Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
IronHide: A Better Team Encryption Tool
A few months ago, we quietly released a little utility that brings the power of proxy re-encryption to the command line. Proxy re-encryption, which we call transform cryptography, allows you to encrypt data to Alice and for Alice to delegate decryption rights to Bob. We take this public key delegation to a world with groups. For example, Charlie creates a group, Beta, and then encrypts to that group. Charlie then independently adds members to the Beta group, including Alice and Bob. Charlie can remove them at any time or make them co-administrators. Alice and Bob can decrypt anything encrypted to that group and can also encrypt to it. This is all done using elliptic curve public key cryptography with nice security guarantees.
The Problem
Existing encryption tools like GPG work great for securing data for yourself or sending something to another person, but when you need to share files with multiple people, you run into problems with the management of those files over time.
At IronCore, we have some secrets we share among developers. Our LetsEncrypt private developer certificates are one example. We renew these every few months, and all of our developers need them. Once upon a time, we used GPG to encrypt these. Each time weâd encrypt to each of the current developers (hopefully not forgetting anyone). Then we shared the encrypted file in a shared drive. For a small group, this is feasible; it would fail entirely for a large group. But even with a small group, it was problematic.
When someone left or when we hired a new developer, we had to find all our secrets, decrypt them, encrypt to the updated list of people, and re-share. We didnât have a way to revoke access to the previous files. Plus there was a dance of getting the new person to set up and publish a new GPG key before we could add them. With IronHide, they just need to login once and then you share with them using their email address.
Other teams use tools like LastPass and 1Password to share developer secrets. These are great tools for individual use, but Iâve never been comfortable with the revocation and rotation stories. Also, the team editions require paid subscriptions, which weâd rather avoid.
Introducing IronHide
IronHide is an easy-to-use open source file encryption and decryption command line utility for working with files that you need to share with groups where group membership may change over time and grow to arbitrary size.
IronHide requires npm to install:
npm install -g @ironcorelabs/ironhide.
When you first run it, youâll be taken through a series of steps that generate your initial keys, protect your master key with a passphrase (this is needed when authorizing new devices), and then install device keys on your local computer. Any device that you use IronHide on has its own set of cryptographic keys that never leave the device. Through the power of transform cryptography, you donât need to copy private keys around. Devices can be remotely revoked from another authorized device in the case of a lost or stolen laptop.
Once youâve done the initial login danceâââneeded so others can encrypt to you by email addressâââyou can start using the tool.
Groups arenât much fun unless you have friends who have signed up, too, so get a couple of friends on board to try it out with you.
Group Management
Anyone can create groups. When you create one, youâre the admin. You can add members like so:
ironhide group:create mygroupironhide group:addmembers -u \ john@example.com,karen@example.com mygroup
File Operations
Now that you have a group, you can encrypt to it by its name, like so:
ironhide file:encrypt -g mygroup secrets.json
This command encrypts secrets.json and puts the encrypted contents in a secrets.json.iron file. You can specify specific users, groups, and mix and match multiple of these. Note that by default, the plaintext file remains in place. You need to use the -d flag to automatically delete the plaintext source file.
Anyone who is a member of the group can decrypt the .iron file with this command (again, use -d to remove the original file if desired):
ironhide file:decrypt secrets.json.iron
Background
The crypto library that IronHide relies on is recrypt-rs, which is an open source rust library. IronHide itself is open source and requires node.js to install. All of the crypto code was audited, is constant time (side-channel resistant), and is based on published and peer-reviewed papers. We surface the rust library to browsers (via WebAssembly), to the JVM, and to Node, with more on the way.
âProxy re-encryptionâ is so named because it needs a semi-trusted proxy that can transform ciphertext encrypted to Alice to ciphertext encrypted to Bob, without decrypting the ciphertext in the middle or learning anything about anyoneâs private keys or the encrypted data. The âsemiâ part of the trust comes from the revocation use case. You have to trust the proxy to actually delete the data that enabled a user to be part of a group when you remove that person.
IronCore hosts the âproxyâ service (not a proxy in the network sense) and also manages identity, public keys, and groups. We do this for free and promise to continue to do so. Our motivation is to spread awareness about what the technology can do. Itâs incredibly useful for minimizing trusted systems and managing trusted users.
From a privacy perspective, you should know that we hold email addresses, group names, and membership lists. We also hold document IDs and encrypted document keys (EDEKs). Your data never leaves your machine, and even if it did, we have no way to decrypt it. However, we know thereâs a document somewhere shared with some set of users and groups, and we know the email addresses of the group members. If this is too much data leakage for your use case, such as if youâre a reporter or a dissident who needs to protect who youâre communicating with and not just what youâre communicating, then IronHide isnât for you (but the underlying libraries still may be).
If the tool becomes popular, weâll work to reduce the amount of metadata we can see (send us feedback!), but for now, weâve prioritized business cases where metadata visibility is frequently required for reporting purposes.
Summary
IronHide is a handy tool for encrypting files to users and groups with low friction. Itâs also a practical demonstration of transform cryptography (aka proxy re-encryption) and how it can be used to solve hard problems.
If youâre interested in the core technology and want to build low-trust and zero-trust solutions; secure desktop, mobile, or web apps; access controls that travel with data; secret management without the shared secrets; or similar, please get in touch with us. Weâd love to talk to you and to hear your feedback.
About IronCore: IronCore is a data privacy platform that helps bring customers (businesses or end users) control of their data. IronCore supports a variety of data control delegation schemes including Customer Managed Keys and end-to-end encryption at scale without the hassle.
To dive deeper on transform cryptography, check out a short video overview or read the docs.
IronHide: Better Team Encryption was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.