The idea of a decentralized firearms registry adds even more challenges, though, because thousands of county officials would need to hold the decryption keys for their locality’s data, maintain those keys over time as people change jobs, and establish some sort of trusted entity that still wouldn’t be able to see all of the data in aggregate, but could act as a gatekeeper for systemwide queries. Once those components are established, the data can remain fully end-to-end encrypted at all times, making it extremely difficult for an attacker to steal the information when it’s sitting around “at rest” in the database, or snoop on it while it’s “in transit” across the internet. It’s what cryptographers call a “secure multiparty computation” problem.
“The real-world implications of this were something I cared about and wanted to think about more,” Brown’s Qin says. “I knew we needed to put our minds together, because to me it did not seem obvious at first how you would do all of this. Secure multiparty computation is quite resource-intensive, and we needed to accommodate the legislative nuances.”
On top of all the other challenges, the system also needs to be easy to use for government officials who most likely wouldn’t have any specific knowledge of cryptography. And it requires other protections built in as well, like “rate limiting,” so officials could automatically prevent someone running a suspicious number of queries.
The basic structure of the system the researchers devised looks like this: Each local official who manages the gun registry data in their county would hold the encryption key for that data on a physical authentication token, like a Yubikey. To answer queries—release data, in other words—about the county’s current or former constituents, the official would authenticate themself and authorize data queries by producing the physical key. When a new person took over the job, the outgoing official would hand over the physical token as they would the key to a filing cabinet.
The system has a mechanism to reconstruct the key in the event that a local official is indisposed or loses their token. It works by having the official give “key shares” to colleagues, or trusted peers in neighboring counties. At least two of the three shares must come together to authenticate. The idea is to create a fallback mechanism that allows officials to choose like-minded or otherwise trusted custodians, reducing potential concerns about misuse. The key shares could also be revoked, so when a job turns over the new official can appoint their own key share holders.
To query the database at a national level, or run a gun trace, there needs to be some type of “global directory,” as the researchers call it, that indexes all the data in some form. This way someone making a query is automatically redirected to the right place rather than having to individually ask if someone has registered a firearm in each of the 3,006 counties in the US. But if the global directory simply compiled all of the data, it would defeat the purpose of the entire project. So the researchers devised two crucial components to solve the problem.
First, the global directory only indexes identifiers like firearm serial numbers and registrant IDs, rather than a full suite of information. And a more nuanced feature the researchers propose is that two or more groups, potentially nongovernmental organizations with opposing interests, hold key shares that are required to query or even update the global directory. The researchers use the National Rifle Association and the American Civil Liberties Union as examples of entities that likely would not have an interest in colluding to undermine the integrity of the system by putting their shares together to authorize abusive activity. But if both agreed to be custodians of the global directory, they would provide their shares for legitimate queries and system maintenance.
These organizations wouldn’t be able to clandestinely access information in the global directory without the other, and even if they could, the information in the global directory is limited, and everything in it remains fully encrypted at all times. The only decrypted information that’s accessible to entities authorized to run queries is the information that would come back if local officials chose to release it.