[Short general description]: NuCypher KMS is a decentralized key management system (KMS), encryption, and access control service. It enables private data sharing between arbitrary numbers of participants in public consensus networks, using proxy re-encryption to delegate decryption rights in a way that cannot be achieved by traditional symmetric or public-key encryption schemes. Native tokens will be used to incentivize network participants to perform key management and access delegation/revocation operations.
[Main problems tackled]: Proxy re-encryption allows NuCypher KMS to split the trust between access management and decryption rights, without introducing an always-online always-trusted entity (such as a traditional key management system). Miners never see plaintext data, or anything which allows them to decrypt the data. They are solely responsible for storing re-encryption keys and applying re-encryption functions.
Nucypher has encountered three risks:
1) collusion between a miner and a reader of the data - solution: pseudo-anonymity of re-encryption keys, splitkey proxy re-encryption, and a challenge protocol.
2) nodes malfunctioning - solution: challenge protocol.
3) nodes colluding with each other to perform 50% attacks - solution: the attacker only gains the ability to wrongfully apply re-encryption policies, not to decrypt data nor to grant access to a user who hasn’t been granted access to the data.
Other problems tacked:
1) pseudo-Anonymity - of re-encryption keys also enables nucypher to run a challenge protocol.
2) split-key re-encryption - Instead of one re-encryption key, m-of-m re-encryption keys can be used to produce “re-encryption shares.” These shares can be combined client-side.
3) challenge protocol - designing a challenge protocol is a complex problem related to “fair exchange” protocols. It requires careful design and testing, and Ethereum’s Proof-of-Stake (Casper) protocol is facing this complexity now. It may be possible to just check correctness on the level of the encryption algorithm.
4) hardware-enforced security - if miners misbehave, they risk losing their collateral deposit.
[Main contribution proposal]: Is based on functionality, NuCypher KMS can be interfaced from a traditional, centralized application. Thus NuCypher will see functionality functions such as:
1) sharing short secrets
2) sharing files and hierarchical data
3) encrypting bulk data
4) sharing encrypted streams,
5) time-based and condition-based policies
6) key rotation.
It is worth mentioning that in order to provide re-encryption services, a node needs to send its deposit to a smart contract (while specifying the lock time). After the time expires, the node can withdraw the stake from it. The objective is to have rewards minted to staking nodes if they correctly provide re-encryption services. For initial release NuCypher will ensure that the nodes are staying online and correctly re-encrypting the data without requiring anonymization.
[Innovation]: Use cases. NuCypher KMS provides the infrastructure for a variety of applications that require sharing of sensitive data as a basic functionality. The ability to condition decryption operations on public actions on the consensus network, such as the publication of certain messages, payments made between specific parties, and other events, enables a range of applications including:
1) sharing encrypted files (“Decentralized Dropbox”)
2) end-to-end encrypted group chat (“Encrypted Slack”)
3) patient-controlled electronic health records (EHR)
4) decentralized digital rights management (DDRM)
5) blind identity management
6) secret credentials management for scripts and backend applications
7) shared credentials and enterprise password management
8) mandatory access logging
9) mobile device management (MDM) and revocation
10) private use of NuCypher KMS