Encrypted Execution Environment (E3)
An Encrypted Execution Environment (E3) enables secure computation over encrypted inputs from multiple independent parties. E3s combine three essential components to preserve input confidentiality and support correct execution:
- Fully Homomorphic Encryption (FHE): Enables computation directly on encrypted data without decrypting it.
- Zero-Knowledge Proofs (ZKPs): Enable verification of inputs and computation without revealing sensitive information, making it possible to validate correctness while preserving privacy.
- Distributed Threshold Cryptography (DTC): Distributes cryptographic key control across multiple ciphernodes, reducing reliance on any single operator and eliminating single points of failure.
Together, these components make it possible to compute across private inputs without exposing the underlying data.
When to Use E3s
E3s are useful when you need to:
- Compute across sensitive inputs from multiple parties without taking custody of the underlying plaintext data.
- Build workflows compatible with data protection requirements such as GDPR or HIPAA.
- Reduce operational and legal liability when handling sensitive data.
- Produce shared results from otherwise inaccessible or sensitive datasets.
- Reduce reliance on any single operator or trusted hardware component.
Practical Use Cases
- Secret Ballots: Implement voting systems that preserve ballot secrecy while producing verifiable outcomes.
- Secure Data Analysis: Compute across private datasets without taking custody of raw data.
- Collaborative Research: Enable multiple organizations to jointly analyze sensitive data without sharing the underlying records.
How E3s Work for Developers
As a developer, building with an E3 typically involves:
- Defining the computation logic for the E3 Program.
- Configuring the parameters for the execution environment.
- Submitting encrypted inputs.
- Retrieving and verifying the result.
Each of these steps is covered in detail in the following sections.