Arcanum - Client side encryption based file storage service.

48 %
52 %
Information about Arcanum - Client side encryption based file storage service.

Published on March 13, 2014

Author: yashinm



Presentation given at Kaspersky Cyberconference MEA round.

INTRODUCTION #whoami • Yashin Mehaboobe • Independent Security Researcher, Student • Speaker – Nullcon, c0c0n, Toorcon and HITB

CURRENT SITUATION • Systems such as dropbox or box does not allow secure transfer of files • Easy and secure transfer of files need technical knowledge • The layman does not understand concepts such as PGP and asymmetric encryption

WHAT IS ARCANUM? 4 •An asymmetric encryption based file storage service. • Intended to allow the sharing of files between clients securely. •The client handles encryption as well as decryption. •The server merely handles file storage and user management. •This ensures that even if the server is compromised, the user data is not. •The server extends a REST based API to clients.

MODULES 5 Client side Handles encryption,decryption and key generation Server side Handles file storage and user management

CLIENT SIDE - OVERVIEW 6 •Completely handles encryption, decryption as well as user credential storage. •Communicates with the server over HTTP •The private key is stored locally while public key is sent to the server. •Connection is SSL secured •Authentication is HTTP Basic Authentication

CLIENT SIDE - REGISTRATION 7 •During registration a RSA 2048 bit public/private keypair is generated •The public key is sent to the server while the private key is stored locally •The username, password and email is also sent to the server. •APIs used:  /create/ for registration

CLIENT SIDE - SENDING 8 •Sending file:  Get the public key of the user to send to  Generate AES Key  Encrypt file with the generated AES Key  Encrypt AES Key with RSA Public Key  Prepend encrypted AES key with encrypted file  Send file to server •APIs used:  GET /send/username to get the public key  POST /send/username to send the file

CLIENT SIDE - RECEIVING 9 •Receiving file:  Fetch file from server  Decrypt AES key using RSA private key (locally stored)  Decrypt rest of the file using AES key. •APIs used:  GET /receive/all to get list of files  GET /receive/number to fetch a particular file

SERVER SIDE 10 •Uses a bucket file storage system •Database used is sqlite3 •Passwords are stored as MD5 hashes •Exposes a REST API so the clients can be easily created. •Created using flask, sqlalchemy and restful.

ENCRYPTION 11 • Handled by Keyczar • AES-256 for symmetric encryption • RSA 2048 for asymmetric • HMAC for data integrity • SSL for security in transit





TODO 16 • Web interface (partially done) • Change to digest authentication • Encrypt local keys

REQUIREMENTS 17 •Python 2.7 •Server: flask,flask-httpauth,ofs,pairtree •Client: requests, keyczar, pyqt •Minimum requirements: • 512 MB RAM • Dual core processor • Atleast 1 GB storage.

WRAPPING UP 18 • Code is available at: • • • Completely functional • Multiplatform • Further clients are being developed

THANK YOU 11-13 марта, 2014 Korea University, Seoul, Korea

#whoami presentations

Add a comment

Related presentations

Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...

In this presentation we will describe our experience developing with a highly dyna...

Presentation to the LITA Forum 7th November 2014 Albuquerque, NM

Un recorrido por los cambios que nos generará el wearabletech en el futuro

Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...

Microsoft finally joins the smartwatch and fitness tracker game by introducing the...

Related pages

GitHub - Sp3ctr3/arcanum-server: An asymmetric encryption ...

arcanum-server - An asymmetric encryption based file storage service. arcanum-server - An asymmetric encryption based file storage service. Skip to content.
Read more

Arcanum - Client side encryption based file storage service.

A Symmetric Key Generation for File Encryption and Protection using/by USB Storage Device
Read more

Asia-Pacific and MEA Round 2014 – Academy – English ...

... / Asia-Pacific and MEA Round 2014. ... Client Side Encryption Based File Storage System/Yashin ... Arcanum is a file storage service that uses a ...
Read more

File Encryption - Documents

File Encryption Software AxCrypt 1.7.2614.0 1. File Encryption Software AxCrypt 1.7.2614.0If youd like to send an encrypted file to a friend as an email ...
Read more

Arcanum Manual - Documents

Share Arcanum Manual. ... erring on the side of ... a brief Overview of How Characters are Made he Character creation system employed by Arcanum is based ...
Read more


¿Qué podemos decir?. En Peliculotas nos dedicamos a subir peliculas completas en español latino sobre todos los géneros. Disfruta y comparte.
Read more

Installing and Configuring Windows Server 2012 -

of encryption and permissions ... service in the File and Storage ... selects the Always Available Offline option for a server-based file, folder, or share ...
Read more