes, Coe said, arguing that privacy enhancing technologies are quickly becoming a crucial part of the modern CI/CD toolchain, allowing developers to move faster, while maintaining compliance and security.

Tonic, which maintains offices in San Francisco and Atlanta, has raised $45 million to date and counts eBay, VMWare, The Motley Fool and Flexport among its customers. 

Several other well-capitalized players in the PET category include Enveil, the brainchild of former NSA mathematician Ellison Anne Williams. Enveil has closed $15 million in funding and is finding success with its ZeroReveal API-based product that delivers homomorphic encryption capabilities.

While a surge in venture capital funding can be seen as an attempt to create markets that didn’t exist before, the value of running computations against encrypted data is huge, particularly in heavily regulated industries. 

“I’m encouraged to see more capital invested in privacy engineering startups,” says Will Lin, managing director at Foregepoint Capital, a venture capital outfit that focuses on cybersecurity investments. 

“Organizations have been building expertise in-house for years but not every company can afford to do that. I’m hopeful these startups will help make privacy-by-design a reality,” Lin added.

Related: Encryption Firm With NSA Roots Raises $10 Million

Related: IBM Releases Open Source Toolkits for Processing Data While Encrypted 

Related: Data Security Startup Enveil Unveils Homomorphic Encryption Platform

Related: Homomorphic Encryption Firm Duality Technologies Raises $30M Investment

view counter

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a journalist and cybersecurity strategist with more than 20 years experience covering IT security and technology trends.
Ryan has built security engagement programs at major global brands, including Intel Corp., Bishop Fox and Kaspersky GReAT. He is a co-founder of Threatpost and the global SAS conference series. Ryan’s career as a journalist includes bylines at major technology publications including Ziff Davis eWEEK, CBS Interactive’s ZDNet, PCMag and PC World.
Ryan is a director of the Security Tinkerers non-profit, and a regular speaker at security conferences around the world.
Follow Ryan on Twitter @ryanaraine.

Previous Columns by Ryan Naraine:
Tags:



Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *