Decentralized Access Control with Cryptree

Local-First Software highlights several benefits of abandoning centralized cloud architectures and aiming for applications that work in a decentralized setting. Most importantly, such applications retain the user's ownership of their own local data and can allow them to work offline and only synchronize with other users from time to time.

Naturally, if we are aiming for data privacy, then we also need a way to restrict malicious users from accessing shared data. In particular, we want to explore how access control can be implemented for use with replicated data types (RDTs). For this, we are interested in an existing approach to fine-grained decentralized access control for a distributed file systems on untrusted storage.

Grolimund et al. propose the cryptographic data structure (Cryptree: A Folder Tree Structure for Cryptographic File Systems) to implement the access control based on encryption using different keys. The proposed Cryptree relies on symmetric (AES-128) and asymmetric (RSA-1024) keys for the encryption (wrapping) of keys for the “cryptographic links”. These links form the key hierarchy that is related to paths in the file system tree. They don’t assume eventual consistency but a stronger consistency model. The access control scheme supports revocation, as well as confidentiality of file names and access rights.

Goal

Students can explore this topic from different angles, either as a seminar or as a project (or both).

• Introduce the reader to the concept of a valid CRDT as a semilattice
• Introduce the reader to the concept of decentralized authentication with code examples (pick only one:)
  • Halo identity
  • Local-First auth
• Explain Crypttrees, so that a reader could start implement the approach
• Identify and explain the cryptographic primitives needed to implement Cryptrees
• Study the system assumptions of the approach and its applicability beyond file systems
• Compare Crypttrees to one of the example tools listed below, which also aim to provide decentralized authentication/access-control
• Study how Cryptrees are applicable in the eventually consistent setting (e.g. local-first software), especially regarding access right revocation.

• Implement the Cryptree data structure using state-of-the-art cryptographic primitives in Scala.