Semi-Decentralized Encryption/Decryption Mechanism

We think this solution provides the best of both worlds, with the benefits of decentralization, and the speed of centralization

Photo by Andre Francois on Unsplash

We at Varanida are true believers in decentralization, but the reality is that some processes can’t be decentralized and still perform the way we need them to. (At least not with today’s technology.)

In this post, our goal is to provide an outline for a semi-decentralized encryption and decryption mechanism, in order to get feedback from others who are interested in the concept, and would like to add to it.

For Varanida’s Real-Time Bidding system, which needs to handle real-time workloads and still provide a high level of fault tolerance, we are considering a hybrid approach, with a centralized computing system, and a decentralized ordered-hash storage system. We think this provides the best of both worlds, and makes for a complete system that is transparent, fair, and trusted by all parties.

In this semi-decentralized system, user data is encrypted and stored on centralized servers, while the user metadata (hash key, secret key, link to data) and transactions are encrypted, timestamped, and stored on the blockchain, making that data decentralized.

Here is an overview of how data flows in this semi-decentralized system:

Encryption Process:

1 — Encrypt data with the User’s Secret Key

2 — Store encrypted data on Varanida’s server (off-chain) and add a link to the data to the blockchain

3 — Generate Hash Key from the user data with SHA256 algorithm

4/5 — Create metadata using the Hash Key, User’s Secret Key, link to the data, and timestamp

6 — Encrypt metadata using Shared Secret Key

7 — Store encrypted metadata on the blockchain

Decryption Process:

1 — Get encrypted metadata from blockchain

2 — Decrypt this data using Shared Secret Key

3 — Retrieve the link to the data from metadata and find it on the server

4 — Get encrypted data from the server

5 — Decrypt data using the User’s Secret Key from metadata

6 — Get the Hash Key from the data using SHA256 algorithm, and the Hash Key from metadata

7 — Compare the Hash Keys, and if the hashes match, the data is authentic

Notes:

The User’s Secret Key is generated by the Varanida client extension. (The User’s Secret Key NEVER leaves the extension.) It enables the user to apply a symmetric AES encryption on their data.

The Shared Secret Key is based on the Varanida Public Key, and the User’s Secret Key. It allows encryption and decryption of the metadata stored on the blockchain.

The Hash Key is retrieved from a SHA256 hash algorithm. It allows comparison of the decrypted data hash and the original hash to ensure that the data has not been modified.

The decentralization of user metadata and transactions allows transparency, auditability, and neutrality, while the decentralization of bidding and matching leads to high-speed, low-latency, and scalability, bypassing the current limits of the blockchain.

In addition, because users maintain control over their own private keys, they still retain ultimate control over their own data, while the metadata can be analyzed and audited.

We think this solution provides the best of both worlds, with the benefits of decentralization, and the speed of centralization, but we want input and feedback from the community. Is there anything you want to know more about? Or anything you would add or change? Let us know in the comments!