Mylar: MITs Answer to Data Leaks and Theft

01:29 Thursday Mar 27, 2014


MIT researches claim that services built using Mylar keep data on their servers encrypted at all times and only ever decrypt it on a person’s computer.

Reminders that data entrusted to online services can easily be leaked or stolen aren’t hard to find. Major companies commonly have passwords and other data taken by attackers, while governments have their own ways to get hold of user data.

Researcher Raluca Popa of MIT thinks many online services should and could be redesigned to guard against that. “Really, there’s no trusting a server,” she says. Popa has led the development of a system called Mylar for building Web services that puts that philosophy into practice. Services built using it keep data on their servers encrypted at all times and only ever decrypt it on a person’s computer.

They claim: First, Mylar allows the server to perform keyword search over encrypted documents, even if the documents are encrypted with different keys. Second, Mylar allows users to share keys and data securely in the presence of an active adversary. Finally, Mylar ensures that client-side application code is authentic, even if the server is malicious.

Other platforms, such as the Woogloo V3 platform (released in 2011) using a natively encrypted H2 database, also claim the same things. So why is this a breakthrough?

However, it is good to see MIT taking data security seriously and building an open source platform that others can use to bring their web application up-to-speed with modern data protection standards - especially given that MIT is an American instiution and the main threat to data security is the NSA.



< Back

    Add your comment

    We aim to have healthy debate. But we won't publish comments that abuse others

    1200 characters left





    © copyright 2013 Website News. All rights reserved.






    Website News is for and about the website design, development, marketing industry. We will endeavor to bring you up-to-date news and information to help you in your work as well as give you useful information and tips for your clients and their businesses.

    We are always keen for you to submit any information you find from elsewhere, or about your business, that you feel will be relevant.





    Contact Us:

    For advertising enquiries or to submit a story, please email us at:



    Website News

    Sign-up to Website News and create your universal Woogloo ID

    Your details

    Your login details

    Your address

    Is your address not being found?


    Company address

    Yes No

    To register on the Website News website you either need to use your
    exisitng Woogloo ID or create a new one (see below).

    Sign Up

    Why sign up?

    • Get access to Registered User's priviledges, which may include hidden pages, special features and special pricing, if they exist, on this website.
    • Get access to all sites powered by Woogloo V3 without having to enter your details everytime.

    Login Error

    Forgot your password?

    Enter your email address below and click 'Reset Password' Button

    What is a Woogloo ID

    Logging in...