“The eureka moment for us was when our co-founder [Michael Egerov, CTO] and I were working on an opensource database called ZeroDB,” says MacLane Wilkison, NuCypher’s CEO.

ZeroDB used end-to-end encryption which allowed users to query an encrypted database, without sharing private keys with the database server. It included a feature that Wilkison and Egorov ultimately realised to be ground-breaking: the ability for third-parties to query the encrypted data. This was made possible through proxy re-encryption, the technology now synonymous with NuCypher in crypto circles.

“It was just this realisation that this little side thing that we had was actually the most interesting, relevant and important piece,” says Wilkison.

“We realised this feature we built as part of ZeroDB is actually a super-elegant and relevant solution for securing distributed systems generally, so we pulled it out and made it not just a feature of ZeroDB, but this more general encryption layer that we could take and apply to different distributed systems. We first applied it to Hadoop, then to Kafka, to blockchain more recently, and there’s a lot of interesting stuff we have on the roadmap for IOT as well.”

According to Wilkison, the key advantage of proxy re-encryption over other solutions is its simpatico with the “many-to-many data sharing patterns” which are inherent to cloud storage, blockchain and other datacentric growth areas in computing. He explains:

“Traditional public-key encryption is very good for one-to-one communication — so if I want to share a secret message with you, I can encrypt it with your public key, and you can decrypt it with your private key. But, if I need to share that message with, say, dozens or hundreds of recipients, I have to encrypt that message again for each recipient, so it scales really poorly.

“With proxy re-encryption I can encrypt that data one time, with one key, and then delegate and revoke access to pretty much as many recipients as I like. And if you look under the hood of big data platforms like Hadoop or Kafka or blockchain, they’re really characterised by this many-to-many data sharing pattern. Proxy re-encryption is the perfect fit for that.”

MacLane Wilkison NuCypher’s CEO talks about the team’s mixed backgrounds as part of their success on LAMA

Creating a cybersecurity solution to serve a new information sharing paradigm is a fine achievement — but perhaps equally as impressive has been NuCypher’s success in building a high-profile client base from the ground-up. As a security start-up launching at a time of unprecedented data risk, how do you go about earning the confidence of a company with profound security needs?

“In the security space, you can’t really move fast and break things, or else you’re going to pretty much irrevocably lose your customers’ trust. You have to have something that’s very robust, secure and functional from day one.” says Wilkison.

For NuCypher, the route to that immediate robustness was one of the boldest imaginable. They focused on the highly-at-risk financial services industry, first.

“This was a strategic decision by us for a couple of reasons. First, financial services companies obviously have enough data to be using the distributed systems we work with. Second, a lot of the data they have is very sensitive. Third, they tend to have some of the strictest security requirements.

MacLane Wilkison explaining through LAMA app why many of their clients are in finanacial services

“We knew that whatever we built for them based off of their product requirements would almost by definition be good enough for pretty much every other vertical. So, if we build something for financial services it’s going to work for healthcare, for telecommunications, and very likely for government as well, with a few changes.”

NuCypher’s team of developers, business experts and cryptographers has engineered a security solution that’s fit for the most demanding clients and is attuned to the zeitgeist — but with new cyber threats emerging by the day, remaining future fit will be an ongoing concern for the San Francisco startup. It’s a challenge Wilkison embraces:

“Our vision is to be the encryption or security layer for all of the important distributed systems. Right now, that means cloud, big data, blockchain and IOT; in the future it could mean a new platform or computing environment.

We’re interested in solving the problem for each of those and solving it very, very well. That means staying on top of the latest distributed systems technology, staying on top of the latest in encryption and cryptography, and keeping up with the security industry more broadly.

“That’s one of the things that’s exciting and fun and interesting about working in a startup — you get to work at the intersection of a lot of very complex, interesting and exciting new technologies.”

Words by Pete Wise. Interview via LAMA.