Skip to content

Instantly share code, notes, and snippets.

@MarcoPolo

MarcoPolo/deets.md

Last active December 28, 2015 22:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save MarcoPolo/7574118 to your computer and use it in GitHub Desktop.
Save MarcoPolo/7574118 to your computer and use it in GitHub Desktop.
Download ZIP
Cryptic Crypto Details
Raw
deets.md

Cryptic's Crypto Details:

Registration

In-browser

  • The user chooses a username and password
  • A pub/priv key is generated and stored in a structure called the user blob. (A user will have the option to upload their own set of keys too)
  • The user blob also contains a file tree which will store uploaded files (with their encryption key) and folders (for organizing files).
  • The user blob is encrypted with the PBKDF2 hash of the user's password.

Server-side

  • The server stores the encrypted user blob, publickey, and username. The blob is signed with the user's private key and checked against the public key server-side.

Login

Server-side

  • The server receives a request for a username's blob. So it hands the encrypted blob over.
  • There is a 2 Factor authentication method, that the server can check, so it would only return the encrypted blob if the 2 factor auth checks out.

In-Browser

  • The user hashes their password and attempts to decrypt the received user blob. If successful then they have access to their private key and have successfully logged-in.

File Upload

In-Browser

  • Files are split into ~2MB chunks.
  • Each is encrypted using CCM AES-256 with a randomly generated password (seeded with window.crypto.getRandomValues in browsers).
  • a manifest file is created to keep metadata and track all the file chunks.

Server-side

  • Each encrypted chunk is uploaded to the server, where the server returns a chunk reference name.
  • The manifest, updated with all the chunk names and keys, is then uploaded the same way.
  • The returned reference name for the manifest is stored in the user blob's file tree.

Known Vulnerabilities

  • The biggest vulnerability is XSS attacks. Any XSS will completely destroy the crypto system.
    • Mitigating by working in the open, with a lot of eyes. And keeping the site a simple as possible (more features -> more bugs) *Compromised Server. This would result in tampered code that differs from the open source repo.
    • The open source should provide a venue for someone to notice if a server has been comprimised. So it would not go unnoticed.
    • Browser extension that will verify the webapp against signed hashes (that can be verified) on the open source repo automatically
    • Ability to run the site locally, or native applications.
  • Exploits in Native applications
    • This follows with the XSS attacks, hopefully, by developing in the open with a lot of eyes, these problems can be mitigated.
  • An encrypted user blob can be targeted and bruteforced/(standard password guessing) offline, provided the user didn't use 2 factor authentication.
    • Random salts are used per user, and the iteration count on PBKDF2 is set to be high to make brute forcing infeasible.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment