"Encrypted Spaces"

mfzx.net · June 11, 2026, 1:48pm

Former Signal developers and cryptographers from the Cryptography Group at Microsoft Research and the Applied Social Media Lab at Harvard’s Berkman Klein Center for Internet & Society announced an active research project for “Encrypted Spaces” today:

In this paper, we introduce [encrypted spaces], a new storage architecture that layers secure collaboration protocols atop untrusted servers. To developers, an encrypted space looks like a sync engine […] with built-in support for group management. Behind the scenes, the space automatically implements cryptographic protocols to encrypt data, manage keys and users, and verify the authenticity and integrity of the data. Our architecture aims to be flexible enough to support common collaborative applications such as shared drives and documents, calendars, spreadsheets, source code control, artistic and engineering design applications, and chat forums.

Unlike Signal, however, the code that the Encrypted Spaces group has released is, for now, not a single, ready-for-use application. Instead, it’s a code repository that the group is inviting cryptography researchers and developers to review, with the goal of eventually allowing coders to build their own encrypted collaborative apps—but without needing any cryptography knowledge.

bmann.ca · June 11, 2026, 2:27pm

We don’t really do collaborative apps yet. Habitat is one of the few, they are doing some CRDTs and local first techniques for their docs. docs

They might actually be well positioned to experiment with this cc @offline.arushibandi.com

Encryption like this is likely to be implemented off protocol. It might “layer” with permissioned data and spaces - so that the encrypted data isn’t synced in the clear - so permissions AND encryption, where encryption is done at the app layer.

This is similar to some of the work that my day job Ink & Switch is doing - Keyhive + Automerge Keyhive: Local-first access control

offline.arushibandi.com · June 11, 2026, 3:23pm

We have briefly discussed and toyed with the idea of some shared lexicons for interoperable encrypted data – basically a shared way to describe how keys are stored. The idea being that our docs app could support e2ee and those docs could still be viewable / editable in other apps if they understood & implemented the same protocol for encrypted data! Haven’t dug in much more as we’ve been focusing on some other work, but we’d love to collaborate with other teams on this.

This research preview seems interesting, will check it out!