Encrypt files in transfer to server, and on server, with multiple keys - encryption

I am currently in the process of making an online desktop of sorts, and one of the offerings that I will advertise is that the data on your online desktop is encrypted with your password, not our key. So instead of checking the password with a database then decrypting the data with our key, I would like to have each customers data encrypted with their password. The server will then try to decrypt the data with the password. If the decrypting is successful, the data is sent to the client for JavaScript or another language to organize and display. Otherwise, a failed password attempt is sent back. I would also like to completely take myself out of the equation with the passwords by making it impossible for the server to log the password or see the password in any way whatsoever, so your security is in your hands, not ours.
My question is what language would be best suited for that, and the proper methods and functions for doing this. Once I have that information, I will learn that language, and those methods and functions to do this.
I am not too worried about a quick release of hiring a dev as rite now this is a project I challenged myself to, and doing it for fun.
Thanks in advance!

Related

Deliver encrypted data and decrypt it client side

I'm working on a project with some sensitive data. I'm trying to do statistics about Facebook conversation with a client only website. Until now, I have a big JSON file of a Facebook conversation that I parse and do stuff with data. I want to be able to deliver this file only to my friends. So, what I thought is that I locally encrypt it (with I don't know yet which algo), deliver the encrypted file and give the password to my friend so only them can decrypt it. Do you think it will work and it will be secure enought ? I don't want someone to be able to bruteforce it or whatever, as it is private conversation. And do you have any recommendation about the algo I should use ?
You placed an abstract question so you may get only an abstract answer
deliver the encrypted file and give the password to my friend so only them can decrypt it. Do you think it will work and it will be secure enought ?
There are a few conditions to make encryption safe.
using any modern cipher which is not considered weak (e.g. AES-128 provides enough of security)
the encryption key is random (or password used to generate the key is long and random enough)
optionally you may add an authentication tag to ensure message integrity
And do you have any recommendation about the algo I should use ?
To encrypt data itself, any current modern cipher will do, e. g. aes, 3des,...
If you don't want to dive into security and you just want to encrypt a file, you can you some out of box tools which would do that for you. Try to look at openssl, pgp, gpg or nppcrypt (plugin for notepad++). Just make the password long and random.
The question is how do you get the key or password to your friend safely. You can either use different channel or using asynchronous (such as RSA or ECC). You can search, read, try out and ask more specific question

DPAPI Key Storage and Restoration

In light of the upcoming GDPR regulations, the company I work for is looking at upgrading their encryption algorithms and encrypting significantly more data than before. As the one appointed to take care of this, I have replaced our old CAST-128 encryption (I say encryption but it was more like hashing, no salt and resulting in the same ciphertext every time) with AES-256 and written the tools to migrate the data. However, the encryption key is still hardcoded in the application, and extractable within a couple of minutes with a disassembler.
Our product is a desktop application, which most of our clients have installed in-house. Most of them are also hosting their own DBs. Since they have the entirety of the product locally, securing the key seems like a pretty difficult task.
After some research, I've decided to go with the following approach. During the installation, a random 256-bit key will be generated for every customer and used to encrypt their data with AES encryption. The key itself will then be encrypted with DPAPI in user mode, where the only user who can access the data will be a newly created locked down domain service account with limited permissions, who is unable to actually log in to the machine. The encrypted key will the be stored in an ACL-ed part of the registry. The encryption module will then impersonate that user to perform its functions.
The problem is that since the key will be randomly generated at install time, and encrypted immediately, not even we will have it. If customers happen to delete this account, reinstall the server OS, or manage to lose the key in some other manner, the data will be unrecoverable. So after all that exposition, here comes the actual question:
I am thinking of having customers back up the registry where the key is stored and assuming that even after a reinstall or user deletion, as long as the same user account is created with the same password, on the same machine, it will create the same DPAPI secrets and be able to decrypt the key. However, I do not know whether or not that is the case since I'm not sure how these secrets are generated in the first place. Can anyone confirm whether or not this is actually the case? I'm also open to suggestions for a completely different key storage approach if you can think of a better one.
I don't see the link with GDPR but let's say this is just context.
It takes more than the user account, its password and the machine. there is more Entropy added to the ciphering of data with DPAPI.
See : https://msdn.microsoft.com/en-us/library/ms995355.aspx#windataprotection-dpapi_topic02
A small drawback to using the logon password is that all applications
running under the same user can access any protected data that they
know about. Of course, because applications must store their own
protected data, gaining access to the data could be somewhat difficult
for other applications, but certainly not impossible. To counteract
this, DPAPI allows an application to use an additional secret when
protecting data. This additional secret is then required to unprotect
the data. Technically, this "secret" should be called secondary
entropy. It is secondary because, while it doesn't strengthen the key
used to encrypt the data, it does increase the difficulty of one
application, running under the same user, to compromise another
application's encryption key. Applications should be careful about how
they use and store this entropy. If it is simply saved to a file
unprotected, then adversaries could access the entropy and use it to
unprotect an application's data. Additionally, the application can
pass in a data structure that will be used by DPAPI to prompt the
user. This "prompt structure" allows the user to specify an additional
password for this particular data. We discuss this structure further
in the Using DPAPI section.

Encrypting fields in openerp using db postgres

We are going to store some sensitive information about our customers in the db model res_partners.
However we don't want to store this information in a simple text field. We would prefer
some basic encrypting if possible for those fields. We do not want someone who
has access to the db to have access to these fields.
Is there a way we can get this done in openerp or postgres ?
Thank you,
Vishal Khialani
There is no such thing as "basic" encryption. Rot13 is not getting to get you anywhere here. If your data is sensitive enough to deserve protection, then you need to use state of the art cyphers such as Blowfish. I advise you give a good long look at Bruce Schneier's book Applied Cryptography
The easy (and insecure) way to achieve this is to overload the write and read methods of your model to encrypt before writing and decrypt after reading.
The tricky part is storing the encryption key. You could store it in a file on the computer running the OpenERP server (assuming the database is running on another server). This is still pretty weak, as the key will be available in clear on the server, but could still be useful if you don't trust your database server admin, but do trust you openerp server admin. It's still way easier to get the database server in a secure and trusted place, and if required to crypt offline copies of the database (such as backups).
If you want more security, you'll have to send the data encrypted to the client application, and let the decryption happen there, using a user-supplied key. I'm not enough knowledgeable of this part of openerp to say if it is easily feasible or not.

Best way to encrypt and decrypt persisted data in Node.JS?

I'm writing a Node.JS application that will store chat logs to a datastore (i.e. MongoDB), along with some other user information. I'm already using bcrypt to store salted hashes for user passwords, so I'm covered there.
What the best method of encrypting persisted data? I'm talking about sensitive user data such as phone numbers, and the chat logs. If my database gets compromised, I don't want this information being usable.
I do need two-way encryption/decryption, however, because I need to be able to use the plain-text values (i.e. the phone numbers are for Twilio, the chat logs are for users to see their old messages).
I'm looking into node-crypto but I haven't been able to find any examples of doing this in a performant/realtime fashion.
UPDATE: I should've mentioned that the chat "logs" are actually full conversations that get pushed to "rooms" in real-time when users join them (i.e. they can see the entire chat history, or at least a subset of it). So, I'd need to be able to encrypt and decrypt on the fly pretty quickly (if not in real-time, at least with some sort of worker process).
The best thing to do is use require('crypto').
You will however need to port it to the clientside. Good luck with that. (Shouldn't be too hard with browserify)
Do it all server side, if you do it client side you will need to expose your encryption keys.

Encrypt data from users in web applications

Some web applications, like Google Docs, store data generated by the users. Data that can only be read by its owner. Or maybe not?
As far as I know, this data is stored as is in a remote database. So, if anybody with enough privileges in the remote system (a sysadmin, for instance) can lurk my data, my privacy could get compromised.
What could be the best solution to store this data encrypted in a remote database and that only the data's owner could decrypt it? How to make this process transparent to the user? (You can't use the user's password as the key to encrypt his data, because you shouldn't know his password).
If encryption/decryption is performed on the server, there is no way you can make sure that the cleartext is not dumped somewhere in some log file or the like.
You need to do the encryption/decryption inside the browser using JavaScript/Java/ActiveX or whatever. As a user, you need to trust the client-side of the web service not to send back the info unencrypted to the server.
Carl
I think Carl, nailed it on the head, but I wanted to say that with any website, if you are providing it any confidential/personal/privileged information then you have to have a certain level of trust, and it is the responsibility of the service provider to establish this trust. This is one of those questions that has been asked many times, across the internet since it's inception, and it will only continue to grow until we all have our own SSL certs encoded on our fingerprint, and even then we will have to ask the question 'How do I know that the finger is still attached to the user?'.
Well, I'd consider a process similar to Amazons AWS. You authenticate with a private password that is not saved remotely. Just a hash is used to validate the user. Then you generate a certificate with one of the main and long-tested algorithms and provide this from a secure page. Then a public/private key algorithm can be used to encrypt things for the users.
But the main problem remains the same: If someone with enough privileges can access the data (say: hacked your server), you're lost. Given enough time and power, everything could be breaked. It's just a matter of time.
But I think algorithms and applications like GPG/PGP and similar are very well known and can be implemented in a way that secure web applications - and keep the usability at a score that the average user can handle.
edit I want to catch up with #Carl and Unkwntech and add their statement: If you don't trust the site itself, don't give private data away. That's even before someone hacks their servers... ;-)
Auron asked: How do you generate a key for the client to encrypt/decrypt the data? Where do you store this key?
Well, the key is usually derived from some password the user has chosen. You don't store it, you trust the user to remember it. What you can store is maybe some salt value associated to that user, to increase security against rainbow-table attacks for instance.
Crypto is hard to get right ;-) I would recommend to look at the source code for AxCrypt and for Xecrets' off-line client.
Carl
No, you can't use passwords, but you could use password hashes. However, Google Docs are all about sharing, so such a method would require storing a copy of the document for each user.

Resources