Written by irinagoncharova
NuCypher, the company which is supported by Silicon Valley investors, wants to bring confidentiality and security to the blockchain in a decentralized world. It is a body armour for data.
NuCypher implements NuCypher KMS (Key management System), which is based on proxy re-encryption (PRE), and ensures decentralized key management, cryptographic access control, data storage and sharing without any dependence from a central server. The project tries to solve the issue of privacy of data, as in current conditions traditional encryption and access control are not enough. Nucypher KMS is being developed by NuCypher, the proxy re-encryption company, founded by Maclane Wilkison , software engineer and co-founder of Loancoin (decentralized bank and crowdlending network). NuCypher is one of the most expected ICO’s upcoming in 2018. NuCypher has collected US$4,3 million in a token pre-sale from more than a dozen of cryptofunds and venture capital enterprises. According to developer’s team, the sale will not happen until mainnet is live. NuCypher is committed to launching a useful network service until launching the token. NuCypher’s protocol is based on Ethereum blockchain protocol, and it runs across other blockchains. The product is an open source and still in development, the mainnet is expected being live approximately in spring 2018.
Above all, the main concept idea of the project is implementing the NuCypher KMS (KEY Management System) that offers a threshold proxy re-encryption (PRE) and ensures decentralized key management, data safe storage and sharing, cryptographic access verification without any dependence from a central server.
In other words, NuCypher KMS should become the analogue of TLS (Transport Layer Security) and SSL (Secure Sockets Layer) to secure web applications, but to decentralized apps. “Without TLS, no safe e-commerce would be possible and we wouldn’t be able to trust websites with our private data. Imagine living in a house made of glass - that’s how your digital life would be seen by hackers if TLS didn’t exist,” the company says.
NuCypher has participated in employment of KMS and successfully partnered with some other blockchain organizations, who have committed to using the new KMS. The list includes:
The product is an open source, and a code has already been published. The MVP is available at the following link - Nucypher KMS.
- NuCypher is a venture-funded security and encryption platform for distributed systems, including big data, blockchain, cloud, and Internet of things (IoT).
- NuCypher does not have its own blockchain. According to developer’s team, the current plan is to use Ethereum.
- Umbral: a threshold proxy re-encryption scheme. It follows Key Encapsulation Mechanism (KEM) approach. More details are provided in Technical Paper.
- Security is provided by means of proxy re-encryption; it is a type of public-key encryption that allows a third-party proxy (proxy-entity) to transform cipher texts from one public key to another (using re-encryption keys) without learning anything about the underlying message as it is illustrated on the FIG.1. It is a core technology of NuCypher. In other words, it is a way to share encrypted data with no necessity to allocate the private key or to decode the data between two users at first. PRE is applicable for N-to-N communication with arbitrary numbers of data producers and consumers. In a typical PRE scenario there are many actors to observe.
(Source: NuCypher KMS Primer)
Re-encryption tokens can be created and applied at any point, therefore it is not required to know the recipient of a message in advance.
This power to safely delegate admission to private, encrypted data, makes it an ideal property for constructing cryptographic access control for different distributed structure such as blockchain, big massive data, and internet of things (IoT). It allows to ensure the correctness and reliability of cryptographic operations.
Proxy re-encryption allows NuCypher KMS to split the trust between access and decryption rights, without introducing an always-online entity (which happens in a traditional key management system). As a result, miners never observe plaintext data, or anything which may allow to decrypt the data.
Therefore, NuCypher KMS, which itself is a decentralized key management system (KMS), encryption, and access control service. It enables the sharing of secret storage and private, encrypted data in public consensus networks. For a deeper dive, it is also possible to check all the information and technical details in NuCypher whitepaper.
- The miners will use tokens in order to get reward for decryption. Processing capacity is directly connected with the number of tokens. Secondly, they will reward for an opportunity to do work. At last, miners will use tokens to punish for cheating and false encryption.
- The clients will use tokens to pay for creation of data and data ownership and pay to get access to data. Some use cases may be the following:
- ‘Decentralised DropBox’
Files can be encrypted and stored in decentralized file servers like IPFS, Sia, Storj, or Swarm, or centralized ones like S3;
- Encrypted group chat
PRE is an ideal for end-to-end group chatting, in which multiple participants require access to messaging systems like Slack, Telegram;
- Electronic health records
The information can be stored in a centralized/decentralized backend. If a patient wants to share his/her personal data with a hospital, it grants temporary access to the third-party.
- Shared credentials and enterprise password management
NuCypher KMS can be also used for shared credentials that employees use to access web services
- Secret credentials management for scripts and back-end applications
NuCypher KMS is applicable for the storage of any secrets (for example, sensitive environment variables, database credentials, and API keys);
- Decentralised digital rights management
The services can be controlled by a smart contract (for example, Netflix and other market places selling software, photos, and other digital products)
- Blind IDentity management
The service re-encrypts ID credentials for third-party applications without the identity provider ever having access.
- ‘Decentralised DropBox’
The current products of NuCypher cater to big data platforms like Hadoop and Kafka. Primarily, it sells to large financial institutions and banks with stringent security and compliance requirements, helping them securely move to the public cloud, comply with data protection notions, and share sensitive data with customers, partners, and regulators. Market potential for NuCypher may exist in different fields besides financial institutions - healthcare, insurance, media platforms, etc.
As it was mentioned above, NuCypher is not based on its own blockchain, and it has to be built on Ethereum. Ethereum has to switch to proof of stake as its consensus mechanism ( unlike Bitcoin, where consensus is reached by mining) .
In general, there are following approaches to private data in frames of blockchain technology: MPC (multi party computation), private blockchain, zero knowledge protocol and hash reveal. If we consider MPC, the main disadvantage is a communication overhead for interacting between nodes. Private blockchains are unable to operate in a trustless environment. Zero knowledge proofs can not provide safe delegation of data, and it is its main drawback. The hash reveal is inconvenient as it is required for all of the parties involved in the transaction to be online simultaneously. As a result, currently there are no projects implementing the same approach as NuCypher does.
The main competitors can be also are the traditional centralised KMS services. However, traditional systems are typically expensive and technically difficult in some cases. For example, Google Cloud KMS and Amazon CloudHSM functions well, but both require a high level of trust in the service provider. Another example is Besafe.io, which is a centralised proxy re-encryption service. CMS (Content Management System), i.e Word Press, Joomla, Drupal, etc. The main advantage of blockchain is a decentralized control, which eliminates risks of destroying or changing data. In other words, NuCypher builds security and privacy into its very structure, meanwhile traditional data structures are often the objects to hacking and fraud. Moreover, the core technology of blockchain (unlike in traditional database) is transparency and verifiability. That means, that every user can check if the original data is not altered or corrupted.
- The NuCypher has it’s own token (ticker) NKMS.
- Token type is ERC20
- Token allocation and token distribution: N/A yet
- Token utility:
As it is outlined in Whitepapers: “Protocol economies consist of a network of miners that contribute work to provide a scarce resource and that is rewarded when said resource is consumed. In NuCypher KMS, miners are re-encryption nodes. Anyone can become a miner and their rewards are differentiated based on the amount of re-encryption operations provided. Access to the scarce re-encryption services must be controlled and allocated to the highest value uses.” NKMS is both the reward that miners get for contributing work and the price consumers pay for access to re-encryption services.
No information regarding the public token sale have been released at this stage, token sale period is not set yet.
- Token pre-sale is on 12 of December, 2017
- Sold on pre-sale: 4,300,000 USD
- Accepted cryptocurrency: ETH
During the video interview talk of the NuCypher’s co-founder and CTO Michael Egorov with a representative from ICODrops was said that there was a pre-sale for the funds amounting to $4 millions at a discount of approximately 50%. “The approximate cap will be 25 mln,” Michael said. You can check this interview in Youtube.
You can also find more information on the Github.
Information available from NuCypher’s profile in LinkedIn shows that company was founded in 2015 as a Sole Proprietorship with headquarters in San Francisco, California, USA.
The information regarding selling company ZeroDB, Inc:
File Number: 5717725
Incorporation Date / Formation Date: 26 March 2015
Entity Kind: Corporation
Entity Type: General
INCORP SERVICES, INC.
919 North Market Street, Suite 950
Wilmington, New Castle County, Delaware 19899, USA
- MacLane Wilkison
- Michael Egorov
This information is also represented on the site of United States Securities and Exchange Commission (SEC) and available on the following link: sec.gov.
There is no public information available regarding the legal information at the present moment ass the token sale period is not set. As the NuCypher’s co-founders and team-members are available for the questions and queries via open sources, they kindly inform that legal structuring is still in process, so the company has no information to share publicly other than to admit that NuCypher’s intention is to comply with all relevant legal requirements. Accordingly, the smart contracts are audited by multiple third-party cybersecurity auditors.
NuCephyr’s official page in LinkedIn indicates that the team consists of 8 employees. It is not possible to reach all the members’ profiles in LinkedIn though. Leadership is presented by following persons:
- Co-Founder and CEO — MacLane Wilkison
MacLane is a software engineer, earlier had a position at Morgan Stanley as an Investment Banking Analyst (Media and Communications Group), where he was able to gain the wide experience in internet infrastructure and cloud storage hence working with the cyber security and compliance issues, storage and data sharing.
- Co-Founder and CTO — Dr Michael Egorov
Michael is an owner of a Ph.D in Philosophy and Physics. He has previous experience as a software engineer in Russia, Australia and the USA. At his previous position he was a Senior Software Engineer at LinkedIn in USA, and he was devoted to building various infrastructure tools.
Among others, NuCypher’s Consultant Sergey Zotov is a Java architect with experience in Hadoop and blockchain technologies.
Among the advisors and partners there are two professors of Computer Science- Professor Dave Evans and Professor Isaac Agudo; a specialist in the field of cryptography, and co-author of “Improved Proxy Re-encryption Schemes with Applications to Secure Distributed Storage”; other advisors are entrepreneurs and businessmen- John Bantleman (Rainstor) and Tony Bishop (Equinix).
- NuCypher KMS is a decentralized key management service and cryptographic access control layer for the blockchain and decentralized applications. Developers, enterprises and entities alike would be able to leverage it to build foolproof applications in banking and financial services, healthcare, media industry, and more. NuCypher KMS wants to build a solution to be used everywhere from encoded content marketplaces to private credentials management.
- Comparing to the competitors (traditional centralised KMS systems) NuCypher’s key advantage is decentralization, transparency and security of data. This looks like a genuine solution for many use cases which are not clearly addressed so far in blockchain technology. As a matter of fact, as we are going to live in an era where new technologies should be focused on security and privacy, NuCypher KMS seems to be promising bet.
- The NuCypher’s mainnet is expected in Q1/2018. The project MVP is already available, however, an uncertainty remains concerning the way how the final product will operate.
- At the current phase no information regarding the public token sale has been released; the token sale period is not set yet. During token pre-sale in December 2017 more than 4 mln USD were raised.
- There is currently a legal risk as not enough information is available.
- NuCypher’s team contains at least one developer experienced in blockchain.
For more details on the project visit the NuCypher website on the following link NuCypher and NuCypher FAQ’s.
You can join NuCypher Slack, Telegram, Mail list for updates, Twitter as well.
More than that, it is also recommended to check NuCypher’s profile on Reddit, Medium, GitHub
 Gabriel Kaptchuk, Ian Miers, and Matthew Green, “Managing secrets with consensus networks: Fairness, ransomware and access control,” Cryptology ePrint Archive, Report 2017/201 (2017).
 Diana Ngo, “Coin Journal”, (2017). Retrieved from URL: https://coinjournal.net/blockchain-security-platform-nucypher-raises-us4-3m-cryptofunds-vcs/?utm_content=64383751&utm_medium=social&utm_source=facebook
 “NuCypher brings privacy and security to the public blockchain”, (2017). Retrieved from URL: https://blog.nucypher.com/nucypher-brings-privacy-and-security-to-the-public-blockchain-fe233537647e
 “MediBloc Leverages NuCypher for its Blockchain-based Healthcare Information Ecosystem”,(2017). Retrieved from URL: https://blog.nucypher.com/medibloc-leverages-nucypher-for-its-blockchain-based-healthcare-information-ecosystem-438534cdab8e
 NuCypher KMS Primer,(2017). Retrieved from URL: https://cdn2.hubspot.net/hubfs/2807639/NuCypher%20KMS%20Primer.pdf
 David Nuñez, Isaac Agudo, and Javier Lopez, “Proxy Re-Encryption: Analysis of Constructions and its Application to Secure Access Delegation,” Journal of Network and Computer Applications 87, 193–209 (2017).
 Joe Libkind, “4 Blockchain Contenders in Competition with Ethereum”, (2017). Retrieved from URL: https://www.investopedia.com/news/4-blockchain-contenders-competition-ethereum/
 Emily Parker, “Can China Contain Bitcoin?”, (2017). Retrieved from URL: https://www.technologyreview.com/s/609320/can-china-contain-bitcoin/