Skip to main content

Compared to Encryption

Encryption is the most common privacy tool. Ghost Protocol is not encryption. Understanding the difference is essential.

What Encryption Does

Encryption transforms readable data (plaintext) into unreadable data (ciphertext). The ciphertext can only be transformed back with the correct key.

Encryption provides:

  • Confidentiality during transit
  • Protection against unauthorized access
  • Secure communication between known parties

Encryption requires:

  • Key management (someone must hold the keys)
  • Trust in the encryption algorithm
  • The encrypted data to exist somewhere

What Ghost Protocol Does

Ghost Protocol creates cryptographic proofs that data exists without storing the data.

Ghost Protocol provides:

  • Non-existence of data in the system
  • One-time revelation
  • Unlinkability between commit and reveal

Ghost Protocol requires:

  • Secret management (you hold your own secrets)
  • Trust in the hash function and proof system
  • The commitment to exist on-chain

The Key Differences

Data Existence

Encryption: The data exists in encrypted form. Given the key, it can be recovered.

Ghost Protocol: The data does not exist in the system. The commitment is not the data; it is a fingerprint of the data.

Key Compromise

Encryption: If an attacker obtains your key, they can decrypt your data. The data is exposed.

Ghost Protocol: There is no key that "unlocks" a commitment. Knowing the secret lets you reveal, but revealing is a one-time action that consumes the commitment.

Future Attacks

Encryption: Encrypted data stored today can be decrypted later if the encryption is broken. This is called "harvest now, decrypt later."

Ghost Protocol: Even if the hash function is broken later, there is no encrypted data to decrypt. Breaking the hash would let attackers create fake commitments, but it would not reveal past commitments.

Reversibility

Encryption: Encryption and decryption are inverse operations. You can go back and forth between plaintext and ciphertext.

Ghost Protocol: Commitment and revelation are not inverse operations. Revelation does not "undo" commitment; it consumes it. There is no way to go back.

Third-Party Access

Encryption: If you share your key, others can decrypt your data repeatedly.

Ghost Protocol: If you share your secret, others can reveal your commitment once. After revelation, the commitment is consumed.

Encryption + Ghost Protocol

These systems are complementary, not competing:

Encrypt your secrets. While you hold your Ghost Protocol secrets, you should protect them with encryption.

Encrypt communications. When sharing secrets with intended recipients, use encrypted channels.

Encrypt backups. If you back up your secrets, encrypt the backup.

Ghost Protocol handles commitment and revelation. Encryption handles protection of the secrets themselves.

When Encryption Is Sufficient

Encryption is appropriate when:

  • You want to communicate securely with known parties
  • You want to protect data at rest that you control
  • Reversibility is desirable (you want to access the data later)
  • The threat model does not include future decryption

When Ghost Protocol Is Necessary

Ghost Protocol is necessary when:

  • Non-existence is stronger than confidentiality
  • One-time revelation is required
  • Unlinkability matters
  • The threat model includes future attacks on encryption
  • No trusted party should hold keys

The Practical Impact

Consider these scenarios:

Scenario: Storing financial records

  • Encryption: Records are encrypted on your server. A breach exposes ciphertext. A key theft exposes plaintext.
  • Ghost Protocol: Records are committed, not stored. A breach reveals nothing. There is no key to steal.

Scenario: Sending sensitive information

  • Encryption: Information is encrypted and sent. Recipient decrypts. Both parties can re-read indefinitely.
  • Ghost Protocol: Information is committed. Recipient reveals once. Neither party can reveal again.

Scenario: Proving a credential

  • Encryption: Credential is encrypted and presented. Verifier decrypts and sees the credential.
  • Ghost Protocol: Credential is committed. Verifier sees a proof that you have the credential, without seeing the credential itself.

The choice depends on what properties you need.