The Danish startup putting the killing blow into key encryption technology

Danish encryption specialist Sepior, founded in 2014, was started on the back of ground-breaking encryption projects and the support of the EU’s Horizon 2020 programme. In discussion with IBS Intelligence it revealed that it has lots more surprises up its Fairisle jumper

Sepior’s big break came with the EU’s Horizon 2020 initiative, an irony not lost on CEO Ahmet Tuncay – as we spoke to him, the chaos which is Brexit continues to engulf Europe.

Ahmet Tuncay, Sepior CEO said: “Yes, we’re a truly Danish company and found our footing within the Horizon programme, which deals mostly with small to medium enterprise projects or SMEs.  For companies with promising technologies, the EU economic commission provides grants for the ones they believe will become a commercial success.  But there’s a fairly high bar for them to grant you this money, you have to commit to specific milestones and strict targets.  The commitment our founders of the company made was: ‘If you give us these funds and support, we’re going to create economic activity within the EU, which means hiring people and growing the company’.

He continued: “Our obligation was really to take that money and create a piece of commercially viable technology.  At the early stages, specific use cases aren’t as important as the foundational technology and broad market appeal.   Once the foundation is created,  we wanted to be able to acquire institutional funding to go and build a business.  In the long term our obligation is to create jobs, insofar as the EU is concerned, but now we have commitments to our shareholders, so it’s not just jobs that matter today.”

Tuncay says: “If you just look at the size of the market for encryption key management, you’re not going to be impressed by the number, it’s only around a $1 billion market.  But if you take the same technology, repurpose it and, apply it to commercial asset exchanges, which is a $300 billion market, and find a way to participate in a revenue sharing opportunity, you’ve moved yourself from a $1 billion market to a $300 billion market. You then have to figure out how to extract your fair share from that activity.”

The numbers are certainly impressive if you consider the amount of dollars that brokers and exchanges collect in fees – it’s a vast amount – it’s certainly more than the $1 billion market for encryption key management.  It’s several hundred billion dollars, it is super lucrative and it’s a great market to be in because few companies are good enough to offer a differentiated service to capture new customers..

Tuncay says: “Our investors recognised that the big pain of cryptocurrency activity is that if you lose the coins, they’re gone forever.  So that turns up the need for novel security solutions more than ever.  The digital wallet containing the cryptocurrency assets must be hosted in trusted custody and the transactions involving the wallet must be protected against malicious or incompetent brokers and clients. The need for a higher level of security means having multiple signatures and multiple approvers, which obviously more secure than having just one.  When you have the multiple approvers using our ThresholdSig technology versus a MultiSig or multiple signature technologies, we can deliver very high levels of security and trust along with some operational benefits for the exchange, because the administration of the security policies involving adding people, removing people, replacing lost devices, and who can participate in those signatures, that’s all done off-chain and it’s simple.”

The alternative approach is to use MultiSig, which is all on-chain, so when you change the policies you have to broadcast the policy, telling everyone who the approvers and policies are, which is not really good for security. You may also have to reissue or generate new keys.  There is a lot of administrative bureaucracy that goes with that approach.  Until recently MultiSig has been the gold-standard for threshold cryptographic currencies but ThresholdSig provides an equal or higher level of security with a more flexible, lower administrative effort environment and also has some potential efficiencies to improve and reduce the size of the recorded transaction on the blockchain.  That means that the way the transactions occur, they’re recorded on the ledger, and with MultiSig, the blocks actually contain multiple signatures that have signed off on the transaction, which of course increases the block sizes.

Tuncay says: “With ThresholdSig there’s only one signature that goes on the ledger, so it actually reduces the amount of data on the ledger. It turns out these signatures are a substantial portion of the total transaction size.  So, there’s this kind of tertiary benefit that could end up being quite material, because it means that the blocks can contain more transactions. Blocks are typically fixed in size, so if the transactions are smaller you get more of them onto the chain.  In some of the currencies, like Bitcoin, it’s already hitting capacity on processing.  So, if you can have the highest level of security and smaller transaction sizes it’s going to maximise throughput.”

There is the hope that ThresholdSig transactions will also have lower transaction fees than MultiSig. ThresholdSig transactions appear as a single signature transaction on the blockchain. Historically, single signature transactions are the smallest in size, allowing for maximum transactions per block and typically have the lowest mining transaction fees. Our expectation is that the exchange could end up with lower transaction fees, with higher security and lower administrative overhead. So, there are some very compelling reasons why this technology is going to be relevant to a far wider audience than up to now.

Sepior’s investors were on the front edge of recognising threshold schemes, the cryptography approach with multiparty computation, and how that technology could bring real benefits in this use case.  As Tuncay says: “We’re focusing on the implementation around cryptocurrency exchanges and hot wallets, but this technology is applicable to a much wider range of applications.  So next month we’re going to be making some announcements around more blockchain generic solutions, to provide more privacy on private blockchains in general. There are a whole series of problems with using distributed ledger technology for business and one of these is scalability.  How do you support – for example, in the case of logistics tracking operations,  a container being loaded and shipped from a point in China to destination in Los Angeles? Sometimes there are 35 or 40 different parties involved in that transaction.  These parties don’t necessarily need to know everything on the blockchain.  Effectively all the transactions are on the chain.  So all parties that are participating in the chain can validate and see their own transactions but need not see the confidential data of other parties.  One strategy for this has been to create virtual blockchains called channels, which is used in Hyperledger fabric, but it’s use creates a messy scalability problem.

Tuncay says: “If I were to generalise it further, while a blockchain is supposed to contain transactions that are immutable because everybody on the chain can validate them, the downside is that everybody on the chain can also see everything on the chain.  So how do you create an application like logistics tracking where there are 30 parties on the chain and you want every party to have a different view of it?  Our solution to this – and there are existing solutions which have proven to be unscalable, is based on access control policy that relies on encryption to make only the intended parts of the chain available to users based on their permissions.

“There is nothing magical about this, we’re just using our underlying key management system and fabric.  But once we make this available, it will also enable the creation of privacy-preserving chains that are massively scalable than what is possible today.  We think there’s value there, again this is something that we’re going to go and test out and we’re involved in activity with several large companies, to validate this.  We think that it’s worthwhile.:

Fundamentally Sepior is providing fine-grained control over who has visibility to what on the blockchain.  The key words here are ‘threshold cryptography’.  Sepior is pioneering and leading the industry in the field of threshold cryptography, to apply these key management concepts in a manner that’s more scalable and works in distributed environments with a high degree of efficiency.  Part of the threshold aspect, the threshold cryptography, in the case of a crypto wallet is that you might have four parties who are available to approve a transaction, but you might have a threshold that says if any three are available it will be accepted as a valid transaction.  Therefore, you can define a threshold so that if somebody loses their phone or their device gets hacked and we no longer want to trust it, it can be excluded but continue to transact and do business.

Tuncay says: “When you move into the blockchain application the threshold aspect is more around signing key availability and management. What we’ve done here is to take the key management function and distribute it using multi-party computation (MPC).  We’re able to distribute the key generation and management functions across multiple virtual servers, if you will, in the cloud, such that no individual server has a full key that could be hacked or stolen.  But collectively maybe two out of three of these virtual servers can provide keys for all the users that require access to the content on that blockchain.  This threshold aspect gives a high degree of availability, reliability and integrity of both the encryption and the availability of key management.”

For this Danish company, it looks like blockchain will be The Killing it deserves.