Discover the Power of Covercrypt: Fine-Grained Access Rights and Post-Quantum Security for Data Privacy

Discover all the features from our Covercrypt product with Cosima, for fine-grained access rights to an organization’s data.

Meet Cosima

Cosima works in a company with several subsidiaries, each encompassing several departments with a complex hierarchy. Being in such a prominent structure is great because it means the company has a lot of information on its market. However, it also means that it can be complicated to determine who should have access to which documents and over which period.

Since it is not okay to hand documents out to everyone, they are just encrypted for a minimal number of recipients for obvious privacy reasons. Creating other issues: the company cannot use its data’s added value. Making things complicated when the employees or the teams change.


Attribute-Based Encryption?

Cosima learned about Attribute-Based Encryption (ABE for short) to protect privacy while avoiding those issues. ABE could let her or any of her colleagues specify under which user policy it can be decrypted when they encrypt a document. Without having to worry about which users will, in fact, fit the description. For instance, she could encrypt the report she just finished so that only employees that work in Finland but not in Helsinki and are part of the human resources department or employees that have been in the company for at least twenty years can decrypt it in a straightforward way, even if the policy is complicated.

Enthusiastic about ABE, Cosima decides to make this the new way of encrypting documents in her company. However, she soon realizes that though it looked charming in cryptography papers, this is a quite heavy machinery. Ultimately, she would only use it partially, as not all of its properties are relevant to her. There will be, at the very most, hundreds of attributes in the user policies and a limited number of combinations among them.

Cosima realizes that she can implement something much more efficient by just producing ciphertexts for all the user policies that can decrypt them!


A Key-Encapsulation Mechanism

She also gathers the enormous number of documents her company needs to handle. These should be encrypted using symmetric keys to prevent a memory blow-up, and this symmetric key should only be sent to users with the right attributes using a Key-Encapsulation Mechanism (KEM for short). KEM ensures only users verifying the documents’ policy get the symmetric keys to uncover them.




Covert Channels through Anonymity

Cosima is already quite relieved about how her company will handle documents’ privacy now. But she realizes that there might be a few more properties she will need. First, when one of her colleagues sends out the keys to decrypt the documents they’re adding to the database, she wouldn’t want everyone to know the policy the documents are encrypted for, because then patterns on the type of documents added would be revealed, employees could notice that something extra-confidential is underway, and this information could turn out to be sensitive too. So Cosima decides to make the scheme anonymous so that the only information employees can get about the policy documents were encrypted with is that it fits their attributes, meaning that if they can decapsulate the documents’ key with them, then this attribute is in the policy.



Now Cosima has something new yet on her mind… What if her colleague Richard, who has the Financial Department attribute, hands the corresponding key to Daniela, who is not in the Financial Department and is an intern in the company? Then Daniela could read documents that members of this department have access to, even if they were not intended for her. And then, if Daniela transfers sensitive information intended for this department outside the company, no one would know who leaked their key in the department, and no one could be held accountable.

Cosima realizes that sharing precisely the same attributes across multiple users without having anything to identify them individually is not a very good practice. So now, when handing out attribute keys (which will enable the decapsulation of symmetric keys for ciphertexts with a policy matching the attribute), she should find a way to hand out different keys to every individual possessing the same attribute. And not only that, but the keys she handed out to Richard and Marie for their Financial Department attribute should give her a way to trace back to Richard when he provides his to Daniela. She changes the scheme accordingly to have this traceability property.


Post-Quantum Security

Now that Cosima has fixed all these problems with the scheme she wants to use, she settles again at her desk. She opens her mailbox and reads her country’s national security agency’s newsletter, which just popped in. She learns that data should be kept private even from quantum computers, as encrypted data could be copied and stored until a quantum computer can decrypt it in a few years. However, new post-quantum schemes have not been tested as much as the old pre-quantum ones and the agency says that until they have been studied for more years, companies should use schemes that rely on both post-quantum security and well-known pre-quantum cryptography.

Now Cosima has a great idea; she will use both a pre-and a post-quantum scheme in her key encapsulation mechanism, and decapsulating keys will require secret attribute keys from both schemes. The encapsulated keys will be kept private even if only one of these schemes is secure. The anonymity of the encapsulation policies (meaning knowing which attributes give access to a decapsulation), will rely on the weakest of both securities, but this is much less critical than the ability to decapsulate. Then, for the traceability, as she knows quantum computers are not there yet, and her company’s employees will not have access to one for now, she keeps relying only on pre-quantum cryptography because it is much more efficient, and this poses no threat on the privacy of the data.


Covercrypt is born

Now Cosima really built the ideal scheme to handle her company’s data, making complex permission rights simple and securing it even when the company relies on infrastructure that cannot be trusted entirely and on which rights could be escalated; now, permissions are also directly controlled by the data owners independently of system administrators.

Using these cryptographic tools will grant all the company data to stay undercover from any prying eyes anywhere on the infrastructure or in the company; she decides to call it Covercrypt, and lays back in her rocking chair with a good café latte.

Paola de Perthuis




Cosmian makes no tracking for advertising and does not collect any personal data. Cookies are used for statistical or operational purposes, as well as for analysis, allowing for continuous improvement of the website. Cosmian uses the Matomo Analytics tool, an audience measurement solution that uses cookies with a configuration that complies with the data protection legislation and the recommendations of the CNIL (Commission Nationale de l'Informatique et des Libertés). This configuration allows to anonymise visitor's data and to limit the storage period of this data to a maximum of 13 months. With this configuration, the prior consent to the deposit of Matomo Analytics cookies is not required. However, you can still choose not to allow these cookies (by clicking here ) or at any time by consulting our Privacy Policy.

For more information please consult our Privacy Policy