Privacy-Preserving Accountable Decryption
PAD is a new tool to safeguard and responsibly share your data. Only parties you nominate have access rights, and PAD automatically provides you with proofs of who has accessed your data, how many times, and when.
The PAD tech mission is to ensure that you are necessarily informed when data relevant to you are processed. It does this by forcing decryptions of the data to be reported on a blockchain. Decryptions simply cannot happen otherwise. You can inspect the blockchain to see which decryptions of data relevant to you have taken place, and you have the evidence to take action against those who have decrypted your data outside the agreed terms. All this happens without the actual data being revealed otherwise.
The PAD workflow starts with data relevant to you becoming PAD-encrypted. This can be any kind of data, such as financial data, medical data, identity data, or others. Once the data is PAD-encrypted, the only way it can be viewed or processed is by PAD-decrypting it. But PAD-decryption is possible only if a record of the decryption request has been placed on the relevant ledger or blockchain. This ensures that the acts of decryption can never be done stealthily and are instead inevitably recorded on a tamper-proof blockchain. You can see the decryption request there; you know and can prove that your data has been accessed and processed.
PAD stands for Privacy-Preserving Accountable Decryption. Here, "accountable" means that the decryptor can be held accountable because the decryption event has necessarily been recorded on the blockchain. "Privacy-preserving" refers to the fact that the ability to hold the decryptor to account means that data are less likely to be decrypted without legitimate reason, and hence people's privacy will be preserved.
Share your location with trusted friends – Sidekick lets you know exactly which friend has accessed your location and when. Stay looked after, and know when you are looked after.
Decentralise your crypto keys among a group of trusted friends. Access can be set up so that if the group agrees, the crypto keys can be decrypted and recovered solely by the original owner.
Trustees are the electronic gatekeepers of a user's secret. The ability to decrypt a user's secret is split across multiple trustees so that no one party can control access. They monitor the blockchain for legitimate decryption requests and share the means of access.
Central to the transparency of decryption in PAD is the blockchain. By monitoring the blockchain, a user can determine whether and by whom a secret has been decrypted.
A user has certain knowledge of whether the user's secret has been decrypted legitimately by an authorised party or not.
The authorised party posts a request to the blockchain when a decision to decrypt a user's secret is made. The protocol validates such a request and records it without the need for participation by the user.
Alice encrypts her data and splits up the decryption key.
Alice sends the encrypted data to Bob and the decryption key shares to the trustees.
Trustees monitor the blockchain and respond to legitimate decryption requests, ensuring that only the right people can access the data.
Bob submits a decryption request to the blockchain.
Trustees see the request and publish fragments of the decryption key.
Once a threshold number of trustees have responded to the request, Bob can decrypt the data.
Trustees monitor the PAD ledger for decryption requests that require their action. When they see a decryption request that is associated with them, they perform a partial decryption. Each of the trustees publishes a share of the decryption key. Once the threshold number of the trustees has published the plaintext share, Alice knows that Bob now has access to her secret.
The PAD trustee community is continuously growing and we are proud to have onboarded the following trustees:
The PAD team are currently recruiting trustees so we can develop privacy management applications and new products that are appropriate for deployment in the real world.
Trustees are a core component of PAD as this is a means of decentralising trust. As a trustee, you share our common interest in advancing methods of socially secured data protection.
Given their essential role, trustees should be run by trusted and credible institutions, which is why we are currently only accepting applications from Universities and/or registered charities.
WHY BECOME A
Support a new privacy technology and share our values in enabling a society with the tools for accountable and transparent means of sharing and accessing data.
As one of the first decentralised trustees, benefit from a collaborative research relationship by sharing in the research outcomes.
Publicise your partnership with the PAD team to gain recognition for the important role you play in providing a service for society to safely share and access data.
The PAD team have made the onboarding and maintenance requirements of a trustee minimal. See the trustee onboarding process below.
TRUSTEE ONBOARDING PROCESS
Trustee & SW7 Group sign a Research Collaboration Agreement.
SW7 Group send a pre-imaged Raspberry Pi (RPi) with instructions to the Trustee. Code is available for the Trustee to view.
Trustee connects the RPi to the power and public internet.
Trustee generates their private keys and SW7 Group register the Trustee.
Trustee chooses which application to join.