Zero Knowledge Architectures for Mobile Applications

Sensitive data narrative

We have sensitive data and we can’t avoid sharing it.

slides
video from MobiConf ‘17

Zero Knowledge Architectures

Why mobile?

Where is ZKA used?

What about sharing data?

Encrypting shared data for each user is good, but naive approach
A better way of collaborating on sensitive data

How to implement a ZKA kind of collaboration on shared data

Things ZKA relies on

Key wrapping

Manage privileges

Control requests

Mitigate remaining attacks

Other use cases for ZKA

  • complex documents with comments or detailed spreadsheets (i.e. Google Docs, Dropbox Paper, etc.). In many cases, users shouldn’t have access to the whole document.
  • file systems are a perfect example of small blobs of data, structured and shared with different access control rights.
  • document store protection. If every blob in a database is a protected one, and access rights are protected, then you get an end-to-end document store, where every document or field’s rights can be granted to everybody. Imagine MongoDB with custom queries on secure data for the untrusted web apps and trusted queries from your mobile apps.

How difficult is it to implement ZKA in your products?

Recap

More links to follow

Looking for something else?

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store