Patrick Walsh
Originally published at blog.ironcorelabs.com.

IronHide: Better Team Encryption

A few months ago, we quietly released a little utility that brings the power of proxy re-encryption to the command line. Proxy re-encryption, which we call transform cryptography, allows you to encrypt data to Alice and for Alice to delegate decryption rights to Bob. We take this public key delegation to a world with groups. For example, Charlie creates a group, Beta, and then encrypts to that group. Charlie then independently adds members to the Beta group, including Alice and Bob. Charlie can remove them at any time or make them co-administrators. Alice and Bob can decrypt anything encrypted to that group and can also encrypt to it. This is all done using elliptic curve public key cryptography with nice security guarantees.

The Problem

Existing encryption tools like GPG work great for securing data for yourself or sending something to another person, but when you need to share files with multiple people, you run into problems with the management of those files over time.

At IronCore, we have some secrets we share among developers. Our LetsEncrypt private developer certificates are one example. We renew these every few months, and all of our developers need them. Once upon a time, we used GPG to encrypt these. Each time we’d encrypt to each of the current developers (hopefully not forgetting anyone). Then we shared the encrypted file in a shared drive. For a small group, this is feasible; it would fail entirely for a large group. But even with a small group, it was problematic.

When someone left or when we hired a new developer, we had to find all our secrets, decrypt them, encrypt to the updated list of people, and re-share. We didn’t have a way to revoke access to the previous files. Plus there was a dance of getting the new person to set up and publish a new GPG key before we could add them. With IronHide, they just need to login once and then you share with them using their email address.

Other teams use tools like LastPass and 1Password to share developer secrets. These are great tools for individual use, but I’ve never been comfortable with the revocation and rotation stories. Also, the team editions require paid subscriptions, which we’d rather avoid.

Introducing IronHide

IronHide is an easy-to-use open source file encryption and decryption command line utility for working with files that you need to share with groups where group membership may change over time and grow to arbitrary size.

Example usage

IronHide requires npm to install:

npm install -g @ironcorelabs/ironhide.

When you first run it, you’ll be taken through a series of steps that generate your initial keys, protect your master key with a passphrase (this is needed when authorizing new devices), and then install device keys on your local computer. Any device that you use IronHide on has its own set of cryptographic keys that never leave the device. Through the power of transform cryptography, you don’t need to copy private keys around. Devices can be remotely revoked from another authorized device in the case of a lost or stolen laptop.

Once you’ve done the initial login dance — needed so others can encrypt to you by email address — you can start using the tool.

Groups aren’t much fun unless you have friends who have signed up, too, so get a couple of friends on board to try it out with you.

Group Management

Anyone can create groups. When you create one, you’re the admin. You can add members like so:

ironhide group:create mygroup
ironhide group:addmembers -u \
john@example.com,karen@example.com mygroup

File Operations

Now that you have a group, you can encrypt to it by its name, like so:

ironhide file:encrypt -g mygroup secrets.json

This command encrypts secrets.json and puts the encrypted contents in a secrets.json.iron file. You can specify specific users, groups, and mix and match multiple of these. Note that by default, the plaintext file remains in place. You need to use the -d flag to automatically delete the plaintext source file.

Anyone who is a member of the group can decrypt the .iron file with this command (again, use -d to remove the original file if desired):

ironhide file:decrypt secrets.json.iron

Background

The crypto library that IronHide relies on is recrypt-rs, which is an open source rust library. IronHide itself is open source and requires node.js to install. All of the crypto code was audited, is constant time (side-channel resistant), and is based on published and peer-reviewed papers. We surface the rust library to browsers (via WebAssembly), to the JVM, and to Node, with more on the way.

“Proxy re-encryption” is so named because it needs a semi-trusted proxy that can transform ciphertext encrypted to Alice to ciphertext encrypted to Bob, without decrypting the ciphertext in the middle or learning anything about anyone’s private keys or the encrypted data. The “semi” part of the trust comes from the revocation use case. You have to trust the proxy to actually delete the data that enabled a user to be part of a group when you remove that person.

IronCore hosts the “proxy” service (not a proxy in the network sense) and also manages identity, public keys, and groups. We do this for free and promise to continue to do so. Our motivation is to spread awareness about what the technology can do. It’s incredibly useful for minimizing trusted systems and managing trusted users.

From a privacy perspective, you should know that we hold email addresses, group names, and membership lists. We also hold document IDs and encrypted document keys (EDEKs). Your data never leaves your machine, and even if it did, we have no way to decrypt it. However, we know there’s a document somewhere shared with some set of users and groups, and we know the email addresses of the group members. If this is too much data leakage for your use case, such as if you’re a reporter or a dissident who needs to protect who you’re communicating with and not just what you’re communicating, then IronHide isn’t for you (but the underlying libraries still may be).

If the tool becomes popular, we’ll work to reduce the amount of metadata we can see (send us feedback!), but for now, we’ve prioritized business cases where metadata visibility is frequently required for reporting purposes.

Summary

IronHide is a handy tool for encrypting files to users and groups with low friction. It’s also a practical demonstration of transform cryptography (aka proxy re-encryption) and how it can be used to solve hard problems.

If you’re interested in the core technology and want to build low-trust and zero-trust solutions; secure desktop, mobile, or web apps; access controls that travel with data; secret management without the shared secrets; or similar, please get in touch with us. We’d love to talk to you and to hear your feedback.

About IronCore: IronCore is a data privacy platform that helps bring customers (businesses or end users) control of their data. IronCore supports a variety of data control delegation schemes including Customer Managed Keys and end-to-end encryption at scale without the hassle.

To dive deeper on transform cryptography, check out a short video overview or read the docs.