This interview is part of our new Blockchain In Cybersecurity series, where we interview the world's leading thought leaders on the front lines of the intersections between blockchain and cybersecurity.
In this interview we speak with MacLane Wilkison, CEO and co-founder of NuCypher, to understand how his company is using blockchain to transform the cybersecurity business, and what the future of the industry holds.
1. What’s the story behind NuCypher? Why and how did you begin?
MW: NuCypher's mission is to empower privacy in our digital lives. We believe the best way to do that is by embedding privacy-preserving technologies into the core of the applications and protocols we use every day. NuCypher provides the tools, libraries, and infrastructure that make that easy, safe, and secure for developers to do, without being cryptography experts.
We originally started by building ZeroDB, an end-to-end encrypted database, and have since built several cryptographic libraries including pyUmbral, a threshold proxy re-encryption scheme and NuFHE, a GPU-accelerated fully homomorphic encryption library.
Today, the NuCypher Network, which leverages pyUmbral as a core primitive, is the primary way we deliver our offerings.
2. Please describe your use case and how NuCypher uses blockchain:
MW: The NuCypher Network is a decentralized data privacy and access control layer. It uses a cryptographic primitive called proxy re-encryption (PRE) to manage permissions on encrypted data, meaning you can encrypt data once under your own key and then seamlessly grant and revoke access to that data to others. With PRE, a proxy(ies), are able to re-key data from one key to another without learning anything about the plain text data. This makes for an elegant solution for secrets management or secure data exchange use cases.
We use the Ethereum blockchain primarily as a coordination mechanism for the aforementioned proxies. By requiring the proxies to stake in order to join the network, the blockchain provides Sybil-resistance and liveness guarantees (via slashing if a node goes offline for an extended period).
3. Could you share a specific customer/user that benefits from what you offer? What has your service done for them?
MW: An illustrative example is someone building a healthcare application on Ethereum and trying to store patient medical records in a decentralized file storage system like IPFS or Swarm. Of course, those medical records will need to be encrypted. But they also need to be shared with various recipients – doctors, insurance providers, hospitals, etc. With vanilla public-key encryption this poses a problem: Should the patient share their private key with their doctor? Or should they download the encrypted data client-side, decrypt it, encrypt with the doctor's public key, and then forward it to them? Both approaches are either insecure or inconvenient.
With proxy re-encryption, the patient can simply encrypt once and then use the NuCypher Network, to trustlessly grant their doctor access without having to share private keys or do a network-heavy download/decrypt/encrypt/send dance.
4. What other blockchain use cases in cybersecurity are you excited about?
MW: Using blockchain as a way to provision services is fascinating. Combining cryptography and economic incentives to coordinate networks of untrusted computers to carry out some desired task–computation, data storage, or vertical use cases like video transcoding in Livepeer–is a novel and exciting challenge.
5. Where will NuCypher be in 5 years?
MW: While our company has been the initial steward and core developer of the NuCypher Network, the ultimate goal is for the network to be self-sustaining and self-directed via decentralized governance. Where the NuCypher Network will be in 5 years is up to its stakeholders – the developers, node operators, and users that build, stake, and use the network. We anticipate they'll want to add new cryptographic primitives and functionality to the network – potentially things like Shamir's secret sharing, fully homomorphic computation, threshold signatures, or zero-knowledge proofs.