Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps

End-to-end encryption, in which data is encoded so that only users on either “end” of a conversation can decrypt their communications—and not the server that relays that information or any other interloper—has become the standard for modern privacy on the internet. But its very name suggests a kind of simple pipe with two openings. The metaphor, and often the encryption technology that has enabled that model, doesn't fit neatly onto the world of Slack, Discord, Google Docs, and the other multiuser, complex, collaborative software where people now live and work.

So one group of cryptographers has built what they describe as the foundation for a new generation of end-to-end encrypted apps, with a new metaphor: Instead of a mere pipe, they want to create “spaces” where users can hold group conversations, host information on a server, collectively make changes to it, invite in new collaborators or kick them out, all while maintaining the same strong encryption protections that prevent the server or network eavesdroppers from accessing their data.

That cryptographer team, including contributors from Harvard, Microsoft Research, and former developers of the end-to-end encrypted messenger Signal, today release a “preview” of Encrypted Spaces, an early version of a set of open-source code libraries, which is part of an architecture they've designed to allow anyone to easily build a rigorously end-to-end encrypted app that nonetheless enables all of the complex collaboration features that users demand from software today.

The group says it saw an opportunity in the migration from single-user apps and one-to-one messengers to multiuser collaboration tools. The transition comes at the same time as the advent of new cryptographic tricks—namely, “zero-knowledge proofs”—that enable computers to manipulate and verify the integrity of encrypted data without seeing its contents. “These pieces kind of fall into place to leave us with a moment of technological shift where we can inject encryption and privacy,” says Nora Trapp, an engineer at Harvard’s Applied Social Media Lab who has also worked as a technical lead for Signal. “We want to provide the technological surface area for developers to build all these apps in a privacy-preserving way."

Among the cryptographers working on the project is Trevor Perrin, the cocreator of the Signal protocol, the open-source encrypted messaging system used not only in the hundred-million-plus phones with Signal installed but also in the billions of devices that use WhatsApp and Facebook Messenger.

Encrypted Spaces is, in some sens