Duality Technology

The Duality platform enables you to gain new insight from data you could not access previously. Duality enables multiple organizations to collaborate on sensitive data while ensuring that sensitive data is protected.

Duality platform is comprised from the following layers


Collaboration Management

The Duality platform provides end-to-end capabilities to manage the collaboration network and initiate secured computations. This includes the entire data lifecycle, from setting up a secure collaboration network, to data management tools such as data pre-processing and schema alignment, through various data governance mechanisms to reporting.

  • Collaboration Hub: Manages multiple participants, including project setup, and appointing the project’s participants roles. This is achieved by task scheduling and coordination between participants.
  • Data Management: Provides a toolset for multiple datasets across various accounts as part of the collaboration network. From data ingestion, through data preparation, to performing analysis on the data. Includes tools to enable data pre-processing and schema alignment between participants.
  • Governance & Control: Provides users with full management of their data collaboration governance and permissions – each participant in the collaboration network defines exactly what is shared, and with whom.
  • Exploration: Includes tools that help users to start their exploratory data analysis before running anything with sample data, schema info and other tools but in a way that does not expose any sensitive data.
  • Reporting: Provides a wide set of reports for auditing and logs analysis.

Computation Engines

All computations run in a privacy-preserving manner. The platform enables the option of running aggregated data analysis as well as running a private set interaction between multiple datasets as a step prior to the ML or statistical computation.

  • AI and Machine Learning:  The platform has built-in interfaces for running both machine learning training and inference. When running inference you can choose whether to protect the data or the model. Duality enables the option of taking an existing model that was trained externally and “converting” it into an encrypted model protecting the model algorithm. Conversely, you can run inference on encrypted data.
  • Statistics Computation: Statistics is a secure statistics solution enabling organizations to execute statistical computations on encrypted data, protecting privacy, confidentiality, and intellectual property.
    When running a statistics session federated and linked data aggregation is enabled.
  • Encrypted Queries: Allows multiple organizations to collaborate on decentralized data by performing privacy-enhanced SQL-like queries. Query parameters and results remain protected by homomorphic encryption while they are deployed, and the underlying data never leaves the owner’s environment. The Duality Query engine provides cooperating parties with a set of tools to define collaboration projects and controls, such as user roles, authorized queries, approval processes, data policies, as well as the ability to flexibly create custom queries using the out-of-the-box Query Builder.

Privacy-Preserving Technologies

Data has three basic states: at rest, in transit, and in use. Organizations that handle sensitive data such as personally identifiable information (PII) or confidential material typically encrypt or otherwise protect that data while it is being stored (at rest) or when it is being transmitted (in transit). However, when the data is processed, analyzed or manipulated in any way (in use), it must be decrypted – making it visible, vulnerable and at risk. This prevents utilization and monetization of the data.

The Duality platform uses multiple technologies to protect sensitive data. The Duality approach is that one size does not fit all, instead providing the best of breed technology. This enables you to select the most appropriate technology for your use case. For some cases, multiple technologies are combined and used at the same time.

The Duality privacy-preserving data collaboration platform leverages cryptographic methodologies that enhance several Privacy Enhancing Technologies (PETs). PETs allow complex computations on data while the data or model itself are kept hidden and secured during computing. No one PET is optimal for all data collaboration initiatives. The Duality platform therefore combines multiple PETs with cutting-edge data science to provide data governance and privacy.

Types of PETs


FHE is a powerful cryptographic primitive that enables performing computations over encrypted data without having to decrypt any data or share access to any secret keys. FHE covers a set of encryption methodologies that allow computations to be performed on encrypted data while it is being used – without ever decrypting it. FHE schemes use a mapping between two mathematical structures that preserves the computational characteristics of the structures. This allows operations to be run directly on encrypted data (ciphertexts), while yielding the same results as if the functions were run on plaintext.

Duality is a prime contributor to the research and development of OpenFHE, an open-source privacy-preserving cryptography library, which is designed for usability and performance, providing simpler APIs, modularity, cross-platform support, and integration of hardware accelerators. OpenFHE complies with the HomomorphicEncryption.org post-quantum security standards for homomorphic encryption. For more info regarding OpenFHE, visit https://www.openfhe.org/.


Multi-party computation, commonly referred as MPC, is a PET technique that utilizes cryptography techniques to allow multiple parties to perform joint computations on individual inputs without revealing the underlying data between them or interim computations.

Secure Federated Learning

Federated Learning (FL) is a distributed machine learning (ML) technique that enables model training on data from multiple, decentralized servers with local data samples, without exchanging or moving data. This approach ensures that the data remains in its original location and is not exposed to any other parties.

Another characteristic of FL is that it is typically composed of heterogeneous datasets where the size of the dataset varies from one data owner to another. 
Duality developed a second layer of security on top of FL to ensure that the federated computation itself is performed while encrypted, keeping the model concealed from all participants and the computation operation secured.

Trusted Execution Environment

Trusted Execution Environments (TEEs) provide secure computation capability through a combination of special-purpose hardware and software built to use those hardware features. It provides a mechanism by which a process can run on a processor without its memory or execution state being visible to any other process on the processor, even the operating system or other privileged code. 

Other processes (whether local or remote) that must trust an enclave can receive attestation that the enclave is genuine, and that the code running in it and the static parts of its memory space are exactly what is expected. Such attestation is guaranteed using cryptographic capabilities. Duality added the option to use TEE that works in conjunction with the cryptographic solutions. The platform runs on top of AWS nitro enclave  and Google confidential space. Azure TEE is in the roadmap.

Experience secure collaborative computing today.

Maximize the value of sensitive, regulated, or confidential data.