
Show HN: SECCOMP – A Secure Spreadsheet - davidcerezo
https://www.calctopia.com
======
pimlottc
This needs more explanation of what's going on and what the benefit is. Don't
tell us it's big deal ("the holy grail of secure computation"), show us why it
is.

I had to stare at the animated gif for a quite a long while before I realized
the two spreadsheets were different, and I still don't get quite what's
happening here. Computations are not automatically updated when input data
changes like they usually are in spreadsheets? Do both sides have to agree to
compute the cell before the operation is performed?

~~~
davidcerezo
There's a succint description of the steps at the webpage:

1- Both parties have to agree to the same formulas that will be computed 2-
The spreadsheets are different because the inputs of the two parties are
different, not the formulas 3- When both parties agree to compute the same
cell, the secure multi-party computation between both parties starts: when
it's finished, the result is displayed on a destination cell or as a comment

The point is that computer users, not knowing advanced cryptography, will be
able to securely compute in a transparent way (ie. "cryptography
dissappears").

~~~
infogulch
This is all I see when I watch your animations:

    
    
        1. Two complex spreadsheets, they look similar (therefore, assume they're the same)
        2. Click some cells
        3. Wait...
        4. TADA, A number appears!?!??
    

What is this number? How is this different from regular spreadsheets, is it
just a super slow formula eval? Why are there two identical sheets (it's
moving way too fast to notice that they're different)? Why did you select the
cell first? Before any of these questions could be answered by actually
reading the spreadsheet the animation jumps straight to the next one, which is
essentially the exact same as the last with a different title at the top.

Also, why are you demoing starting from selecting the output cells, like 5
times? That's the most boring and repetitive part of your whole product.

Your demo should be MUCH simpler. Start with a single blank spreadsheet and
solve the millionaire problem (you mentioned it elsewhere) in 15 seconds,
including typing the formula and sending the sheet to the second person. This
problem is simple to conceptualize and easy to motivate.

~~~
davidcerezo
OK, I'll make much easier examples: other people which I've asked thought them
OK.

------
na85
I'm not exactly sure what is being sold here. Is it an ostensibly-secure
spreadsheet as a service?

If I wanted a secure spreadsheet my instinct would be to use LibreOffice on an
airgapped system and store it in an encrypted container of some kind... I'm
not sure any sort of cloud solutions would even enter into my deliberations if
I had truly sensitive stuff to work with.

~~~
davidcerezo
It's not about encrypting files (encryption at rest): you can do the secure
multi-party computations over your private LAN, and the encrypted network
traffic will never leak to anybody (ie. no way to cryptanalyze anything in the
future).

It's about encrypting the computation between the parties: this kind of
technology is being used to prevent satellite collisions on secret orbits, for
example.

~~~
na85
>It's not about encrypting files (encryption at rest): you can do the secure
multi-party computations over your private LAN, and the encrypted network
traffic will never leak to anybody

Honest question: Can't I do that already by using SFTP or ssh and uploading a
spreadsheet? I just feel like I'm missing something. Do you have some kind of
real-time aspect going on?

Second question: How do I know that your closed-source app isn't exfiltrating
the data clandestinely?

> (ie. no way to cryptanalyze anything in the future).

Assuming no flaws are ever going to be discovered in your crypto scheme in the
future is pretty bold.

>It's about encrypting the computation between the parties: this kind of
technology is being used to prevent satellite collisions on secret orbits, for
example.

Given that anything orbiting the earth can be observed from the ground with
sufficient resolution, there's no such thing as a secret orbit. This sounds
more and more like snake oil.

~~~
davidcerezo
>Honest question: Can't I do that already by using SFTP or ssh and uploading a
spreadsheet? I just feel like I'm missing something. Do you have some kind of
real-time aspect going on?

No, you aren't encrypting the computation, just encrypting some data. Using
secure computation (garbled circuits, secret sharing, homomorphic encryption,
...), you are encrypting every mathematical operation.

> Second question: How do I know that your closed-source app isn't
> exfiltrating the data clandestinely? >Assuming no flaws are ever going to be
> discovered in your crypto scheme in the future is pretty bold.

What I've written is: if you are carrying the secure computation on your
private LAN and nobody is sniffing the traffic (potentially gigabytes), in the
future they will have no way to cryptanalyze what the inputs were. And you can
check that no information is being sent to anywhere during the secure
computations: all the encrypted data is sent between the two computers
carrying out the secure computation.

> Given that anything orbiting the earth can be observed from the ground with
> sufficient resolution, there's no such thing as a secret orbit. This sounds
> more and more like snake oil.

You can learn more here:
[https://eprint.iacr.org/2013/850](https://eprint.iacr.org/2013/850)
[https://eprint.iacr.org/2016/319](https://eprint.iacr.org/2016/319)

~~~
na85
My skepticism was the secret orbits, not the shared multiprocessing.

There's no such thing as a secret orbit.

~~~
anfractuosity
I think secret orbit just means the orbit might not be publicly published.

I assume this is what is being referred to:
[https://sharemind.cyber.ee/private-satellite-collision-
predi...](https://sharemind.cyber.ee/private-satellite-collision-prediction/)

------
scrumper
The text is aggressively sales-y in quite an old-fashioned and cheesy way. I
share other commenters' confusion about what's actually happening here too.
Having read a bit on secure multi-party computation, you've made something
interesting but it's not coming across on your website.

~~~
davidcerezo
You're right about that: just trying to explain it to business people.

I've put more detailed information for math/crypto people here:
[https://www.calctopia.com/2017/02/01/on-the-security-
model/](https://www.calctopia.com/2017/02/01/on-the-security-model/)

More to come soon!

~~~
scrumper
For explaining to business, it's generally better to describe a problem and
then show how your thing solves it. This is a gentler approach than the 'hard
sell' and draws people in, not least because it shows that you do understand
their world and their challenges.

------
beaconstudios
what is this meant to do? The demonstration video just looks like a regular
interaction with excel, with some coloured cells. My immediate questions as a
clueless user (one with a cryptographic background nonetheless) are:

\- How is this different from a regular collaborative spreadsheet?

\- What attacks am I protected against if I use this product?

\- Is the attack a real risk to my business, or largely theoretical?

\- What problem does this solve that encrypting and emailing a .xlsx doesn't?

Overall it's quite hard to catch the value proposition.

~~~
davidcerezo
Both parties are computing some spreadsheet formulas contributing their own
secret inputs, in such a way that both learn the result but not the input of
the other party: it's cryptographically impossible to do so. Regular
collaborative spreadsheet software doesn't do that: actually, this is the
first program for normal computer users that is able to do so (and not
cryptographers specialized in secure multi-party computation).

It depends on your business: if you are bank, a financial firm or any other
that handles very valuable and confidential data, you need secure computation
on any of its forms (garbled circuits, secret sharing, homomorphic
encryption).

Encrypting and emailing is encryption at rest, you're not encrypting the
computation.

------
adgasf
I assume this is using some form of Secure Multi-party Computation. Where is
the source-code?

~~~
davidcerezo
Yes, it's state-of-the-art secure multi-party computation. The code is closed
for now, but it'll be gradually open-sourced in the future.

------
TechTechTech
Looks like a closed-source implementation of a Homomorphic Encryption
algorithm.

"Homomorphic encryption is a form of encryption that allows computations to be
carried out on ciphertext, thus generating an encrypted result which, when
decrypted, matches the result of operations performed on the plaintext."
[https://en.wikipedia.org/wiki/Homomorphic_encryption](https://en.wikipedia.org/wiki/Homomorphic_encryption)

~~~
davidcerezo
It's not homomorphic encryption: it's garbled circuits and oblivious transfer
(order of magnitudes faster than homomorphic encryption, a cryptographic
technique with lots of publicity but it'll take some years before it's
practical) supporting floating-point operations (there are no opensourced
libraries with floating-point support).

------
tomc1985
I think the point is to arrive at answers without revealing how certain
formulas (formulae?) are calculated? Or something?

~~~
davidcerezo
The point is letting others use your data (vg. your valuations, prices, ...)
without others learning/stealing your information, et vice versa.

It's usually explained using the Millionaires' Problem
([https://en.wikipedia.org/wiki/Yao's_Millionaires'_Problem](https://en.wikipedia.org/wiki/Yao's_Millionaires'_Problem)):
"two millionaires, Alice and Bob, who are interested in knowing which of them
is richer without revealing their actual wealth."

------
JorgeGT
Closed-source "patent-pending" cryptography technology and absolutely no
contact info other than an e-mail? Sounds like the kind of place where I would
input my most secure data.

~~~
davidcerezo
It's secure multiparty computation, specifically tailored for spreadsheets:
your secret inputs never get out of your computer in plaintext form, only in
encrypted form between the participants of the computation. For the moment,
it's closed-source: but it'll be gradually open-sourced in the future, just
give it some time.

~~~
sporkenfang
"Cutting-edge cryptography: Benefit from the latest advances in cryptography
research with our Patent-pending technology" as your website says, is a scary
statement. If you're not using well vetted cryptography, that's a huge red
flag. The Harry Potter quote sums it up best:

“Ginny!" said Mr. Weasley, flabbergasted. "Haven't I taught you anything? What
have I always told you? Never trust anything that can think for itself if you
can't see where it keeps its brain!”

As relatively security-literate users of an app where we'd be putting
personally identifiable information or other details we don't want getting
out, it stands to reason we want to see a history of commits on an open source
project and a history of security audits and preferably be able to refer to
RFC's for the algorithms and protocols used.

Unless you guys open source and publish audit details, it's not worth my time
to consider this product. No disrespect meant, it's just common sense.

~~~
davidcerezo
You can read more details about the algorithms/protocols here:
[https://www.calctopia.com/2017/02/01/on-the-security-
model/](https://www.calctopia.com/2017/02/01/on-the-security-model/)

I don't agree with the statement "because is open-source is more secure"; for
example, OpenSSL has been open-source for almost 20 years and it's difficult
to consider it really secure. Only code reviews by experts make software more
secure.

BTW: quoting Harry Potter doesn't make you look serious.

~~~
sporkenfang
I didn't say open sourcing the code was the only important thing.

And I don't give a rat's ass about looking serious :)

------
ktta
There's a linux kernel security feature named seccomp[1] too, in case you
didn't already know. Changing it would maybe avoid confusion.

[1]:[https://github.com/seccomp/libseccomp](https://github.com/seccomp/libseccomp)

------
chatmasta
If you've really got something groundbreaking here, you're going about selling
it in the totally wrong way. As you say, your most likely customers are banks
and financial institutions. They are not going to buy something like this, and
introduce a major new concept into their business process, by clicking the
"buy" button on your website.

You need to convince them to implement the new process (secure multiparty
computation) before you even begin selling your product.

To do this you need high touch sales, for high prices, to a small group of big
clients. Go to New York City, setup some meetings, and get in a room with
decision makers. First, sell them on the advantages of secure multiparty
computation. Show them a nice demo of a scenario they can understand. Then,
once they're sold on that, sell them your product for a few million dollars.

You should probably raise capital and build an experienced sales team to do
this for you.

~~~
fiatjaf
Ignore this comment, look at the experience from ThingieQuery:

\-
[https://news.ycombinator.com/item?id=13114421](https://news.ycombinator.com/item?id=13114421)

\- [https://www.querystorm.com/](https://www.querystorm.com/)

------
ajamesm
Can you tell me what a homomorphism is?

Not for my own enlightenment, I just want to know if I should hold my breath
for your eventual open-sourcing.

~~~
davidcerezo
It's not using homomorphic encryption: it's using garbled circuits and
oblivious transfer (order of magnitudes faster).

~~~
ajamesm
I wasn't interested in whether you're using them, I just want to know if you
can define the term.

Or, if you'd care to share any interesting papers or resources related to the
cryptography you've implemented!

~~~
davidcerezo
Sure, I've just published more details taken from the documentation:

[https://www.calctopia.com/2017/02/01/on-the-security-
model](https://www.calctopia.com/2017/02/01/on-the-security-model)

~~~
ajamesm
OK, somewhat less skeptical now. I'll read up on this. Thanks.

------
huac
I get the skepticism about this product, but why are the author's comments all
dead, without a way to vouch?

------
beamatronic
Isn't this a secure spreadsheet?

[https://sheets.google.com](https://sheets.google.com)

~~~
davidcerezo
It's running over HTTPS (protecting the network traffic between the user and
their servers), but it doesn't offer encrypted computation.

