Verschlüsselung in der Cloud – selbst gemacht
Thomas Lorünser
AIT Austrian Institute of Technology GmbH
Linuxwochen 2015
What is the cloud?
The NIST Definition of Cloud Computing
Special Publication 800-145
- * Essential characteristics of cloud computing
- * Different Service models
- * Different deployment models
Essential characteristics of cloud computing
- * On-demand self-service
- * Broad network access
- * Resource pooling
- * Rapid elasticity
- * Measured services
Service models
- * Software as a Service (SaaS)
- * Platform as a Service (PaaS)
- * Infrastructure as a Service (IaaS)
Deployment models
- * Private cloud
- * Community cloud
- * Public cloud
- * Hybrid cloud
Public cloud service are everywhere
- * Dropbox
- * Apple with iCloud
- * Amazon AWS
- * Microsoft
- * Facebook?
Security threats
The Notorious Nine - Cloud Computing Top Threats in 2013
Cloud Security Alliance
|
|
What about the provider?
The public cloud and free services?
What are the basic incentives of free services?
What is the product?
Who pays for it?
Your are the product!
- * Your personal data are valuable!
- * Your personal data is sensitive data!
Why are people giving their data away?
- * Contacts
- * Pictures
- * Location
- * ...
Advantages of the public cloud
- * Ubiquitous access is very convenient
- * No need for an own infrastructure
- * More secure for private people?
But, do we have to give up all privacy for that?
=> A bug in the trust model!
My idea of a secure cloud storage
Provider cannot access the data!
- * Data must be encrypted
- * Provider has no access to the key.
=> Zero-knowledge provider
Zero-knowledge provider
|
|
The case of Safemonk
- * Proprietary solution
- * Depency on external services
- * Potential data loss
Can we make our own solution?
- * Protect integrity and confidentiality of data
- * Accessible from different devices
- * Without own infrastructure
- * Share data with teams and friends
- * Security is end-to-end
Cryptography as major ingredient
- * Symmetric cryptography as basic tool
- * Encrypt data before they are transferred
- * Use cryptographic file systems
What Cloud interfaces to use
Simple Storage Service
- * Object based storage interface
- * AWS de-facto industry standard
- * Linux drivers and fuse mount tools exists
Proprietary interfaces
- * Free services have own tools
- * Come with full blown GUI interfaces
- * Linux versions available for most services
Use filesystem level encryption
Advantages
- * Flexible file-based key management
- * Individual management of encrypted files
- * Access control through the use of public-key cryptography
- * Cryptographic keys only held in memory while file is open
Use filesystem level encryption
Disadvantages
- * File names, file sizes, modification timestamps
- * Number of files leaks
- * Directory structures leak
- * Write and access patterns
1. Approach - ownCloud
ownCloud - Pro/Contra
Advantages
- * Self-hosted plus encrypted
- * Rich functionality
- * Privacy-proxy
Disadvantages
- * Maintaining own infrastructure
- * Stability
- * Limited functionality
2. Approach - EncFs
EncFs - Pro/Contra
Advantages
- * Easy to use
- * Wide platform interoperability
- * Compatible with lower layer changes
Disadvantages
- * Security and privacy from file level encryption
- * SECURITY of implementation!!!
EncFs - Clients
Desktop
- * Linux commandline (enfs package)
- * Linux GUI: Cryptkeepter, GNOME Encfs Manger
- * Windows: encfs4win
- * MacOS tools
Mobile
- * Cryptonite
- * BOXCRYPTOR Classic
Web based
- * EncfsAnywhere
EncFs - Security
EncFS is probably safe as long as the adversary only gets one copy of the ciphertext and nothing more. EncFS is not safe if the adversary has the opportunity to see two or more snapshots of the ciphertext at different times. EncFS attempts to protect files from malicious modification, but there are serious problems with this feature.
EncFs - Problem
(in older versions, problems are partially fixed now; version 2.x will be even better)
3. Approach - eCryptfs
eCryptfs - Pro/Contra
Advantages
- * Good security
- * Maintained by large community
- * Good level of maturity
Disadvantages
- * Not so easy to use
- * Only for Linux (kernel level implementation)
- * Problems with network mounts
- * Problems with lower level syncs (cache)
More solutions available
- * Manual, e.g. 7-Zip
- * Truecrypt
- * Seafile
- * git-crypt
- * ...
Truecrypt
Many open problems
- * Stability is a problem: Always backup your data
- * No OSS solution available for multi user support
- * Secure protocol design for EncFs
- * New solutions with sound cryptographic designs
- * How to dynamically share data with friends/groups
Summary of OSS for secured cloud storage
- * The situation is very bad
- * No really usable and portable solutions available
- * Many proprietary protocols and no real standards
We need better/new OSS solutions
A community effort is required!
In eigener Sache
Project Archistar
Project PRISMACLOUD
Project CREDENTIAL