Cryptic, encrypted online storage (opens in new tab)

(kickstarter.com)

18 pointsdrchoc12y ago16 comments

16 comments

From the "For our technical readers" paragraph, it's unclear what cryptography model you are going for. On the one hand you say that the private key (albeit password protected) is sent to the server after it is generated, but on the other you say that only public key and encrypted data are sent to the server. Is the model fundamentally the same as Lavabit's, which was so devastatingly critiqued a few weeks ago by Moxie Marlinspike? [1]

Separately, how do you deal with the fundamental weakness of browser based security?[2] You say that the software will be open source, but will there be any mechanism to verify that the served javascript libraries on any particular visit match the sources on github? Will there be any minimization / compilation that would make such verification difficult or impossible to accomplish?

[1] http://www.thoughtcrime.org/blog/lavabit-critique/

[2] see e.g. http://www.matasano.com/articles/javascript-cryptography/

mediocregopher12y ago

Lavabit's model involved sending/receiving cleartext data to/from the server, and you had to trust that the server-side would not store that plaintext. In our model no unencrypted data, except for the public key, is ever sent to the server. All encryption is done inside your browser.

For your second question, all resources for the site, including javascript, are served over SSL. This will prevent about 99% of MITM tampering attacks. While we can't overcome the inherent weakness in SSL, or guarantee against compromise on the server-side, we are working on a browser extension which will check the code you receive from the server against what is in the repository, so you can at least be alerted of any inconsistencies.

And since the website is all open-source, we're going to make it simple to host it yourself, if you want to be extra-sure that it's not compromised.

EDIT: By "website" I'm referring to the frontend, in-browser code

orthecreedence12y ago

> When you go to Cryptic all files that you receive will be received over SSL. This is to ensure that you’re getting the correct code, and not a version compromised by some attacker.

This is the Lavabit way, I believe. However, it could be solved using a browser extension.

drchocOP12y ago

Cryptic will have a browser extension that will automatically verify the received code against a signed hash (also easily verifiable) on the open source repo. It is fundamentally different than Lavabit since everything that interacts with raw data is open source and verifiable. Someone is going to notice if the website is tampered with.

orthecreedence12y ago

You guys really might want to release a browser extension (and/or native apps) instead of a website. You're going to have a serious uphill battle convincing anyone in the security community that your webapp is secure against tampering. Even with code signing/verification.

Also, open-source it now! I've been in the process of launching something similar (think, client-side encrypted Evernote/Pinterest geared towards programmers/creatives/collaboration) and a lot of the great feedback I've gotten is from people checking out the source. Most of the people who care about the crypto aspects these days are the ones with 1s and 0s running through their heads, at least a good portion. They're going to want to see code.

Best of luck on the kickstarter!

marcopolo12y ago

Thanks! It's been open sourced since conception, here's the repo: https://github.com/cryptic-io/web. We choose a website because it has the smallest barrier of entry. We are planning on releasing a browser extension that would verify the code on the website against the open source repo to prevent tampering. We are planning on making a native app in the future as well.

theabraham12y ago

Looks like they're already open sourced on Github: https://github.com/cryptic-io

mediocregopher12y ago

Hey everyone! One of the Cryptic founders here. We'll be around to answer any questions anyone may have, so let us know what you think!

stopthemadness12y ago

I'm a happy user of Tarsnap. Why should I consider this solution? Also (playing devil's advocate for a moment) what's the best reason you can give for me to just keep using Tarsnap?

mediocregopher12y ago

I've never personally used tarsnap so take everything I say with a grain of salt here. But Cryptic offers a much easier experience for the average user, being that it's entirely in-browser and not cli-based. We also give users the ability to share their files with others through the browser, which I don't think is as straightforward with tarsnap.

To play the devil's advocate, if you're already a happy user of tarsnap then you (like me, in fact) are probably quite comfortable on the command-line, and may even prefer it. As of right now Cryptic doesn't have a command-line utility, although building one is definitely on our radar! But until then you may find it more comfortable. Thanks for checking us out though!

jaryd12y ago

In this case, does client side encryption mean that it's happening in the user's browser?

marcopolo12y ago

Yes! It's using the excellent Stanford Javascript Crypto Library. Source here: https://github.com/cryptic-io/web

tmikaeld12y ago

Two things that are not very clear:

1. The kickstarter is for an upcoming cloud version of Cryptic?

2. Parts are open source (Eclipse), but not intended for self-hosting?

drchocOP12y ago

Sorry about that, let me try to clear things up: Cryptic itself is a online file storage, so there is really only the cloud version of Cryptic (for now).

1. The kickstarter is to fund development and servers for the online file storage + web app.

2. Anything client side will be open sourced, and can be self-hosted. You could host the Cryptic site right now locally, and use a local version to interface with cryptic servers.

tmikaeld12y ago

But the Cryptic site is always involved, right?

So the storage is always provided by you, and that is what the client pay for in GB increments?

1 more reply

j / k navigate · click thread line to collapse

16 comments

bradleyjg12y ago

[1] http://www.thoughtcrime.org/blog/lavabit-critique/

[2] see e.g. http://www.matasano.com/articles/javascript-cryptography/

mediocregopher12y ago

And since the website is all open-source, we're going to make it simple to host it yourself, if you want to be extra-sure that it's not compromised.

EDIT: By "website" I'm referring to the frontend, in-browser code

orthecreedence12y ago

> When you go to Cryptic all files that you receive will be received over SSL. This is to ensure that you’re getting the correct code, and not a version compromised by some attacker.

This is the Lavabit way, I believe. However, it could be solved using a browser extension.

drchocOP12y ago

orthecreedence12y ago

Best of luck on the kickstarter!

marcopolo12y ago

theabraham12y ago

Looks like they're already open sourced on Github: https://github.com/cryptic-io

mediocregopher12y ago

Hey everyone! One of the Cryptic founders here. We'll be around to answer any questions anyone may have, so let us know what you think!

stopthemadness12y ago

I'm a happy user of Tarsnap. Why should I consider this solution? Also (playing devil's advocate for a moment) what's the best reason you can give for me to just keep using Tarsnap?

mediocregopher12y ago

jaryd12y ago

In this case, does client side encryption mean that it's happening in the user's browser?

marcopolo12y ago

Yes! It's using the excellent Stanford Javascript Crypto Library. Source here: https://github.com/cryptic-io/web

tmikaeld12y ago

Two things that are not very clear:

1. The kickstarter is for an upcoming cloud version of Cryptic?

2. Parts are open source (Eclipse), but not intended for self-hosting?

drchocOP12y ago

Sorry about that, let me try to clear things up: Cryptic itself is a online file storage, so there is really only the cloud version of Cryptic (for now).

1. The kickstarter is to fund development and servers for the online file storage + web app.

2. Anything client side will be open sourced, and can be self-hosted. You could host the Cryptic site right now locally, and use a local version to interface with cryptic servers.

tmikaeld12y ago

But the Cryptic site is always involved, right?

So the storage is always provided by you, and that is what the client pay for in GB increments?

1 more reply

j / k navigate · click thread line to collapse