ICO Quick Look: NuCypher is body armour for data
Proxy re-encryption of encrypted data
The NuCypher team is making proxy re-encryption available as a building block for developers.
Proxy re-encryption is interesting because it allows an encrypted file to be re-encrypted by a middle party, a proxy, without that proxy ever seeing the data.
This technology enables NuCypher to build a decentralised, trustless Key Management System (KMS). At its core, this helps developers and organisations manage access to their secure data more efficiently, and that opens up all sorts of possibilities.
Proxy re-encryption is a type of public key encryption. So, let’s start with that:
Public key encryption allows the sender to encrypt plaintext with the receiver’s public key. The receiver can then decrypt the encrypted text with their private key. This means that the encrypted message can not be viewed by anyone except for the recipient.
This stops anyone else viewing the message.
However, once the message is sent, there is no way for the sender to delete it.
Enter proxy re-encryption
Proxy re-encryption is a way of encrypting a file for one recipient and then having a middle-party rekey that encrypted file, so that different recipients are able to decrypt it.
This process allows for access control to the files; decryption rights can be granted and revoked at will.
This has some use for sharing normal files, however once a third party has accessed a file, even if their rights to access it are revoked, they may have already copied over the data. The real benefits of access control are to streams of information.
The mechanism for how this works is best understood with an analogy.
It’s February 2017 and Bob buys a bunch of dogecoin.
Fast forward to February 2018 and Bob’s dogecoin is now at 30x. Bob is a dogecoin millionaire running a 24 / 7 livestream out of room 1001 at the Bellagio in Vegas.
Alice decides that she wants to make an appearance on the livestream. Bob only has one key to the room, and he doesn’t want Alice to be able to access the livestream all the time. So Bob asks Alice to send him a lock that she has the key to.
Bob’s room, 1001, has an adjoining door to room 1002. Bob books room 1002 as well. He places the key for room 1002 inside a brief case, locks the briefcase with Alice’s lock, and leaves it with reception. Bob then opens the door between the two rooms.
On arrival Alice collects the brief case, unlocks it, and gets the key to room 1002. Alice enters room 1002 with the key that was in the briefcase, walks through the adjoining door in to room 1001, and is able to appear on the livestream - all without access to Bob’s room key.
The room key to 1002 (intermediate private key) on its own is not enough for Alice to get access to the livestream. The adjoining door between the two rooms needs to be opened by Bob as well.
Bob can revoke Alice’s access by closing the adjoining door. If room 1002 has a adjoining door to 1003, Alice can grant and revoke access to another person as well (multi-hop proxy re-encryption). This way she can invite other talented guests on to his livestream, and Bob can still retain control of the show by closing and opening his adjoining door.
That, in essence, is how proxy re-encryption works.
Why is this exciting?
Shared data lakes for enterprise.
Enterprises have huge amounts of data in their data lakes. NuCypher has indicated that some of their pilot customers want to share their encrypted files in a data lake with other organizations and have each organization bring their own key. Multi-tenant, multi-source data lakes enable different government organizations to collaborate, e.g. CIA, SEC, Homeland Security, Tesla, Twitter and the FDA could securely share data with ease.
