[dumbfounder]

I am not talking about just encrypting the data and performing computation on the encrypted data, but encrypting the entire container with data inside and running that to produce a result with no way to view what’s going on inside. You can get around the limitations with how to run an algorithm on encrypted data because the data is not encrypted with respect to the program itself.

Theoretically it would work like this: you download a docker image, you load your data into it, you encrypt the entire image with data inside, you send that whole package to the cloud where it is run and it produces an output.

[franky47]

Yes I thought of that for my analytics SaaS (to calculate weekly reports), the issue is that the image has to be decrypted on the Docker host before execution, which requires it having access to the key somehow, breaking the end-to-end encryption promise (ie: "we have no way to access your data").

This could be mitigated by having that worker host self-hosted by your clients, it depends how practical that might be.