Cloaked AI
Unleash generative AI projects that use private data by protecting sensitive vector embeddings with searchable data-in-use encryption.
World-class companies trust IronCore Labs
'%3e%3cpath%20d='m0%200h585.09v167.2h-585.09z'/%3e%3c/clipPath%3e%3cclipPath%20id='b'%20transform='translate(0%20-1.05)'%3e%3cpath%20d='m372.11%200h161.23v167.2h-161.23z'/%3e%3c/clipPath%3e%3cg%20clip-path='url(%23a)'%3e%3cpath%20d='m63.1%2028.32v46.59h-42.78v-46.59h-20.32v111.21h20.32v-45.07h42.78v45.07h20.31v-111.21z'%20fill='%23fff'/%3e%3cg%20clip-path='url(%23a)'%20fill='%23fff'%3e%3cpath%20d='m148.42%20104.64a16.8%2016.8%200%200%201%20-33.61%200v-47.64h-19.23v47.63a36%2036%200%200%200%2072.08%200v-47.63h-19.24z'%20transform='translate(0%20-1.05)'/%3e%3cpath%20d='m291.17%2061.91c0-9.77%206.46-12.86%2013.54-12.86%205.7%200%2013.24%204.34%2018.16%209.61l12.62-14.87c-6.3-8.52-19.08-14.41-29.54-14.41-20.93%200-36%2012.24-36%2032.53%200%2037.64%2046%2025.71%2046%2046.79%200%206.5-6.31%2012.24-13.54%2012.24-11.39%200-15.09-5.58-20.32-11.46l-14%2014.56c8.93%2011%2020%2016.58%2033.25%2016.58%2019.85%200%2035.86-12.39%2035.86-31.76%200-41.83-46-28.81-46-46.94'%20transform='translate(0%20-1.05)'/%3e%3cpath%20d='m575.86%20122.81c-11.38%200-14.62-4.92-14.62-12.47v-33.34h17.7v-17h-17.7v-22.29l-19.54%208.77v68c0%2017.39%2012%2026.17%2028.46%2026.17a39.43%2039.43%200%200%200%207.7-.62l4.77-17.54c-2.15.15-4.61.3-6.78.3'%20transform='translate(0%20-1.05)'/%3e%3cpath%20d='m221.75%2057.56c-9.54%200-16.2%202.77-22.64%209.08v-36.64h-19.3v67.88c0%2025.39%2018.36%2042.79%2039%2042.79%2022.93%200%2043-17.7%2043-41.55%200-23.55-18.53-41.56-40.08-41.56m-.12%2063.68a21.89%2021.89%200%201%201%2021.89-21.89%2021.89%2021.89%200%200%201%20-21.89%2021.89'%20transform='translate(0%20-1.05)'/%3e%3cpath%20d='m431.28%2098.12c0-23.85-20.09-41.55-43-41.55-20.63%200-39%2017.39-39%2042.79v67.84h19.3v-36.61c6.43%206.31%2013.09%209.08%2022.64%209.08%2021.55%200%2040.08-18%2040.08-41.56m-18.3-.23a21.89%2021.89%200%201%201%20-21.91-21.88%2021.89%2021.89%200%200%201%2021.91%2021.88'%20transform='translate(0%20-1.05)'/%3e%3c/g%3e%3cg%20clip-path='url(%23b)'%3e%3cpath%20d='m495.7%2055.29v-19.62a15.09%2015.09%200%200%200%208.82-13.61v-.45a15.23%2015.23%200%200%200%20-15.28-15.09h-.46a15.23%2015.23%200%200%200%20-15.28%2015.09v.45a15.09%2015.09%200%200%200%208.82%2013.61v19.62a43.63%2043.63%200%200%200%20-20.61%209l-54.57-41.95a16.67%2016.67%200%200%200%20.61-4.25%2017.24%2017.24%200%200%200%20-34.48%200%2017.17%2017.17%200%200%200%2025.73%2014.72l53.67%2041.19a42.46%2042.46%200%200%200%20.67%2048.39l-16.34%2016.15a13.93%2013.93%200%201%200%2010.12%2013.34%2013.64%2013.64%200%200%200%20-.66-4l16.15-15.94a43.7%2043.7%200%200%200%2026.39%208.84c24.07%200%2043.58-19.26%2043.58-43%200-21.51-16-39.28-36.89-42.46m-6.69%2064.49a22.06%2022.06%200%201%201%2022.34-22.06%2022.2%2022.2%200%200%201%20-22.34%2022.06'%20fill='%23fff'%20transform='translate(0%20-1.05)'/%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
AI vector embeddings you can encrypt and still query
Reduce risk by protecting data at the application layer
Application-layer encryption (ALE) provides strong protection against breaches, unauthorized insider access, injection attacks, and cloud misconfigurations.
Protects your AI data while allowing GenAI workflows
Vector embeddings are vulnerable to inversion attacks that expose the source data including PII, diagnoses, images, biometrics and more.
Comply with privacy and security regulations
Meet data protection obligations without losing functionality. Comply with privacy laws and pending AI regulations by encrypting the data.
Easy to use: just a few lines of code to integrate
Load the Cloaked AI SDK and then call encrypt before storing, and call encrypt on any search vectors before querying.
Vector Encryption
Encrypt your AI data for private search anywhere
We encrypt your vectors and all associated metadata to keep your AI data safe while keeping it usable. But only those with the proper key can use it. Search your vectors and store them in any vector database with confidence and safety. Choose your vector database on the basis of features, performance, cost, convenience, or whatever you need – IronCore is database agnostic.
Privacy guarantee
Completely blind services
IronCore never sees your data. All data encryption and decryption is done inside your app and you store the encrypted data.
Some of our products make use of our cloud services to facilitate the handing out of encrypted configurations, encrypted private keys, or public keys. IronCore is never in a position to see unencrypted data, to decrypt encrypted data we hold, or see your keys.
Additionally, some of our products can operate entirely within your own infrastructure with no external service needed.
Why AI data matters
AI has a memory and that memory knows everything
Machine learning systems are hungry for data. More data makes them more useful. But it also makes them a bigger target. Private, confidential, and regulated data remains a risk even when it's represented as a vector embedding. Which is why it's incredibly important to build your systems right with security and privacy by design from the outset.
Use Cases
AI techniques protected by Cloaked AI
Here are a few examples of how Cloaked AI protects embeddings:
Recommendation systems
What are recommendation systems?
AI recommendation systems suggest similar or related items based on insights from data sets or histories. Traditionally used to enhance consumer shopping experiences or to provide food and media recommendations (what you see in your Netflix app), recommendation systems are now used in apps for lawyers, financial managers, and even healthcare workers.
Retrieval Augmented Generation (RAG)
What is retrieval augmented generation (RAG)?
RAG is a pattern that allows a generally intelligent AI model to answer questions based on data that it wasn't trained on, which may be private or sensitive. RAG is typically used to build out question/answer support over knowledge bases or pools of private data. This is most commonly achieved by putting the sensitive data into vector databases, using those databases to find material relevant to a given query, then providing that material as context to the model so it can answer the question. This is also used to keep AI systems from "hallucinating" plausible but false answers in an application commonly called grounding.
Biometric systems
What are biometric systems?
Biometric systems include face recognition, speech recognition, fingerprint recognition, iris recognition, author recognition (based on writing style), and behavior recognition. Because these things inherently have variances at the sensor level, at least, a vector database is a common choice for storing them. Two faces are the same if they are sufficiently similar and a search can be done for all similar faces in a repository. The same is true for voiceprints, fingerprints, and so on.
Anomaly and fraud detection
What are anomaly detection and fraud detection AI systems?
AI brings intelligence to the task of labeling and identifying data sets and clustering those sets so that outliers, anomalies, and other patterns can be detected. Vector databases can be used to group sets of data such as known bad behaviors (fraud, etc.) and known good behaviors. It can then study new behaviors and see if they're similar to good behaviors, bad behaviors, or if they are anomalous and worthy of investigation. Vector databases have the benefit of allowing AI systems to constantly learn and evaluate so bad behaviors can be identified and counteracted in real-time.
Similar image search
What is similar image search?
Also called reverse image search, similar image search powers tools like Google Images and TinEye where you upload an image, and a search is conducted for similar ones. Embedding models are used to capture meaning and information from the images in the form of vector embeddings. These embeddings are stored in vector databases, which perform nearest neighbor searches to find similar images.
Semantic text search
What is semantic text search?
Semantic search is another way of saying meaning-based search. Unlike keyword searches, which find a specific word or its synonyms, semantic search queries over concepts and meanings so even if different words are used it can find matches. It also avoids matches against words with multiple meanings where some are unrelated to the query. This is the future of text-based search.
Infographic eBook on Securing Gen-AI
The ultimate guide to AI security: key AI security risks, vulnerabilities and strategies for protection. 61% of companies use AI, but few secure it. This white paper covers the key AI risks being overlooked from LLMs to RAG.
Getting started
Built for easy integration and quick adoption
Using Cloaked AI is straightforward. The examples below show how to encrypt a vector before saving it when using Cloaked AI together with SaaS Shield to handle the key management concerns.
Python# pypi: ironcore-alloy plaintext = PlaintextVector([1.2, -1.23, 3.24, 2.37], "contacts", "conversation-sentiment") metadata = AlloyMetadata.new_simple("tenant-123") encrypted = await sdk.vector().encrypt(plaintext, metadata) # Store off encrypted_vector and paired_icl_info in your chosen vector database
Java// maven: ironcore-alloy PlaintextVector plaintext = new PlaintextVector(List.of(1.2f, -1.23f, 3.24f, 2.37f), "contacts", "conversation-sentiment"); AlloyMetadata metadata = AlloyMetadata.Companion.newSimple("tenant-123"); EncryptedVector encrypted = sdk.vector().encrypt(plaintext, metadata, null); // Store off encryptedVector and pairedIclInfo in your chosen vector database
Open Source Software
We believe in transparency and we talk openly about our choice of algorithms and our implementations. Our source code is open source and we invite security and crypto researchers to check it out. You can find the code on GitHub in our all-in-one SDK, ironcore-alloy.
Note: the open source license is AGPL so if you plan to use it in commercial or non-GPL software, you'll need an inexpensive commercial license.
Watch the short demo video
This demo walks through an example that uploads embeddings to Pinecone and modifies the code to first encrypt the embeddings and queries. You will learn about the threats, the code, how the encryption works, and how it impacts performance.
Easy integration
Integrate with your existing vector database or index
Cloaked AI is deployed as an open-source (AGPL dual license) SDK with support for Weaviate, Elastic, Pinecone, Qdrant, pgvector, and more. The vector, once encrypted, is largely meaningless, but common operations like nearest neighbor searches, clustering, etc., can still take place over the data. Only those allowed access to the key can make sense of the vectors that are stored.
Even if the vector database is hosted by a third-party and even if it is in another country, your data remains safe from foreign subpoenas, breaches, curious service provider employees, and more.
Application-layer encryption
Data protection for cloud servers
Encryption requires the correct key to unlock the data. But when you use infrastructure encryption like database or disk encryption, the key has already unlocked the data and stays in memory for as long as the server is running. This doesn’t do much to protect data in the cloud.
The solution is application-layer encryption (ALE), which encrypts data before storing it and keeps the key(s) separate from the data. It’s a simple, but powerful concept that often prevents curious admins, network breaches, cloud misconfigurations, and application vulnerabilities from compromising data.
Cloaked AI FAQ
Learn more about protecting AI data
Whether it’s your sensitive intellectual property, financial information, healthcare information, consumer personal information, or just non-public information at a public company, you need to protect data that can be abused.
Protect your data with non-transparent, application-layer encryption that provides the security and privacy for the data you hold, regardless of where that data lives.