NuCypher leads the advancement of big data security with a state-of-the-art re-encryption cryptosystem for Kafka. Purpose-built for streaming sensitive data in compliance with strict governance and regulatory requirements, NuCypher enables granularly encrypted messages and brings encryption at-rest to the Kafka protocol. NuCypher arms security professionals with new capabilities for eliminating single points of failure and reducing their attack surface.

State-of-the-Art Encryption.
Uses AES256-GCM and standardized ECIES elliptic curve encryption (ANSI, IEEE, ISO, NIST curves).
Automated, policy-based encryption.
Protects sensitive data in AVRO and JSON file formats.
Cryptographic enforcement of ACLs.
Integrates with Ranger/Sentry and AD/LDAP authorization groups to protect against insider risks.
Fine-grained decryption permissions.
Field-level granularity.
FIPS 140-2 Compliant.
Industry standard Key Management Interface Protocol (KMIP) support for leading Hardware Security Modules.
Encryption at-rest.
Data written to disk can now be protected at rest.

Make Your Data an Asset


NuCypher Kafka supports granular encryption and fine-grained decryption permissions. Combined with encryption at-rest and end-to-end encryption in-transit (even broker-side), it enables secure messaging and microservices. It works seamlessly across your entire environment — on-premise, hybrid, and public cloud.
Kafka Architecture