Secure computer systems are designed around the principal that a limited number of users have privileged access to protected data, with such access being controlled by usernames, passwords and multi-factor authentication. This creates vulnerabilities for a business. Privileged access can be abused by insider threats, or the 'master key' credentials can be lost through carelessness or stolen by phishing. This is why critical applications in fields such as financial services are further protected by complex and expensive Hardware Security Modules (HSMs).
Post-Quantum has built a commercial multiparty computing system for protecting data. This uses a development of a technique known as threshold cryptography to split the master key to encrypted data into fragments. There are a pre-defined number of these key fragments that can be shared between stakeholders. The stakeholders can be servers located in different places, protecting a cloud-based system from data breaches.
When setting up the secure system, a number is set at which a quorum is established (say, 3). If 3 out of 7 fragment holders bring their fragments together in consensus then the archive can be decrypted. 3 is the minimum number of fragment holders in this example and it can include any combination from the pool of 7 fragment holders, so long as this minimum number is reached. The system is almost infinitely flexible, a quorum of 3 of 4 fragment holders can be set as easily as a quorum level of 17 of 853 fragment holders.
Beyond the standard security applications of this technique, it can also be used where there are stakeholders outside of the organisation who can be entrusted with key fragments. A few examples:
A cryptocurrency private key which needs to be recovered should it be lost or corrupted.
Key holders: trusted friends and family who are pre-allocated key fragments.
Regulated industries where archives of trading messages may need to be opened
Key holders: regulator, third party escrow agent, company.
Internet companies where browsing logs may need to be opened for the national security or crime detection purposes.
Key holders: FBI, privacy group, law firm instructed to only release a fragment when a warrant is received, company compliance manager.
Virtual data rooms for merger and acquisition transactions
Key holders: Transacting parties including M&A bankers, lawyers and financial PR personnel.