British distributed cryptography specialist MIRACL and the research subsidiary of NTT have developed a security framework for cloud computing, contributed to open source as Apache Milagro.

The project addresses user authentication, secure communications and data compliance, and its creators say it represents a considerable improvement on traditional digital certificate model.

Initially, Milagro has been designated as an Apache Incubator project – a status awarded to ideas that have captured the imagination of open source developers and are on the way to becoming fully fledged Apache Software Foundation projects.

The announcement was made at the ApacheCon North America conference in Vancouver, which began on Wednesday.

Fix the Internet

Cypher disc
– Thinkstock / Dorling Kindersley

MIRACL develops products based on a principle called Distributed Trust Authority (D-TA). Its framework and crypto libraries replace single-authority certificates and public key infrastructure with keys generated by at least three parties.

The company has collaborated with NTT Innovation Institute Inc. (NTT i3), a start-up incubator located in the Silicon Valley, and NTT Labs which leads the internal R&D efforts, in order to introduce D-TA into the open source community.

Milagro proposes a framework made of cryptographic service providers that independently issue shares of keys to application endpoints. It divides pairing-based key generation into three services: a third of each key is issued by a cloud provider, another third by the end-user, and the final part of the key comes from a ‘dedicated trust provider’ – i.e. a security vendor like MIRACL.

The company says this approach makes root key compromises and key escrow threats “an order of magnitude more difficult” since an attacker would need to subvert at least three independent parties in order to break the encryption.

In order to support Milagro, endpoints require the Milagro Crypto Library (MCL) and a Crypto App client, which will now be fine-tuned by a large pool of open source developers.

“Apache Milagro (incubating) is an opportunity to fix what ails the internet and leverage the power of the open source community to fundamentally evolve the security underpinnings of the web for how it’s used today,” said Brian Spector, CEO of MIRACL.

“The code and distributed trust model we are committing to Apache Milagro (incubating) is built for blockchain applications, cloud computing services, mobile and containerized developer applications by eliminating the need for any central trust authority. We are very excited to be part of Apache Milagro (incubating) and to work with the Apache Community to make the web more secure for everyone.”

MIRACL has promised that the project will satisfy the strict requirements for use in finance services, public sector and healthcare industries.