Skip to main content
Encryption of data in the Arcium Network is handled at the MPC eXecution Environment (MXE) level. The Arcium Network lets Computation Customers define encryption protocols for each MXE individually. Each MXE operates independently and does not share state with other MXEs. While external solutions can enable encrypted data persistence across multiple MXEs, Arcium does not provide protocol-level state storage. This ensures that every computation remains isolated, preserving confidentiality and security. Arcium’s configurable encryption gives customers the flexibility to customize encryption protocols to suit specific use case requirements. When setting up an MXE, users can choose from a range of encryption options, balancing the need for performance with the level of security. For example,
  • Lightweight encryption can be selected for tasks prioritizing speed and efficiency.
  • Stronger encryption protocols are available for handling highly sensitive data requiring enhanced protection.
This lets each MXE choose an appropriate security and performance tradeoff.
PET Comparison

Side-channel attack resistance

Some confidential execution platforms, such as Trusted Execution Environments (TEEs), rely on hardware to secure data. This approach has exposed them to side-channel attacks, such as sgx.fail, which can leak or manipulate data and weaken confidentiality guarantees. In contrast, Arcium’s Cerberus protocol relies on computational and information-theoretic security, ensuring that even a majority of malicious participants cannot extract or falsify information, provided security assumptions hold. Some MPC implementations can be susceptible to timing attacks, where attackers infer information from processing-time variations. Arcium mitigates this class of risk with constant-time operations.
For implementation details on encrypting data in your application, see the Encryption overview.