Puzzle Lock
-
Upload
senad-aruc -
Category
Documents
-
view
44 -
download
1
Transcript of Puzzle Lock
Cloud Puzzle LockSenad ARUCH
SENIOR SECURITY SPECIALIST
Communication Valley - Reply
Davide CiocciaNicola Gobbo
Alessandra Pranzo
2
Why we are using the cloud drive services?• always online, backup, redundancy.• possibility to share files in faster way• more space than classic email services• flexibility and easy share
3
What we store in this cloud drives?• to store our documents, photos and other files• to backup our mobile devices• to share our company documents• for online backup
and more …
5
How secure is this cloud drive?• username and password • some of them offers 2 way authentication• some of them are encrypted
8
Why we build and our aim here….
Cloud Puzzle Lock helps users to use the cloud drives inmore secure way. NSA interceptions and industrialespionage is main risk against todays privacy andintegrity. The biggest challenge in this project is to usethe technology that we have in our hands.
Why?
CPL use more than four security levels distributedaround the globe. Every file that users upload using theCPL solution will became a real puzzle with multipleencryptions.
How?
9
Why we build and our aim here….
How it works?
When we request a file stored on distributed system the CPL with collect the puzzles,decrypt and build the whole puzzle “file” for us in full automatic way. CPL is also capableto use Two-‐man rule to encrypt and distribute a confidential data.
How secure is?
CPL security will be very hard to crack because allwell know cloud drives like DropBox andGoogleDrive uses a two-‐way authentication. Andthe attacker must hack all four cloud drives toretrieve the all encrypted puzzle pieces. This is likeimpossible.
10
Why we build and our aim here….
Who is the target?
CPL can be sold like service or like appliance with preinstalled CPL based on Hadoopclusters distributed around the globe for Government, Intelligence agencies and bigcompanies where they need to access and share files in easy and secureway.
…but why not you?
11
More than one person encryption and decryption NATO standard.
How secure you want to make your files?
The two-‐man rule is a control mechanism designed to achieve a high level of security for especially critical material or operations.
Under this rule all access and actions requires the presence of two authorized people at all times.
For Cloud Puzzle Lock this is the minimum. It can simulate the N-‐man rule option to grant more protection. If you want, you can open the file only if you have all people acknowledgement.
12
Classic Way of stored files in the cloud drives.
The risk in this case is that the files are in WHOLE so if your login details get compromised you files are accessible.
secret.pdf10.MB
File Browser:
13
Classic Way of stored files in the cloud drives.
Even if your files are encrypted they are not in safe because of the NSA, we all know that NSA can crack any type of encryption.
secret.pdf.gpg10.MB
File Browser:
14
Classic Way of stored files in the cloud drives.
Without the Cloud Puzzle Lock the file structure is like this.
secret.pdf10.MB
File Browser:
prototype.pdf6.MB
Plan.docx2.MB
15
Cloud Puzzle Lock way of stored files in the cloud drives: process.
secret.pdf10.MB
secret.pdf.pl42.5MB
secret.pdf.pl22.5MB
secret.pdf.pl32.5MB
secret.pdf.pl12.5MB
C.panel
secret.pdf10.MB
secret.pdf.p12.5MB
secret.pdf.p42.5MB
secret.pdf.p32.5MB
secret.pdf.p22.5MB
drag&drop
Splitting the file multiple to how many cloud
drives user have.
secret.pdf.pl42.5MB
secret.pdf.pl22.5MB
secret.pdf.pl32.5MB
secret.pdf.pl12.5MB
Encrypting the puzzle piece with 1th private PGP key
Encrypting the puzzle piece with 4th private PGP
keyEncrypting the puzzle piece with 3th private PGP key
Encrypting the puzzle piece with 2nd private
PGP key
12
3
3 3 3
44
4 4
16
File Browser:
plan.docx.pl10.5.MB
Cloud Puzzle Lock way of stored files in the cloud drives: Result.
secret.pdf.pl22.5.MB
File Browser:
plan.docx.pl20.5.MB
secret.pdf.pl32.5.MB
File Browser:
plan.docx.pl30.5.MB
secret.pdf.pl42.5.MB
File Browser:
plan.docx.pl40.5.MB
prototype.pdf.pl11.5.MB
secret.pdf.pl12.5.MB
prototype.pdf.pl31.5.MB
prototype.pdf.pl21.5.MB
prototype.pdf.pl41.5.MB
17
…and in your private FTP Server
FTP server
You can store one puzzle piecein your private FTP Server.
With this solution no-‐one who hack your cloud repository can rebuild your private file.
There is only one-‐way: Hack your private FTP Server
18
Puzzle lock is a new way to store and share your TOP Secret files with unique technology against the interceptions.
The system uses the storage and computing power of the well knows cloud drive providers.
The system is splitting the files to a puzzle on the cloud drives its like a HDFS from Hadoop.
Every puzzle piece is encrypted with different private key
Every puzzle piece is stored on separated cloud drive
But you will see one file&one drive
Thanks.Senad ARUCH [email protected]