Research preview

An architecture for collaborative applications where data is encrypted and operations are cryptographically verifiable.

Encrypted Spaces are part of a research effort to explore collaboration tools where servers store data but are able to inspect and process only the data that we choose.

Why this is needed

The cloud has transformed collaboration.

Tools that were once private, local, and single-user (e.g., word processors, spreadsheets, and design editors) are now multi-user systems built on centralized backends. Centralized, cloud-accessible servers make collaboration easy, but force users to trust the servers that store and manipulate sensitive data.

Risks

For journalists, activists, patients, and social-service organizations, these risks are not theoretical—they shape what can safely be said, shared, or built.

Our hypothesis

A trustworthy collaborative application can run on untrusted servers. Through careful use of cryptography, the application can ensure confidentiality and let users verify that servers act correctly. Through careful application design, neither users nor developers need to be exposed to low-level cryptographic details.

An encrypted space is a shared, persistent data system where:

• 01The server acts as a centralized data store and synchronization point, but is not trusted with plaintext user data.
• 02An application data schema defines what is encrypted, and what the server can see to support rich queries.
• 03Users verify cryptographic proofs to ensure that servers behave properly.
• 04The system enforces membership and access control, and handles key management and encryption.
• 05Participants know who can read and modify data, and all changes are attributed to their author.

How it works

The five components of an encrypted space.

An encrypted space is built from five components, each addressing a distinct need that arises as a group collaborates: membership state, a verifiable database with an append-only changelog, key management, a key retention system, and application-defined operations.

What we are prototyping

A sync engine designed for untrusted infrastructure.

To demonstrate the practicality of applications using encrypted spaces, we are prototyping a sync engine (like Firebase or Supabase) that stores data in an encrypted space. The low-level space code handles verifiable inserts, updates, and deletions of shared encrypted data.

The sync engine provides implementations of higher-level data structures to applications (e.g., Tables, Lists, and TextAreas). To clients, those structures appear like local data, but behind the scenes, the sync engine backs the structures with an encrypted space, and coordinates updates to provide clients with a shared, synchronized view.

A read/write against a space — the same SDK surface a Firebase or Supabase developer expects, with verification underneath.

Who’s behind the work

Encrypted Spaces is developed by a small group of researchers and engineers.

This work has been developed with close collaboration and support from the Cryptography Group at Microsoft Research and the Applied Social Media Lab at Harvard’s Berkman Klein Center for Internet & Society.

Connect with us

Encrypted Spaces is active research, not a finished system.

Read the whitepaper, try the prototype, or get in touch if you want to work on this with us. We’re building a broader constellation of research around these ideas.

Email the team[email protected]

For collaboration, questions, and other inquiries, reach us directly.