Successfully reported this slideshow.
Your SlideShare is downloading. ×

CrypTag: Building Encrypted, Taggable, Searchable Zero-knowledge Systems

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Loading in …3
×

Check these out next

1 of 30 Ad

CrypTag: Building Encrypted, Taggable, Searchable Zero-knowledge Systems

Download to read offline

Internet users should be able to access their data from anywhere without having to trust the web applications and cloud services storing that data.

But there's a problem. Zero-knowledge storage systems are often impractical for web apps because they can't perform often-essential functionality on behalf of the user, such as search, since they don't have the password to decrypt that data in order to search it, and you can't search encrypted data. Or can you?

This presentation introduces CrypTag, a library that enables Go programmers to easily build applications that store encrypted user data that users can tag and securely, efficiently, remotely search by those tags without revealing anything about the nature of said data to the party storing it. That is, CrypTag is a library for easily creating encrypted, taggable, searchable zero-knowledge systems.

This talk covers the tricks behind how CrypTag works, the pros and cons of using CrypTag versus alternatives, includes a live demo of a useful open source CrypTag-based program, and is suitable for anyone who knows what a server is and is excited about leveraging encryption to help everyday users and geeks alike.

Internet users should be able to access their data from anywhere without having to trust the web applications and cloud services storing that data.

But there's a problem. Zero-knowledge storage systems are often impractical for web apps because they can't perform often-essential functionality on behalf of the user, such as search, since they don't have the password to decrypt that data in order to search it, and you can't search encrypted data. Or can you?

This presentation introduces CrypTag, a library that enables Go programmers to easily build applications that store encrypted user data that users can tag and securely, efficiently, remotely search by those tags without revealing anything about the nature of said data to the party storing it. That is, CrypTag is a library for easily creating encrypted, taggable, searchable zero-knowledge systems.

This talk covers the tricks behind how CrypTag works, the pros and cons of using CrypTag versus alternatives, includes a live demo of a useful open source CrypTag-based program, and is suitable for anyone who knows what a server is and is excited about leveraging encryption to help everyday users and geeks alike.

Advertisement
Advertisement

More Related Content

Similar to CrypTag: Building Encrypted, Taggable, Searchable Zero-knowledge Systems (20)

Advertisement

Recently uploaded (20)

CrypTag: Building Encrypted, Taggable, Searchable Zero-knowledge Systems

  1. 1. CRYPTAG BUILDING ENCRYPTED, TAGGABLE, SEARCHABLE ZERO-KNOWLEDGE SYSTEMS Steven Phillips / @elimisteve DEF CON's Crypto & Privacy Village 2015.08.08
  2. 2. THE PROBLEM/NEED We need to be able access our data over the internet without trusting the party storing it Non-technical users can't or won't self-host (when self- hosting is even possible)
  3. 3. CURRENT COMPROMISES Data is stored unencrypted (loss of privacy) Almost everything we use is like this Dropbox, Box, Google Drive, etc Data is stored encrypted, but can't be searched by the server Encrypted backup (e.g., Tarsnap)
  4. 4. CURRENT COMPROMISES (2) Data stays on one device Then you can't access your own data from your own devices None of these compromise "solutions" (1) allow the server to store your encrypted data, (2) let you remotely query this data and get back just the data you want (without having to download all of it, which can be impractical), and (3) reveal nothing about the nature of the data to the server storing it.
  5. 5. BOTTOM LINE Our data needs to be stored in encrypted storage systems for privacy, accessible from anywhere for convenience, but these systems need to be more practical -- and server-side search would help. "But the server can't search through your encrypted data without the encryption key!" Or can it?
  6. 6. WHAT IS CRYPTAG? CrypTag is a Go library for building encrypted, taggable, searchable zero-knowledge systems Lets you send a search query to a server that's storing your encrypted data, and only send you back the matching pieces of data E.g., "Of all my data, just give me my photos of Paris"
  7. 7. WHAT IS CRYPTAG? (2) The server searching through this data has no idea what it is, and it doesn't know what you're searching for. And yet, it finds it for you.
  8. 8. HOW CRYPTAG WORKS Two concepts: TagPairs, and Rows. TagPairs associate the human-readable plain text tag (e.g., 'paris' or 'gmail') with a randomly-generated string that the server stores in plain text.
  9. 9. HOW CRYPTAG WORKS (2) Example TagPairs stored on server:     {       "plain_encrypted": "NtZ+WzjTtyWdjOPX6uqr308voeOE",        "random":          "9xvv87937"      }     {       "plain_encrypted": "/1BijKByz4JqYzOTtJEoD4TlPy2FwZf0WrXG2gwZOX1ATN3/MA       "random":          "fqmt5fkw8"      }
  10. 10. HOW CRYPTAG WORKS (3) Data is stored in "Rows". Rows store arbitrary data and associated tags. Example Row stored on server: {    "data": "OcSufyNLTXwrjWW3ZSkWiVOBaM4OqJwevuFAO5RM",    "tags": ["9xvv87937", "fqmt5fkw8"]  } 
  11. 11. DEMO: ROW AND TAGPAIR CREATION, STEP BY STEP Using the cryptpass demo app, tell CrypTag to create a new Row (of arbitrary data) + associated tags cryptpass create mycr4zy4ssp4ss gmail email cryptagdemo@gmail.com tag4
  12. 12. CrypTag then... 1. Fetches all existing TagPairs from the server 2. Decrypts the encrypted human-readable tags (e.g., 'email') 3. Locally creates new TagPairs for the tags that don't already exist, generating new random tags associated 4. Locally creates a Row consisting of encrypted data (e.g., 'mycr4zy4ssp4ss') and the associated randomly- generated plaintext tags 5. Uploads the TagPairs and Row to the server
  13. 13. FEATURES NaCl-based crypto ("Networking and Cryptography Library", not Native Client) Libraries in many languages (JS, Python, etc) Pluggable backends Next: Amazon S3 bucket Webserver + filesystem Webserver + database SSH (coming soon)
  14. 14. MORE ON PLUGGABLE BACKENDS (Used by client programs) type Backend interface {      Encrypt(plain []byte, nonce *[24]byte) ([]byte, error)      Decrypt(cipher []byte, nonce *[24]byte) ([]byte, error)      AllTagPairs() (types.TagPairs, error)      TagPairsFromRandomTags(randtags []string) (types.TagPairs, error)     SaveTagPair(*types.TagPair) (*types.TagPair, error)      RowsFromPlainTags(plaintags []string) (types.Rows, error)      SaveRow(*types.Row) (*types.Row, error)  } 
  15. 15. COMPARING ALTERNATIVES TARSNAP Simple encrypted backups Can query files by filename No search
  16. 16. COMPARING ALTERNATIVES (2) CRYPTON (FROM SPIDEROAK) More complex "Session objects are required to interact with Transaction-based classes, like Containers and Messages." Node, Postgres, Redis WebSockets Transactions
  17. 17. But more full- featured Auth built in Messaging :-) No search
  18. 18. COMPARING ALTERNATIVES (3) TAHOE-LAFS Good sharing model Different key for each file Awesome replication model Built-in file versioning I can't wait for RAIC and Magic Folders!
  19. 19. Unfortunately, to get your data, you need the URL + contained password of every file/directory Idea: how about storing these URLs using CrypTag? :-) No search
  20. 20. MY FANTASY (WELL, ONE OF THEM) CrypTag app + Cheap, untrusted storage => Tag- searchable, zero-knowledge _______ Dropbox Store all your data in S3? your own server? Mailpile emails? "...you can use Mailpile with an existing GMail account, improving your privacy by configuring Mailpile to download the mail and then delete it from Google's servers."
  21. 21. Notes? Bookmarks? (my original use case) Contacts? Anything but rapidly-updating data? or GIANT data you don't want to query?
  22. 22. UPCOMING ADDITIONS TO CRYPTAG Timestamps "Give me the latest 10 files with the tags 'paris' and 'type:photo'" Allows for efficient updating of locally-cached TagPair Enables easy versioning! "Give me the most recent Row with tag 'filename:mydocument.doc'"
  23. 23. Sharing(?) Different key for each piece of encrypted data (Row)? Problem: which key is used to encrypt the TagPairs? Encrypt TagPairs with your own key? You can search your own server, others can't? Then you can still link people to individual pieces of data without giving up your main key, just the key for that data Need to think more about this Row deletion might be handy...
  24. 24. MOBILE SUPPORT Go 1.5 supports Android and iOS! Go 1.5rc1 hit 2 days ago Call CrypTag-wielding Go program/library from your mobile app Ubuntu Touch apps can be written in Go (or JS, or C++)
  25. 25. MY GOALS WITH CRYPTAG Convince project developers to use CrypTag ...or at least the idea of CrypTag (mostly TagPairs) Build useful apps with CrypTag Send me requests/ideas: @elimisteve Create CrypTag libraries for Python, JavaScript
  26. 26. MY GOALS WITH CRYPTAG (2) Write more CrypTag storage backends Webserver + file system storage backend almost done Next: Amazon S3 bucket Google Drive? Azure Cloud Storage? Web server + actual database?
  27. 27. Write data migration/re-keying tool Other devices just need crypto key and server info (auth credentials and URL) Explicit threat model Proper security audit of all < 1000 SLOC
  28. 28. TECHNICAL THANK YOUS Jonathan Rudenberg Crypto recommendation: AES -> NaCl's secretbox Joe Andrieu, Garrett Holmstrom, Sam Dolan Data migration, re-keying, sharing
  29. 29. PERSONAL THANK YOUS Jacob Appelbaum AJ Bahnken Gabrielle Molina
  30. 30. CRYPTAG github.com/elimisteve/cryptag Send me feedback/ideas: @elimisteve THANK YOU to the Crypto & Privacy Village organizers!

×