rose-squared-sdk 0.1.0

Privacy-preserving encrypted search SDK implementing the SWiSSSE protocol with forward/backward security and volume-hiding, compilable to WebAssembly
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

# Product Requirements Document: Rose-Squared SDK

## 1. Product Name

Rose-Squared SDK

## 2. Vision

To provide developers with a simple, secure, and privacy-preserving way to build searchable encrypted data vaults into their applications.

## 3. Target Audience

This SDK is for developers building applications that handle sensitive user data and require search functionality without compromising user privacy. This includes:

*   Developers of journaling apps, password managers, and note-taking apps.
*   Developers of secure communication platforms.
*   Developers of applications that need to comply with strict data privacy regulations.

## 4. Problem Statement

Users are increasingly concerned about the privacy of their data. They want to be able to store and search their data without service providers being able to access it. However, building a secure and private search system is complex and requires specialized knowledge in cryptography and security engineering.

## 5. Solution

The Rose-Squared SDK provides a complete solution for building private, searchable data vaults. It handles all the complexity of encryption, key management, and private search protocols, allowing developers to focus on their application's core functionality.

The SDK is based on the state-of-the-art RO(SE)² and SWiSSSE cryptographic protocols, which provide strong security and privacy guarantees. All data is encrypted on the client-side, and the server is treated as untrusted.

## 6. Features

*   **Private, Searchable Data Vault**: Create a secure vault for storing and searching sensitive data.
*   **Securely Add Documents**: Index documents under keywords without exposing the keywords or document content to the server.
*   **Privately Search for Documents**: Search for documents by keyword without revealing the search query to the server.
*   **Securely Delete Documents**: Remove documents from the search index in a way that prevents the server from learning which documents were deleted.
*   **Client-Side Encryption**: All data is encrypted and decrypted on the client's device, ensuring that the server never has access to unencrypted data.
*   **State Persistence**: The encrypted index can be persisted locally (e.g., in the browser's IndexedDB) or on a remote server.

## 7. Use Cases

*   **A Secure Journaling App**: A user can store their journal entries in an encrypted vault and search for them by keyword, without the app provider being able to read their entries.
*   **A Private Note-Taking App**: A user can store their notes, ideas, and other sensitive information in a private vault and search for them securely.
*   **A Secure Password Manager**: A user can store their passwords in an encrypted vault and search for them by website or service name.