Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Hidden Space, in a sense, is the next generation of the Signal protocol, but for more complex and sophisticated devices that go beyond texting and calling, says Matt Green, a professor of computing at Johns Hopkins. “They’ve created a system that’s a bit more advanced than what encryption can be, where you have real infrastructure for doing encryption,” says Green, who reviewed a white paper describing the Encrypted Spaces project and similar work. “You can think of it as the Signal protocol for interoperability.”
Unlike Signal, however, the code that the Encrypted Spaces team has released is not, at this point, a single, ready-to-use program. Instead, it’s a database that the group is inviting cryptography researchers and developers to review, with the goal of allowing coders to create their own collaborative programs – but without requiring any cryptographic knowledge. “We want to produce because there is no producer I wouldn’t do that they want their work to be closed, because it’s easier,” says Trapp.
Adjust Logs and Rollers Zero-Knowledge
Encrypted Spaces aims to overcome a major limitation of end-to-end encryption software: Because the server cannot encrypt user data, any changes to that information must be made on the user’s device. This works best if the program is a pipe connecting the phones of two users, each of which has a key to delete their conversation. But when the application is a collaborative platform with many or hundreds of users working together, the type of end-to-end encryption creates a serious problem: The application cannot simply store user information on a server and manage it in a central location as it is the case in a fixed platform like Slack or Google Docs.
Encrypted Space has a new version: The built-in software manages data from a central server and allows all users to modify the information while maintaining encryption. Specifically, Encrypted Locations keeps a log of changes – a record of every change to the encrypted data that users make over time – which can be shared by the program on the phone or computer of each user, so that the program can implement the changes locally and save each person’s version of the changes and the fact that they have been changed.
The server uses zero-knowledge, a new encryption method, to confirm to everyone’s device that no changes are missing and no malicious changes have been made, but without the server having found unwritten content or changes to it. (Hence “information without knowledge.”) Instead, Hidden Spaces can use a kind of “roll-up” property of zero-knowledge to ensure that each user has the latest version of their group’s data without applying any changes in the entire change log. “The server can put those changes as proof that what’s going on now reflects the whole history,” says Perrin. “It can make sure it’s used the switch block correctly without sending it.”
The server also uses anonymous credentials to monitor how people use private keys that allow only authorized users to edit and modify data, allows new users to be invited, and can restore their access if someone leaves the group. Space users can also choose to share the entire history of the program or limit the new invitee to new messages or data added after logging in.
