Secure Systems Group

Blog for Helsinki Area Secure Systems Collective.

Monday, February 22, 2016

OmniShare: Encrypted Cloud Storage for all your Devices

Cloud storage services like Dropbox and Google Drive are widely used, but security and privacy are often cited as serious concerns. One solution is to encrypt data on the client devices before it is uploaded, but this introduces a "key distribution" problem - how do you share the decryption key with all your devices? Some services sidestep this issue by deriving these keys from your password, but this does not offer much security since passwords are notoriously easy to guess. To overcome this challenge, we have developed OmniShare, the first system to combine client-side encryption using high-entropy keys with a suite of secure, yet intuitive, key distribution mechanisms. Based on your devices' capabilities, OmniShare automatically selects the best mechanism to transfer your decryption key securely between your devices. All you have to do is scan a QR code or bring your devices close enough for them to communicate over an ultrasonic channel. OmniShare also allows you to share individual encrypted files with other users. OmniShare is open source software and a beta version is currently available (for closed beta testing) on Windows and Android.

How secure is your cloud storage? 

Cloud storage services, such as Dropbox and Google Drive, are increasingly being used by individuals and businesses. A 2015 EU survey showed that at least one in every five people in Europe use cloud storage services. The two main benefits cited by users are the abilities to 1) use files from several devices or locations and 2) easily share files with other users. However, of the respondents who chose not use cloud services, 44% said that security and privacy were important concerns.

Who has your data? All major cloud storage providers use a variety of good security measures to protect your data. For example, they encrypt the data in transit as it is uploaded and downloaded, and they also encrypt the data at rest while it is stored on their servers. However, the cloud providers themselves still have access to this data. Even if the provider is completely trustworthy, this still increases the risk of your data falling into the wrong hands. For example, if the provider suffers a data breach, will your data be secure? Some of the provider's staff have legitimate access to the data for development or maintenance purposes, but what could a disgruntled employee do with this access? Depending on where the cloud provider is located, could the provider be legally forced to disclose your data?

Client-side encryption: Encrypting data on the users' devices before uploading it to the cloud is an effective way to mitigate these risks. However, users want this data to be accessible from all their devices. For example, if Alice encrypts a file on her PC and uploads it to the cloud, she also wants to access it from her smartphone. If this file is encrypted, her smartphone must have (or be able to obtain) the relevant decryption key. Naturally, these keys should not be managed by the cloud service provider due to the risks described above. So now we have a key distribution problem: how can Alice securely distribute her decryption key to all her devices?

The problem with passwords: Current encrypted storage services like SpiderOak and Tresorit sidestep the key distribution problem by deriving keys from the user's password using a deterministic password-based key derivation function (PBKDF). Both Alice's PC and smartphone can derive the same key from Alice's password. However, it is well-known that human-chosen passwords are relatively easy to guess, so this approach does not provide very strong security guarantees. To avoid deriving keys from weak passwords, services like Viivo, BoxCryptor, and Sookasa use additional servers to manage and distribute keys, but this adds cost and introduces new vulnerabilities.

To address these challenges, we have developed a new system called OmniShare. Here is a two minute summary of what OmniShare is. Read on for a longer explanation.

OmniShare runs as a client-side app on each of your devices. When you upload a file to your cloud storage (e.g. Dropbox) using OmniShare, the app automatically encrypts the file with a strong (i.e. high entropy) key. Since the files are encrypted on your own device, there is no longer a risk of your cloud provider losing, leaking or disclosing your data. The encryption keys are securely generated and stored on your own device. For additional security, these keys can be kept in a hardware-backed key-store or protected by a Trusted Execution Environment (TEE).

Key distribution: To solve the key distribution problem, OmniShare provides a suite of mechanisms to securely transfer your keys between your devices. These mechanisms are based on the insight that you can bring your own devices physically close together in order to establish an out-of-band (OOB) communication channel. For example, if one of your devices has a screen and the other has a camera, OmniShare can display a QR code on the first device and ask you to scan it from the second. If one device has a speaker and the other has a microphone, OmniShare can pair your devices using ultrasonic communication (the same technique that is used in the Google Chromecast devices). OmniShare automatically chooses the best mechanism based on your devices' capabilities. The majority of the communication takes place via the cloud storage service itself, but the local OOB communication between devices ensures that the key is transferred to the correct device. This approach is both usable and secure and, as you can see, avoids the problem with passwords.

Sharing: To support the full range of cloud storage functionality, OmniShare also allows you to share selected files with your friends and colleagues. The files remain encrypted throughout this process, and OmniShare securely transfers the decryption keys to the other user. Again, OmniShare provides a suite of intuitive mechanisms for achieving this, including: Bluetooth, Near Field Communication (NFC), and ultrasonic communication.

Open source security: OmniShare is open source software available under the Apache 2.0 license. It currently exists for Windows and Android, and an iOS version is in the works. We plan to open a closed beta test soon.

OmniShare was chosen as the overall winner in the MAPPING Privacy via IT Security competition and was demonstrated at CeBIT 2016.

Here is a video explaining OmniShare.

You can find more information and register to participate in the beta test from our official project page:

We have also published a technical report on arXiv describing the full details of this system:

For a brief overview of OmniShare, have a look at our slides from CeBIT 2016:

Development of OmniShare was supported by the Academy of Finland (via the CloSe project) and the Intel Collaborative Research Institute for Secure Computing.

OmniShare was initially developed as part of Nguyen Hoang Long's MSc thesis.

No comments:

Post a Comment