It will thwart websites from disclosing data.
Researchers at Massachusetts Institute of Technology (MIT) have developed an encryption platform called ‘Mylar’ for building secure web applications by encrypting data on servers followed by decryption on an individual’s computer.
Running alongside a Web service building tool called Meteor, the Mylar prototype secured six applications by modifying only 35 lines of code, according to the researchers.
MIT Computer Science and Artificial Intelligence Laboratory researcher Raluca Popa told MIT Technology that simply encrypting each user’s data with a user key does not suffice, and Mylar addresses three challenges in making this approach work.
"First, Mylar allows the server to perform keyword search over encrypted documents, even if the documents are encrypted with different keys," Popa added.
"Second, Mylar allows users to share keys and data securely in the presence of an active adversary.
"Finally, Mylar ensures that client-side application code is authentic, even if the server is malicious."
The new platform also incorporates a system that issues the required encryption key, to protect the data to be shared with other users, from being leaked either to the server or to snooping agencies.
The researchers also claim that the method thwarts anyone, even the intelligence agencies from spying on user data.
The Mylar platform is being tested by MIT researchers to secure patients’ medical info at Newton-Wellesley Hospital in Boston.