Exploring Registration-Based Encryption for Blockchain Key Distribution

Linking
cryptographic
keys
to
identities
has
been
a
long-standing
challenge
since
the
advent
of
public-key
cryptography.
The
primary
issue
is
providing
and
maintaining
a
publicly
available
and
consistent
mapping
between
identities
and
public
keys.
This
challenge
is
particularly
relevant
in
the
context
of
web3,
where
transparency
and
anonymity
are
paramount.

According
to

a16z
crypto,
three
main
approaches
exist
for
addressing
this
issue:
public
key
directories,
identity-based
encryption
(IBE),
and
the
more
recent
registration-based
encryption
(RBE).
Each
method
offers
distinct
trade-offs
in
terms
of
anonymity,
interactivity,
and
efficiency.

The
Three
Approaches

The
traditional
approach
involves
a
public
key
infrastructure
(PKI)
with
a
public
key
directory
at
its
core.
This
method
requires
a
trusted
third
party
to
maintain
the
directory,
which
can
be
costly
and
prone
to
errors.
Additionally,
the
public
key
directory
approach
is
not
succinct,
somewhat
interactive,
and
lacks
sender
anonymity.

Identity-based
encryption
(IBE),
proposed
by
Adi
Shamir
in
1984,
eliminates
the
need
for
a
public
key
directory
by
using
identifiers
like
phone
numbers
or
email
addresses
as
public
keys.
However,
IBE
introduces
a
strong
trust
assumption,
as
it
requires
a
trusted
key
generator
to
issue
keys.
This
approach
is
more
space-efficient
and
offers
non-interactive
encryption
and
decryption,
but
the
risk
associated
with
the
master
secret
key
is
significant.

Registration-based
encryption
(RBE),
proposed
in
2018,
replaces
the
trusted
key
generator
with
a
transparent
key
curator.
The
blockchain
setting,
where
a
smart
contract
can
serve
as
the
key
curator,
makes
RBE
a
natural
fit.
RBE
offers
the
benefits
of
both
PKI
and
IBE
while
mitigating
their
respective
drawbacks.
It
uses
less
on-chain
storage
than
a
public
key
directory
and
avoids
the
strong
trust
assumption
of
IBE.

Evaluating
the
Trade-offs

RBE
requires
succinct
parameters,
meaning
the
size
of
parameters
to
be
stored
on-chain
is
sublinear
in
the
number
of
users.
This
is
smaller
than
the
total
storage
required
for
a
public
key
directory
but
still
more
than
IBE.
Encryption
and
decryption
are
somewhat
interactive,
requiring
periodic
updates
to
public
parameters
and
auxiliary
information.
However,
RBE
provides
sender
anonymity
and
transparency,
making
it
a
compelling
option
for
privacy-conscious
users.

Performance
Comparison

In
terms
of
cost,
RBE
has
a
higher
setup
and
registration
cost
compared
to
PKI
and
IBE.
However,
it
offers
stronger
anonymity
and
reduced
trust
assumptions,
making
it
a
viable
option
for
those
who
prioritize
privacy
and
trustless
setups.
According
to
a
performance
evaluation
by
a16z
crypto,
RBE
can
be
feasibly
deployed
on
the
Ethereum
mainnet
today,
despite
its
higher
costs.

Overall,
while
RBE
is
more
expensive,
it
provides
significant
advantages
in
terms
of
privacy
and
trustlessness,
making
it
an
attractive
option
for
blockchain
key
management.

Additional
Considerations

Handling
key
updates
and
revocations
is
straightforward
for
a
public
key
directory,
but
more
complex
for
IBE
and
RBE.
IBE
requires
periodic
updates
to
keys,
while
RBE
can
be
extended
to
support
these
functionalities
through
additional
mechanisms.
Moving
data
off-chain
with
data
availability
solutions
can
reduce
on-chain
storage
for
both
public
key
directories
and
RBE,
further
enhancing
their
efficiency.

The
views
expressed
here
are
those
of
the
individual
AH
Capital
Management,
L.L.C.
(“a16z”)
personnel
quoted
and
are
not
the
views
of
a16z
or
its
affiliates.
Certain
information
contained
in
here
has
been
obtained
from
third-party
sources,
including
from
portfolio
companies
of
funds
managed
by
a16z.
While
taken
from
sources
believed
to
be
reliable,
a16z
has
not
independently
verified
such
information
and
makes
no
representations
about
the
enduring
accuracy
of
the
information
or
its
appropriateness
for
a
given
situation.

This
content
is
provided
for
informational
purposes
only,
and
should
not
be
relied
upon
as
legal,
business,
investment,
or
tax
advice.
You
should
consult
your
own
advisers
as
to
those
matters.
References
to
any
securities,
digital
assets,
tokens,
and/or
cryptocurrencies
are
for
illustrative
purposes
only
and
do
not
constitute
a
recommendation
to
invest
in
any
such
instrument
nor
do
such
references
constitute
an
offer
to
provide
investment
advisory
services.
Furthermore,
this
content
is
not
directed
at
nor
intended
for
use
by
any
investors
or
prospective
investors,
and
may
not
under
any
circumstances
be
relied
upon
when
making
a
decision
to
invest
in
any
fund
managed
by
a16z.
(An
offering
to
invest
in
an
a16z
fund
will
be
made
only
by
the
private
placement
memorandum,
subscription
agreement,
and
other
relevant
documentation
of
any
such
fund
and
should
be
read
in
their
entirety.)
Any
investments
or
portfolio
companies
mentioned,
referred
to,
or
described
are
not
representative
of
all
investments
in
vehicles
managed
by
a16z,
and
there
can
be
no
assurance
that
the
investments
will
be
profitable
or
that
other
investments
made
in
the
future
will
have
similar
characteristics
or
results.
A
list
of
investments
made
by
funds
managed
by
Andreessen
Horowitz
(excluding
investments
for
which
the
issuer
has
not
provided
permission
for
a16z
to
disclose
publicly
as
well
as
unannounced
investments
in
publicly
traded
digital
assets)
is
available
at
https://a16z.com/investments/.

Charts
and
graphs
provided
within
are
for
informational
purposes
solely
and
should
not
be
relied
upon
when
making
any
investment
decision.
Past
performance
is
not
indicative
of
future
results.
The
content
speaks
only
as
of
the
date
indicated.
Any
projections,
estimates,
forecasts,
targets,
prospects,
and/or
opinions
expressed
in
these
materials
are
subject
to
change
without
notice
and
may
differ
or
be
contrary
to
opinions
expressed
by
others.
Please
see
https://a16z.com/disclosures
for
additional
important
information.

Image
source:
Shutterstock