What is easy to understand is seemingly difficult to achieve. Online personal, financial, medical, social, and other digital information that is linked to your identity needs to be flawlessly secure — and under your control — not solely in control of the businesses and institutions that you want to interact with.
Need proof? Facebook’s agreement to pay a $5B settlement is the latest and most dramatic example of regulators holding service providers accountable for maintaining the privacy of their users’ personal information. Going forward, I expect accountability to increase.
How is privacy and trust ensured? It’s a question of decentralizing trust for shared privacy control and to a much higher degree. The centralized approach typically used today does not work nearly well enough – as evidenced by the many cases of private user data being shared among service providers without the user’s knowledge or consent.
A good answer is available. Threshold Cryptography, using multiparty computation (MPC) represents a transformational opportunity for social media companies and many other services to improve user privacy while decentralizing trust. Doing so will enable both service providers and their end users to share in the control of access to private information. Using MPC would enable end users to control who is “touching” their data, what they can see and do with it, while reducing liabilities for service providers.
One well established and proven example of decentralized trust for access control is found in digital asset trading and even crypto currency. We may not immediately think of this use case as decentralized trust for access control, but in essence it is, and the concepts are completely extensible to a virtually unlimited number of other use cases. Good examples of this in the field of self-sovereign identity range from proving who you are to new institutions, granting access to your health or financial records from an online service, to granting access to your Facebook timeline.
In the case of digital asset trading, digital wallet holders wish to receive and distribute cryptocurrency assets which are associated with their personal account. Like email, they’re fine with receiving emails or deposits to that account from other parties without giving explicit prior consent. But they would never want anyone to send an email or make a withdrawal from their account without their explicit approval.
Best practices for cryptocurrencies such as Bitcoin in custodial accounts use a multiparty approval scheme which allows both the cryptocurrency exchange, which is facilitating a digital asset trade, and the account holder to explicitly authorize any withdrawals from the user’s account. This same model could easily be applied to end user’s private information in other online services, giving end users greater control over access to their personal information.
Bitcoin accomplishes this multiparty approval scheme using technologies known as MultiSig or threshold signatures. Both work with blockchain based services such as Bitcoin, but threshold signatures natively operate off-chain which makes it suitable to work with any technology or use case.
Threshold signatures enable decentralized trust with industry leading security, using a concept known as multiparty computation (MPC). Threshold signatures with MPC allow multiple parties, such as an online service provider and their subscriber to each possess a share of a private key. When both the service provider and the end user elect to approve a transaction or grant access to information, MPC verifies the explicit approval of both parties and executes a cryptographic operation such as issuing a digital approval signature, and/or decrypting encrypted data so that an authorized party can access the data.
The concept of two-party approval is in no way new, but the implementation model and resulting decentralization of trust with MPC is both new and compelling. Conventional two-party approval models will either generate two keys and provide one to each party or generate a single key and then break it into two shares which are distributed to both parties. The problem with this model is that the keys are centrally generated and under the control of a single party – typically the service provider.
What makes MPC so compelling for this use case is that the share of the private key used by the end user is never generated by or accessible to the service provider. MPC can be configured to run on the end user’s device to generate the share locally. So, the service provider never has singular or centralized control over the collective key shares required to execute a cryptographic operation or grant access to end users’ personal information.
With this model, the service provider is never subject to hackers or insider attacks where a bad actor uses both the service provider’s key and the end user’s key to fraudulently authorize a transaction and steal digital assets or release personal information. The assets, whether they are cryptocurrencies, PII, KYC/AML, healthcare records, financial records, or information stored in a social media account can never be accessed unless the end user as well as the service provider grants access using their private key share.
Granting end users with greater control over their private information will increase customer satisfaction, while decreasing service provider liability – all as a byproduct of decentralizing trust.