Secure and privacy-preserving data processing.

Obscura is a module for efficient general-purpose computation on encrypted data, powered by a combination of privacy-enhancing technologies. Obscura enables the execution of complex algorithms over significantly large data sets by combining advanced cryptographic tools and protocols with sophisticated software engineering and clever application design. 

The Problem

Virtually everything we do is somehow generating, consuming, or transforming data in a matter of seconds. Constant flows of information contribute to an unprecedented volume of data being created and processed daily. This growth and abundance of data brings a substantial increase in security and privacy challenges. Proactive adaptation to evolving regulatory frameworks and engagement with relevant authorities is now crucial. By investing in robust data safeguards, implementing privacy-by-design solutions, and collaborating with regulatory bodies, enterprises can mitigate risks, safeguard sensitive data, and avoid potential fines and reputational damage.

Obscura’s Secure Data Processing Mitigates:

The Solution: Obscura Module

Obscura is a general-purpose, secure computation platform for data processing. It performs computation on encrypted data as recommended by ISO 27001 and privacy regulations such as GDPR. Obscura is suitable for applications such as secure data transfer and machine learning over encrypted datasets, going beyond partial measures for data security and privacy by exclusively working with encrypted data at all times. 

Peace of mind provided by cutting-edge technologies. 

Secure Multiparty Computation (MPC)

The security of Obscura MPC protocol is provided by threshold secret sharing where input data is shared across multiple parties, each one containing meaningless data in isolation. Only upon collection of a required number of distinct shares can the data of interest be retrieved. Security is achieved by ensuring that no unauthorized entity controls or corrupts this number of distinct shares. 

Fully Homomorphic Encryption (FHE)

The security of Obscura FHE is provided by the hardness associated with the Ring Learning With Errors problem (RLWE) and achieved via well-known cryptographic constructions which are considered to be quantum-resistant.

M2M Identity Access Management

Obscura uses Spectra for authenticating, authorising, and auditing communication between each component and for any communication between machines. Before the security provided by MPC and FHE takes place, Spectra protects data and transactions with standard cryptography – with the added benefit of real-time, always-on auditing.

How Obscura Works

Obscura Data Sync is under the customer’s control. This is the only instance where data of any kind (including personal data) is unencrypted and therefore readable. This data is never processed under any circumstance. Obscura Data Sync is responsible for double encrypting data (inner layer encryption for homomorphic operations and outer layer encryption for protecting both homomorphic manipulations as well as data at rest). Data that leaves the customer’s infrastructure is unreadable by non-key owners.


Double encrypted data is securely transmitted from the customer’s infrastructure to the Obscura Secure Execution Environment (OSEE) by Spectra. The payload between the Data Sync and the OSEE is also encrypted with a single-use, ephemeral secret key which is generated via standard key exchange protocol. Data in transit is unreadable by non-key owners.


In the OSEE, the outer encryption layer of the data is decrypted so secure homomorphic operations can be performed. Plain text data is never exposed and therefore data being processed is also unreadable for non-key owners.


Once reports are securely generated, aggregated data is also securely transmitted to the Obscura Dashboard using standard cryptography. Only aggregated data that does not allow identification of data subjects is then visualised.


Throughout the entire application lifecycle, Algemetric does not have access to any data that is not encrypted or GDPR compliant.

Securely analyse large amounts of unstructured data in near-real time. Obscura consists of three components:


Obscura Data Sync (ODS): Software which remains under the client’s control, provided for accessing unencrypted databases on the client side. Once data is encrypted and shared, data is double encrypted using standard cryptography and transmitted to the Obscura Secure Execution Environment.


Obscura Secure Execution Environment (OSEE): In the trusted execution environment data is kept encrypted with standard symmetric cryptography. Once computation of a particular algorithm is required, the external layer of the double encryption is decrypted, which enables computation on the inner layer of the doubled encrypted data. Plain data is never exposed throughout this process.


Obscura API (OA): The component responsible for requesting, receiving, and processing results from the OSEE. The OA only sees requests for execution of predefined algorithms and the result of these algorithms. Communication between these three components is always protected by Spectra.

Monetize Your Data: Reconcile data utility, security, and privacy, and enable strategic data intelligence in a secure and privacy-preserving way. Open new revenue streams from subscription-based and on-demand services.


Move Towards Regulatory Compliance: Obscura goes beyond partial data security and privacy measures by exclusively working with encrypted data at all times. Move towards data security and privacy compliance with regulations such as GDPR, CCPA and others. 


Fortify Corporate Sovereignty: Obscura helps organizations to protect their control, exclusivity, ownership, and advantages by enabling collaborations in which only aggregated data is used.


Your Data Breach Shield: Data breaches can occur for a variety of reasons including product or service malfunction, unaddressed system and architecture vulnerabilities, human error, and malicious behavior. In all cases with Obscura, if a data breach occurs, only encrypted data will be exposed, giving no advantage to unauthorized parties or malicious actors.

Encrypted Data Only: Not all data is sensitive and therefore not everything must be encrypted for allowing computation on encrypted data. Obscura works well with hybrid scenarios in which different data with different purposes might be protected with distinct cryptographic tools. However, Obscura only possesses and processes encrypted data for a significant data breach risk reduction.


On-Database Computation: Obscura allows for overriding some native operations in databases for better performance and less development complexity.


Efficient Built-in Data Encoder: Most of the data handled by Obscura is fractional data (from applications in finance, statistics, machine learning, etc.). Obscura uses a fractional encoder with better efficiency than typical high-precision techniques.

Data Synchronization: ODS is deployed at the customer’s infrastructure under their control and is responsible for automatic or on-demand synchronization between the unencrypted and encrypted database on an iterative and incremental basis.


Algorithm Execution: The OSEE receives algorithmic instructions from the OA for execution. These algorithms are pre-approved by the customer under the scope of each particular application.


Integration with Prisma: Once results are available, Obscura can be easily integrated with Prisma for a number of data visualization options. Once data is integrated with Prisma, it can also be exported to external visualizations tools.


Want more details? Contact us.

Fill in the form on the side, we will get back to you shortly.

Men talking wight someone on a notebook
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.