The Encryption Protocol
The process of encrypting data (Part II of data security model)
The second element to ensuring data security, following the chunking of files uploaded to the Vuuple network, is the Vuuple Encryption Protocol. Although piecing together chunked files is nearly impossible, we wanted to add an additional layer of certainty to substantially decrease the possibility that anyone would even consider tampering with renters’ data.
This extra layer includes two facets:
1. Data is encrypted on the network
2. Data can be shared between certain renters on the network
To ensure the first criteria, a hybrid cryptosystem is implemented in the Vuuple network. After the chunking of data occurs; files are encrypted in an AES format. Unique, symmetric encryption keys (public keys) will be assigned to uploaded files. The encrypted chunks will be hashed to form Merkle Trees. Merkle Leaves will be replicated on lenders’ computers. Note, one lender will not have access to an entire tree. It will be distributed and replicated amongst multiple, reputable lenders. Once again, if lenders attempt to act maliciously with stored data, they will not be able to access the entire file as they will only contain a small data piece. Each file will have its Merkle Tree stored in a given Neo smart contract, where the public keys will also be stored. Encryption of the encapsulated keys will occur via an additional public key and decryption will occur via a private key. This asymmetric encryption is implemented to facilitate secure key retrieval and management; which Vuuple will use to verify data integrity. Renters can also check and verify their data at any time through the platform.
To further ensure the security of the data and the implementation of the second criteria, nodes (both lenders and renters) will not be able to communicate with each other directly, unless authorized. For data recall and sharing, only authorized renters will be able to communicate with their respective authorized lenders (users hosting the renter’s data).
For example:
If Lender A hosts data chunks of Renter A, the Vuuple platform implements a secure tunnel for open connection between Renter A and Lender A. This tunnel allows Renter A to access, decrypt, and download their data.
If Renter B tries to communicate with Lender A, Vuuple will refuse the communication as there is no in internal contract between the two parties. If Renter B wants to access Renter A’s file, Renter A must share the file with Renter B, giving Renter B access to the private key. Renter B can then communicate with Lender A, download, and decrypt the chunked file with the shared key.
Translated in English
After files are split into small pieces, a coding process occurs. This process changes the files into a different format than originally uploaded, to prevent lenders from viewing the internal contents. Renters contain the keys necessary to locate all pieces of data, reverse the coding process, and change the data back into its original form. If a renter chooses to share a file (such as a Word document) on the Vuuple network, they simply navigate to the desired user and press the “share” button. The keys automatically transfer, allowing the second renter to locate all pieces of the document and reverse the coding process.
