Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Encrypted spaces are, in a sense, the next generation of the Signal protocol, but for more complex, fully featured tools that go beyond messaging and calling, says Matt Green, a computer science professor who focuses on cryptography at Johns Hopkins University. “They’ve built a system that is an extension of what end-to-end encryption could be, where you have an actual architecture to do end-to-end encrypted collaboration,” says Green, who reviewed a paper outlining the Cryptospaces project and the prototype application. “You can think of it as the Signal protocol for collaboration applications.”
But unlike Signal, the code released by the Encrypted Spaces group is not a single app that is ready for use at the moment. Instead, it is a code repository that the group invites crypto researchers and developers to review, with the goal of eventually allowing programmers to build their own encrypted collaborative applications, but without requiring any coding knowledge. “We want to make it so there’s no reason for the developer won’t “They want to make their applications end-to-end encrypted, because it becomes so easy,” Trapp says.
Changelogs and zero-knowledge sets
Encrypted spaces aim to address a critical limitation of end-to-end encrypted applications: Because a server cannot decrypt users’ data, any processing of that information must take place on users’ devices. This works well enough when the application is a pipe connecting two users’ phones, each of which carries a key to decrypt their conversation. But when an app is a collaborative platform with dozens or hundreds of users working together, this end-to-end encryption model creates a severe limitation: the app can’t simply store users’ information on a server and process it in that central location as it can with an unencrypted platform like Slack or Google Docs.
Encrypted Spaces introduces a new model: the application built with it manages data from a central server and allows users to collectively make changes to that information while keeping it encrypted. More specifically, encrypted spaces keep a change log — a record of every change to encrypted data that users make over time — which can be shared with the app on each user’s phone or computer, so that the app can commit those changes locally and keep everyone’s copy of the information in sync and up-to-date.
The server uses zero-knowledge proof, a relatively new encryption technology, to prove to each user’s device that no changes are missing and no rogue changes have been made, but without the server accessing the unencrypted data or changes to it. (hence “zero knowledge”). In fact, cryptospaces can use a kind of “exposure” feature for zero-knowledge proofs to ensure that each user gets the latest version of their group’s data without applying every change to the entire change history. “The server can compile the changes into a summary proof that this current state reflects all of history,” Perrin says. “It can convince you that it has implemented the changelog correctly without you having to actually submit it.”
The server also uses zero-knowledge proofs to oversee how people’s devices manage encryption keys that allow only authorized users to decrypt and modify data, invite new users in, and can prove their access if someone leaves the group. Space users can also choose to share the app’s full history or limit new invitees to new messages or data added after their entry.
