End-to-end encryption for Dapps with NuCypher KMS. Sergey Zotov, software developer, nucypher
0 likes186 views
This document discusses end-to-end encryption for decentralized applications (DApps) using NuCypher Key Management System (KMS). It proposes using proxy re-encryption and decentralization to provide encryption without a central server. Proxy re-encryption allows sharing of encrypted data between users through re-encrypting proxies. NuCypher KMS uses threshold split-key re-encryption to further decentralize the system across multiple proxies. The document outlines early use cases for NuCypher KMS in areas like marketplaces, databases, and medical data sharing.
![Solution
Proxy re-encryption + decentralization
Receiver
[ ]
[ ]
= decrypt( , )
{ }
= decrypt( , ){ }
Network of re-encrypting proxies
Sergey NuCypher KMS 16 Dec 2017 6 / 18](https://image.slidesharecdn.com/o5rvynafqtgjvbmrkatd-signature-c42a9f761ec001a788ada302b891acbcdc501ba1a6ebf1a49eb86eb6fd9f8b68-poli-180301004426/85/End-to-end-encryption-for-Dapps-with-NuCypher-KMS-Sergey-Zotov-software-developer-nucypher-6-320.jpg)
End-to-end encryption for Dapps with NuCypher KMS. Sergey Zotov, software developer, nucypher
- 1. End-to-end encryption for DApps with NuCypher KMS Sergey Zotov Blockchain Fairytales, 16 Dec 2017 Sergey NuCypher KMS 16 Dec 2017 1 / 18
- 2. Why Encrypted file sharing Sender Receiver Receiver Receiver Storage ? Sergey NuCypher KMS 16 Dec 2017 2 / 18
- 3. Why Encrypted multi-user chats Chat messages Sender Different receivers Sergey NuCypher KMS 16 Dec 2017 3 / 18
- 4. Why Decentralized Netflix Content producer Receiver Receiver Receiver CDN if ( ): if ( ): if ( ): Sergey NuCypher KMS 16 Dec 2017 4 / 18
- 5. Central server + TLS Data vulnerable to hackers, state actors etc Sender Receiver Receiver Receiver Sergey NuCypher KMS 16 Dec 2017 5 / 18
- 6. Solution Proxy re-encryption + decentralization Receiver [ ] [ ] = decrypt( , ) { } = decrypt( , ){ } Network of re-encrypting proxies Sergey NuCypher KMS 16 Dec 2017 6 / 18
- 7. What is proxy re-encryption (PRE) Alice Bob Proxy skA — Alice’s secret key; pkA — Alice’s public key; rkA→B — re-encryption key. skB — Bob’s secret key; pkB — Bob’s public key; Sergey NuCypher KMS 16 Dec 2017 7 / 18
- 8. Centralized KMS using PRE Encryption EDEKSender Receiver Proxy Storage Sergey NuCypher KMS 16 Dec 2017 8 / 18
- 9. Centralized KMS using PRE Access delegation EDEK Sender Receiver Proxy Storage Sergey NuCypher KMS 16 Dec 2017 9 / 18
- 10. Centralized KMS using PRE Decryption EDEK Sender Receiver Proxy Storage EDEK EDEK' Sergey NuCypher KMS 16 Dec 2017 10 / 18
- 11. Decentralized key management Using threshold split-key re-encryption (Umbral) EDEK Receiver Proxy 2 Storage EDEK EDEK'1 Proxy 1 Proxy 3 EDEK EDEK'2 EDEK EDEK'3 https://github.com/nucypher/nucypher-kms/ https://github.com/nucypher/nucypher-pre-python/ Sergey NuCypher KMS 16 Dec 2017 11 / 18
- 12. KMS token Purpose Splitting trust between re-encryption nodes (more tokens = more trust and more work); In-network means of payment for deploying policies; Proof of Stake for minting new coins according to the mining schedule; Security deposit to be at stake against malicious behavior of nodes Sergey NuCypher KMS 16 Dec 2017 12 / 18
- 13. KMS token Mining Mining reward: reward = locked_tokens × reward_rate ∑ all miners locked_tokens + ∑ this miner miner_fees Sergey NuCypher KMS 16 Dec 2017 13 / 18
- 14. Early users Decentralized marketplaces: Datum; Helios. Decentralized databases: Bluzelle; Fluence; Wolk. Medical data sharing Medibloc; ZeroPass; Wholesome. IoT Spherity (together with BigchainDB). Sergey NuCypher KMS 16 Dec 2017 14 / 18
- 15. Investors Sergey NuCypher KMS 16 Dec 2017 15 / 18
- 16. Team Founders CTO, Michael Egorov (LinkedIn, MIPT) CEO, MacLane Wilkison (Morgan Stanley, CISSP) Sergey NuCypher KMS 16 Dec 2017 16 / 18
- 17. Team Advisors Prof. Giuseppe Ateniese (Stevens Institute of Technology) Prof. Dave Evans (University of Virginia) John Bantleman (Entrepreneur; Rainstor etc.) Tony Bishop (Equinix, Morgan Stanley) Sergey NuCypher KMS 16 Dec 2017 17 / 18
- 18. How to contribute, learn Website: https://nucypher.com/blockchain.html Github: https://github.com/nucypher/ Slack: https://nucypher-kms-slack.herokuapp.com/ Whitepaper: https://arxiv.org/abs/1707.06140 E-mail: hello@nucypher.com Sergey NuCypher KMS 16 Dec 2017 18 / 18