The deployment of autonomous AI agencies capable of delegated reasoning over organizational and personal knowledge domains introduces fundamental privacy and security challenges that existing Retrieval-Augmented Generation (RAG) architectures cannot address. Traditional RAG systems require plaintext access to domain knowledge for retrieval and policy evaluation, fundamentally precluding their use with sensitive, proprietary, or regulated data. We present TorusDB RAG, a cryptographically protected RAG architecture that enables autonomous AI agencies to retrieve and reason over domain knowledge while the knowledge itself remains encrypted at all times. Through the integration of NER-based cryptographic pseudonymization (Tokenis), elliptic-curve homomorphic encryption, policy-aware encrypted query execution, and verifiable retrieval receipts, TorusDB RAG establishes a novel trust boundary: AI systems may reason over knowledge they are cryptographically prevented from possessing. This work introduces formal security proofs demonstrating resistance to knowledge extraction attacks, privacy guarantees for personal data, and cryptographic enforcement of access policies. We further present the architectural foundations for deploying autonomous AI agencies that can perform delegated reasoning tasks while maintaining strict confidentiality guarantees, enabling a new paradigm of privacy-preserving artificial intelligence.
Lee et al. (Fri,) studied this question.