Our research is focused on applying modern cryptography for providing complete sensitive data lifecycle protection yet preserving usability. We build software solutions around technologies like zero knowledge secure search, end-to-end encrypted data collaboration, and zero knowledge authentication.
This paper is about practical aspects of solving search challenges over encrypted data based on blind indexes in a practical threat model where only plaintext direct leakage is considered to be risky event. We took most practical thing we understand well: proxying SQL and applying security on top of it, because that’s what we do well in general.
Distributed data protection and access control schemes are vastly different: from wild dreams to boring simple designs. Hermes is based on a number of traditional cryptographic techniques that facilitate efficient structured data sharing, with efficient key management procedures surrounding it.
This whitepaper outlines the first stage of our efforts at securing request authentication in zero-trust environments by implementing Socialist Millionaire’s Protocol on top of ed25519. This is revision 1.2, which includes fixes against the possible security drawbacks flagged up by the security community. Secure Comparator is actively used in Themis.