Merken

Cloud Storage Encryption with Cryptomator

Zitierlink des Filmsegments
Embed Code

Automatisierte Medienanalyse

Beta
Erkannte Entitäten
Sprachtranskript
and everyone we would like to start with talk on cloud storage encryption with could and you with the most instances and my name is to be orthogonal we have also currently studying mass of computer science at the university so we're very pleased to talk about of project at this year's frost so before we get started I would like to ask you a couple of questions before we have before we talk about the details could middle so you know that's now why cold storage encryption is so important for you so the 1st 1 is do you use any cloud storage service just to name a few drops drive 1 drive or maybe on cloud OK so most of you are using or and it's great so I personally use Dropbox and would like this field reports it has been around for 7 years now so we all familiar with the cloud storage so I don't have to expand anymore of so we use it either personally or even business wise because it's very convenient we have more and more devices when we have a smart smartphone that all went home and desktop computer or whatever so we would like to access all qualifies but without synchronizing the manually between all those devices because it would be totally annoying so we use concert service in our everyday life but no is another question do you trust this cluster so you're using right now regarding security and privacy maybe you already have a strong opinion this 1 maybe you trust and maybe you don't or maybe you indecisive because you say it depends on the file I would like to upload so let me as you some of questions simple ones which upload naked pictures of his head to the cloud the assumption that no probably not the best idea and would you upload maybe personal and yeah hello Dawkins of person person and sensitive information of to the cloud maybe scan of your identity card maybe not so where do you draw the line you want to upload to the cloud and what not so when it be great if you wouldn't even have to ask ourselves what size we upload them and so the the the key thing is here that we aren't in control of our data if we uploaded it out to a closed storage before that everything was fine and all local hard drive but now we put the fights in the clouds in some cases of farm and we just don't have control anymore we pretend to be in control because we are looking into a password-protected account but in reality we want so for example dropboxes even obligated by law that they develop their of your data if further law-enforcement requested so so what just happened you we use cluster assignments it's very convenient but now I've got this all these problems that we don't know what to up no 1 not in and suddenly became inconvenient so that would be great if we just get control of our data so another title of our talk easily been how do I gain control of my privacy in any clothes sources so that we still can you stop works but that we can trust or data to be secured so maybe you can also say OK we just talked about trusting control and
if we aren't in so maybe some of you could may say I can trust them and not not being controlled so for the book yeah I mean I'm a good citizen and had I have nothing to hide so what's even the deal so I would like to quote that for this 1 and he said arguing that you don't care about the right to privacy
because you have nothing to hide was no different than saying you don't care about free speech because you have nothing to say so I think is a powerful called because with we say the truth but and it's a beautiful comparisons but stop you don't want to get to political year and so let's look at a scenario say hello to Alice she wants to sort store some files the cloud so she has that of the cloud could be potentially dangerous maybe she wrote some worrisome news articles about celebrity photos getting hacked or maybe should just to Hollywood movies well they tend to put them in a bad light on the clock so she also that encryption might solve the problems so elasticity for tool which uses encryption to protect the privacy so that she gained control of private privacy again and she needed to this trustworthy it should always see what work well with clock synchronization and it should be easy to use so the last point is very important for us because if it's not easy to use and this wouldn't even bother trying it all so you have to always look for the typical user and not yeah maybe you just as the extension in the room so it should be easy to use so she found contaminated and this is what could permitted us it's optimized for people synchronization synchronization obviously and so it's it's doing that by encrypting each document for itself so individually and so the thing is could the later those only the encryption part and so it is provided independent so we can use any closer so as we want and we the call synchronization untouched good tomatoes obviously open-source otherwise it I wouldn't be talking the frost and so to of us who will talk about it later why open source so important and we always had in mind to keep it simple so this should be easy to use so could be made and does what it does best and nothing else here so and wants to stores to 5 in the class and she user-script a major like the middleman in between and this finds that are stored all the colors of race the finds it all starts from contaminated land in a password-protected ball so what happens in the will 5 getting credit that I you not only the phi connoisseur encrypted also define sign prepared and they land in afforded each sensor data there are also other types of fights for its and directory and we also have some it identifies the prefix of them there because sometimes just long finance and to be compatible with the file system you have committed to the idea but this is something that the user doesn't even have to worry about tolerance of automatically so what does good tomato obfuscated so obviously if contents which is the most important 1 also names highest size to some extent because we don't want to fill up you can also respect space with garbage data but to some extent font size and Dr. hierarchy so to put this in perspective but most of encryption to we've seen only 2 obfuscated high content and it's not even that common to all of his defined which we find the surprising and these other 2 is just the icing on the cake so this is how could the major works and just to remind you it's not that it's not a big container lot of all that has to be synchronized as a whole to the college it's these individual fights inside that are synchronized so if you know that it just 1 file inside or and and you find only this that has to be synchronized with the glottal space so now the best will talk about more well here open Importanc tell you some more insight about security and that it was In the light of if the effect that the Brand but at the top of the group and to the but that to take this so it now so OK why open source and I do realize this kind of a dumb question government source conference but there's some pretty along what reason why we chose committed being outsourced boldly especially when well some security profits or there are some advantages so 1st let's talk about the use of functions so anybody on what can go ahead and then if you finds a pocket can report and will develop a repository and especially when they're security weaknesses both kinds of SPARQL variable and 12 and and if someone wants to add features to the project just can't focus and that's something so and those of the so obvious advantages we know from that kind of every the around but there's more so especially when we are talking about trust so I think many of you heard about the letters to the relations about AT T and the N is a little and what I want you to ask yourself is what happens if only a single person at a huge company and is corrupt so His all the time employees and these companies they don't even know what other the colleagues was working currently on so and only a single person might be enough to implement a back some project and was talking about agency uh those of vector I don't they don't get get cover for years and this is something that cannot happen in an open source community project because we have the very opposite of the opposite case here if only 1 single person is not corrupt and all the other he might blow the whistle on the whole project and was he has a woody even has a chance of implementing lot of forcing somebody to add equals to the project so this constableship called ownership is very important when we're talking about security projects here so this is about trust but there's even more but 1st there's no question many people out there is an open source project less secure than a closed source 1 and performance others let's look at some typical of marketing that pages of different security products so the first one that we live with your by buttons obviously they what remain money with in and they talk about military strength encryption algorithm OK pretty clear right we don't really know what what this means about something is a solid 2nd different which call again later
with security seems to be some kind of thing this is on the right hand was on the side of something about going 56 today yeah whatever this this and as a kind of the ball and all this is trusted by the military and the government this needs to be equality right but all German government there's still using Windows XP so I don't really know what sort of the figure of the example and this 1 is designed for we like reliable security and again they have military strength data encryption so well pretty cool so that secret there is also no such thing as great security is made up of marketing Truman if you go before it won't even be able to try to find a definition for it so and what have we learned so far there own attributes security but they didn't really say anything about how the encryption really works and does this make use often more secure 1 might think think so but there is that the the principle called cops principle which basically says that the security of the system must not rely on the implementation of the algorithm you kept secure OK private but only on the key and so that means that there's no gain security by not publishing the encryption algorithms so there must be some different reasons the reasons why the marketing of it is don't tell us anything about the encryption and maybe is just because of their commercial interests because they want to sell the poor so they keep the private and well known that really the reason because the encryption is only a small part of the project this a lot more effort when the 2 went into the user experience and the workflow logic etc. so maybe there's a different reason maybe those for a set that quality maybe they don't want people to find ability and this is something where we have fossils that if this is the way we want to go and we said no we don't want people to find 1 abilities that is what was in of course so that's why we went ahead and where we have published on encryption scheme on website we have a video source code from GitHub because of cloning and the of the clause in the last 14 days and we open to structure communities and ask for and we got tons of feedback so by on this right page and by by e-mail from different persons who we they've they found when abilities and the report them is another 1 and what we fix them and today here we are so script permitted well we look at it from hi perspective they are on top for components fi article the user interface but let's concentrate on the on the core so there's some ripped off interface which is the front and the user entered by has to interact with which provides a good shot right on 1 can drag and drop files onto and off was that something of cryptographic in the middle and which was well the group of files written true and something called duration wonders and 2nd so that's the at right 1st but that is a protocol based on http and it's very you know which words used by all major operating systems supported natively and it allows us as a threat to and to mount this which hardware and as supported by all these major operating systems where the 2 just 1 of of application was which runs on all those of systems and well this is at the centre very much aware tested and has some different as something other like advantages 1 of them is that as HDP has this request response model and all the encryption and thus happens on the fly there are no left over on on your computer if you insert into a coffee for example if the application crash because this would have tried is just we have not much more than just which is where all the slides are intricate and decrepit on the fly and let me know about triples we have patterns of military secure and with just getting on well we have to be a set before we define an encryption for that we use sense something called synthetic initialization mode operation was a which is a deterministic mode so even if you open the file the time and encrypted but a lot of times the file name will always be the same so there won't be 20 different copies in your Dropbox folder and the file content from well before going through them and we read slice you find chunks each chunk is up to a 32 kilobytes in size and gets intricate using counter mode which is not but it is a canal but it needs additionally is something called age like to provide some integrity protection so we calculate the to encryption and when the states make yeah and so we prevents things like social cyphertext text and trust cannot be reordered and some different position etc. so those gentlemen work together and then we have younger provided which is then written to will sort of eyes obviously yeah as I said it was too we said before an synchronization is not all business so once we have written the file on the authors of your native synchronization kind of struggles would write what and what will see this change and start synchronized so let's talk about heat innovation we have something of river encryption all system so we can whether we get this for of when when we use the value type your password which is like a concurrent repulsive points on the and that's what we need is a to a 56 bit keys and this process of deriving is that this long key from Crenshaw pass through this is called key division and that there are different functions for this so the influence of kryptonite abuse kitty kitty of tool which is a pretty good but 1 of the community in a way that contributions was that we know of using script which is even better and regarding whether it be a brute force protection so that what others mean if if we divide these keys this function we use for this is very hard to quite a and this is not meant to be how to quickly so it takes a lot of time with minimal MS and this
is pretty OK when you enter your your correct parts what you can write the 2nd thing but when we try to brute force of all the different combinations of pathways we have and this will take a while and we're talking about a few thousand years here so nobody can wait this long when you press a professor so what can the individual and they can of course by a lot of hardware and run this proposing processing power and this is the the number of concurrent possible in the publishing of stripped of of how much and this topic would be what it if 1 1 but I would try to a crack the passwords in 1 year and that consist of a little bit better than can give to or if it was to OK so that and so we need a of them and affordable PCs I'm not even talking about some high-performance clusters here and workable specialized hardware which can only do calculations get used for the skid Europe divisions like for example the people ticket you to we use share of secure at with 2 and and and the father of what the device available today countries about 5 . 5 trillion hashes per 2nd which is a lot but it also but the law of energy so so this device uses more than 3 kilowatt and know if you if you do the calculations that if you buy and all of these machines because about through 2 thousand dollars and if you buy a lot of them you and possibly the most energy so I've made the calculation somewhere here yeah so you to to run all these machines you need 80 terawatts just comparison the lot of politicians produces 22 gigawatt so OK this might be a problem to drag so what if we might have the kid innovation and directly guess the 256 bit key so not the best idea but the huge number I no this is not the number of possible 206 bit keys this is about 1 thing billion of which is the approximate amount of sand grains on so this the model that is and this is the number of possible traffic think that he's just give you that understanding if we had to be more additions to the and this is 10 to the apology we have the approximate amount of atoms in our universe so OK we're talking about the system which is practically not really crackable but maybe there different approaches and 30 years now so let's talk about the because we have which is the human factor analysis to and this this need to that comic from the nicotine pretty much put much of what social engineering mean so we can either on the 1 on the left hand side we can either by the use multimillion-dollar machine and a few thousand stations and all this stuff and but it was because of a lot of money and there's a cheaper way we can also by like a baseball bat for example and try to be part of all of the post knowing it but even without violence there's 2 ways to perform the social engineering so take fishing for example you know fishing you all think of what he knows from some some fake customer service tricking you to click on a link where you have to provide the possibility although for a confidential and well yesterday and this may have worked but today we who would fall for this but like the people that have all world encounter security systems what more complex 10 today your account not only consist of your username to pass through but also we have like a ton of possible to recover settings and what official and maybe aim for this right so today overfitting might like this give customer please remember do not have a entirely possible anywhere but you have to reconfirm your possibly colors that so please go on to pretty convincing radii models about not entering a positive result was that the customer and yeah cities there are people still falling for the trick so what do we learn from from this where complexity it's true that detects points for full social engineering so we want to avoid complexity and what does that mean for procurement of and we talk about knowledge sharing a lot in some form of words we might use support but this is complexity and give it an and the 1 of the huge mass so How can we share secret with somebody we can either use properties which is a pretty well known as a good thing and technically perfectly secure but it's tends to 0 you have to not really understand how to deal with the trends of what take this example if there's a fishing made and so somebody once and is true too on some of them and the website promises to strengthen the key you or some thing like this analysis and really well the property is something should without which should be kept private and then this might work or take this example when want to share something with what she spoke public use so what should go there and ask what they give you a publicly and of response that you have a lot of my public key but what's important until the end of the book is really about so other things this public key cryptography is a good thing but it is the user to understand what is happening so while in communication we do support this this is the best choice for incremental well we want some user privacy and we want to eliminate the human factor and from the system so we had a few things pre-shared secret of which is I think not this is the secure but if you look at the that of the system I would I think was really really good with the the best choice here so I was when you share possible with somebody you are aware that you should also you migrant understand this moment I wouldn't tell somebody on the phone banking just because it says well you wanna lottery or something like she his a kind of transformed by animal so if I want to share something with my grandma and we both just think we are common possibly at both know about and there are no additional complex so that means that well that's attack points so yes talking about
grandmother my grandmother really like so I thought the but the compact but but with the market at the time the apart again at the top of the video or different because easier OK so come we have been working on a desktop application we started last year at the Boston is the main contributor to disappear kicking application and I Joint earlier this year to work on the mobile application because as I said close storage is very important for all our devices so we must also have to have a mobile applications so when maybe just maybe easy to take the densification ported to mobile and that sadly it's not that easy so what's so different different about Odessa computer and the mobile device so maybe it's size well I know it's there resources are fundamentally different so take for example the internet connection so Odessa computer we usually have a dedicated line we have unlimited traffic a flat rate and on the other hand of the mobile devices we if we are not in a Wi-Fi then we have the cellular network and its slow probably here in this building I don't even have a signal and so we have limited traffic just a couple of hundred megabytes per month or maybe a couple of key about 4 months if you have a good time to have a good plan so yeah internet connection isn't is a problem for cold storage and another 1 is of course storage space so we don't just have don't have these hundreds and thousands of fewer bytes hard drives on all mobile phone it easier it's slowly catching up but uh still we can't just synchronize our cloned 50 cubic was of data smartphone another thing that's different is the operating system so let's take it as a computer for example we are working with files and folders drag and drop them we manage them and we're working on something called the file system hence the name Desso computer we're working with arbitrary desktop so on on mobile device we don't really have a 5 system so it's a higher level of extraction we have Absolon homescreen well technically speaking of course there is a file system but it's not a comparable to the best of once we just don't have the center system so the let's take for example the drop at on not on the mobile device is indentified system not really so drop the drop box that is imitating a 5 system so you can if you filed surrounds and create new folders and upload something and almost something but it's all up that everything happening In the Clouseau remotely it's not happening on a device it's not getting all the complete data so what has to be done here with crypto made up because could emitter walks on the file system so we basically have to do the same as the works so we have to implement all basic 5 system functionality and so on we have to build their user interface and design a workflow completely from scratch because it's there is also standardized way to do that and keep in mind with his everything on a desert computer for free by the operating system so we have to implement that and another thing is we are dependent on the providers so we have to know which closed source of his we're working with because we have to call the API so we have to integrate each clause service 1 by 1 and yeah 1 of the benefits if it's at smallest part it can be done with a major ones so well we know today this script tomatoes currently it's some data so I would like to talk now about what's next on our list so maybe you can't help was list old and some of the points so let's look at the death of application 1st of the crypto quote is mostly done so we just released final release candidate of at the components of the core is done but we have to improve the integration with each always so with Mac Windows Linux and talking about Windows well we should have a lot of problems with it in the past so we need still more improvement on that but we would also like to improve the tomato on Linux for example I would like to have more native those for various Linux distributions we just have a deviant built on on right now so is that it will be great if you would contribute contribute to that and of course on the top you can post an issue it might be a block of future requests or even though vulnerability and also at the request of a weapon the the more litigation so we are currently working on and I was set right now so also there we would like to improve the integration with the operating system in this case with something something called extensions that has been introduced last year and so just to make greater made for more seamless with the system the more integrated so it doesn't have to switch back and forth between gaps and of course you would like to support more closer or services currently we supporting Dropbox school will drive 1 life and I can't drive and we would also like to pursue includes webdev fall 4 central cloud but this is something we're working on currently and of course it has to be easy to use also 1st time users instantly know how to use that demand so we are refining the user interface and the US is but this probably now an elephant in the room although the end right so we just don't even have the manpower but if you are an and Developer and strip the Mater sparked interest it would be great to have 700 because the crypto quote is already written in Java so it did don't you even have to start at square 1 so now this time for the demonstration of problem 1st and the best position it was like is the 1 so yeah I just as
got this square songs by by upon the atlas regret bound all
decorated down upon this way so if you're interested I could just knowledge wouldn't at those flyers to it OK great so as soon as you can see here this is a local made of justification and here is the list of all its and so let's take this 1 wishes shared 1 of flows both so there are a lot like frogs project by the way do not have and also this way when young public but can be sold if I am not the board but unlike an old
close the window and yeah years old will will work totally inside nominal the public knows that due to the system to know what is the 0 year
afterward to reduce the whole
history on the level presentation so as I said here I have some unpublished songs and when they must that I'm not lead get um so I put them into this special and as you can see it that's all I know they are interested so yeah I think you will see how OK so maybe I'm not as convinced yet so let's look in Dropbox sort of like again so I'll Microblogs for the users can already seen a lot of kind of and well funny finance and so well aware this the
I asked you know on top secret of this award so I look
inside it and as you can see there are a lot of different fires of yeah and if I the use of they would just contains some reversal of well yeah he are all files so anyway what about what OK
so let's look at the mobile application in its current state at
so we will use the time just to have you have a phone on the screen
so as you can see we all the walls we just had and of top secret is the 1 we just used together and another thing that we can now do is instead of the writing the password and we can
use tragedy to into to evolve
and no it's using the boxes to to to the data so of course they can browse fluid everything looks normal again don't modify and look at them and operated operate on the so so all the basic process of functionality yeah had to be written so for example if I would
like to create a folder I can do that a 5 ends basic file operations on each file the candle by swiping for example rename will to another folder and also deviated that users have about the quality of dimensional OK so for example let's go to the camera and 0 yeah I think that the we don't to before and
we don't want to also don't want to the we understand size on the bottom left as a share button and on the bottom they're all at that extensions so I can descriptor major and this opens the new crypto either window without switching to the act itself so we extend the camera the default settings of finding just
prosperous cities I still have to
under my it gets encrypted uploaded I'm so happy that the wife for connections working and so now this notion of what so we can also switch to the desktop applications and see if it really landed so now can to great so this he's a world that is the case in so you can
get from the meta-novel free untripped of all it's currently in beta nobody would also would like to have more testers also the I was beta you can sign up for which is used distributed through test flight and the meadows hosted on get up to Canada and we would like to see any kind of contribution that would be great so thank you for attending and that the crafting few case I guess with the time for
questions that is the law of the the the the on the you know OK so the question was about the crypto components on many people have not all of them and hobbled auditing so that is that those the biggest mistake would be to just assume that all codewords so we really don't rely on other on different people to review all code and I where it can tell you a number of work now what of it has been around like 30 40 different people and what is not only anonymous community people from I don't know where but also this concept has been reviewed by there some professor from this very University of London which you know was main goal was to and the beginning of this project I if I winter to and then an edge on 1 of the most so that was by and was this man and I don't know I just known by Christopher this form of who was from the will of the ball and he really helped us a lot with it and then as you have seen there have been tons of common of on the crypto and but as I said I don't really know the exact time of this please no you cannot share puzzle over from from repeat the question what about sharing hide from within the board with other people so you cannot share signify which is inside of water but some of of it is that you can create as many voices as you want and some credit chat board to work but throughout the past what is known to all the people who work with it you use in looking at the question the question was that can be used as a metric to back up to it and this was the really much with than the motivation was that the project I went back and I think almost 2 years ago there was a by all of the clouds providers they had more and more gigabytes of free quotas and this is this was when I come to myself said was OK I have my backup drive at home but FIL with my own home brownstone this don't hurt me anymore so the Quixote is pretty good when we're talking about the and availability of data but not good ones comes to privacy so this is the motivation why started this and I want to make up my mind on documents that that need the clout availability but my home disk privacy yeah although I think it was this is the thing this the this is the only of get the question was is but the master key only depends on the past and 1 would change the password that's the master would have been changed so everything is very interested no this is not the case what you seen there was just a key encryption key and this is used for further keys and especially each side has since it's this very own keys so and this is especially important as we are using a counter mode where the combination of and initialization vector needs to be unique so yet we have a lot of different keys but there is this key-encrypting key which survival busses and if you change the only 1 on your your must achieve fired which is adjacent 5 instead of the what we need to be re-uploaded the question was is there a command to indicate applications and no there isn't there and you're not the 1st 1 was asking this uh there's already developed for the issue of some people who 1 place at exactly this and currently we just have this user interface thing but it's kind of model and to I think it would be too much of a problem to create 1 and there is of the so what do you what this is the little things like that In Europe there are changed it is just the start of the on the other hand if the last what that this a he was there that's all the question was different cooking the filenames where you will only see it finance and the of the droplets pop up which about changes and so we cannot really we assess user can really say or what's really change of somebody up of edited file and yeah this office you something we have to live with and so it might be an option in and further reduces true and make it a user choice in financial Pinker not but currently this is the situation just as you describe 1st of all what it is in all of the rest of the world last all so the question or more as the suggestion was on the mobile application there so we're all using API for drop books and so and so on so everything is stored remotely and so was the last it we could access all 5 sometimes offline because maybe sometimes we don't have an internet connection and would like to access and even less so this is a feature that is currently missing that's true of I guess this is now a feature requests however it's a great suggestion maybe something like a favorite spot see it and all of that so you can have them offline accessible but it's just not in the beta right now so thanks for the suggestion the there what you but the again and again the question was if there's no such capability in search of work encrypted fossil the plane takes a view of the intricate fires and no we don't we don't create some kind of index or something of there are I don't know if and to what extent of what operating systems that are able to a social movement of Troy if they are there would be native search capabilities by the operating system but as we just concentrate on the cryptographic part we read don't interfere with either of those left from the director of the interface and right from the synchronization so and maybe if there is no plan a problem of searching interpret
files and there might be some the what some tweaks we can do a true and make the operating system support that native search capabilities but what we have to investigate the operating system from a criticism for a job for its own so here I will send this kind of difficult but definitely it was so good point for future requests question the particularly for the I think you should the same thing on the other have to share all of this for you we of all yet the question was and and to what extent we can share just on creates some laws instead of wood well we just and gives access with some some some follows from to a different user groups and when no we do not support this and this is a decision by 1 of my major because of reducing the complexity so we think that if you want to address the all of that majority of users and so on including my grandmother the the best approaches to and therefore 1 what was 1 password which is shared with 1 group of users and so if you want to have different groups and you have to create a new voice and of course yes this just have the disadvantage that you where have to copy files in different what's this and all of these things and I felt so I think the question was agreed to refer to this can be integrated with stake and but to be honest I do not know Procexp and so but as element if there's some storage for a synchronization mechanism in OpenStack then so this shouldn't be a problem here the how of now OK the question was about 5 system kind of limitations like the length of file names depth of the directory powerful from just etc. so and we have something 0 well we we reduce higher names if other the patterns rather 155 characters as to support the windows so which is as a kind of a sad story because due to encryption the filename name gets blown around and also there from the space of 32 encoding which roles as finance additionally and windows pretty much sucks on wrong font have so yeah but anyway yeah we are currently producing find in length and although also the directory structure is when it's restructure to a kind of flat directory structure and so on the full no matter what all their message and the secret to it hierarchy they all sibling fullness but those having photos of them I credit insight but Prof up to 1024 sub for those that are credit on the root level of all in group a data directory and so we we are aware that there are a lot of the problems with especially 1 operating systems system and we have done a lot of treats through to get around this and as if seen analogy mobile and here we have this even there's a motor character and search of the fun and so of they are case sensitive and insensitive filename foaf systems will be supported both that's why we're using based fitted to encoding what based 64 would be more efficient and yet if there are any further restrictions on tell you you ask about size of think not anymore not not really that there is some natural restrictions Due to of the counter mode that we are using this where we have an initialization victory was together with the 80 s of which is which consists of a month and counterpart in the corpus of 64 bit and it must not repeat and soul any number and the 64 bit number would be the maximum number of bytes support profile but because kind of you will never reach assumption 1 the yes it is what the where the question was about huge fires if free of for example 1 can but 5 inside of would and a change just 2 bites of it and then yes we have to re-upload the whole 1 gigabyte this is also done because really generate a new random profile so what the whole fund is really interested and so on we decided where to go for securities of convenience here and so on yeah I know this is a problem with that wastes you all you all bandwidth and so on is there not sure ideas but if we're talking about the clock this might not be an everyday use area because who stores like this is really a connection to cloud of a modern over this is the best use case yes please you can speak at the top of this and the kind of it's about 5 sets of his station and so the question is how do we really obfuscated 5 each Firegoose for its own who 1 would assume that intricate file is always this because the plaintext file and we ate some random length adding to the end which is up to we we I want to add up to 10 % of the original size size but we from lower and upper bound so there will be enough randomness so it isn't it a 100 % obfuscation but it helps for example if if Hollywood most that you will lead to have view of the movie is exactly true gigabytes 300 megabytes 250 I don't know some some some size and this would be obfuscated so it cannot be identified just by the number of bytes and so yeah its own at least of 4 kilobyte overhead and a maximum of 6 this is the same thing 16 megabytes overhead somewhere between this range but as a set of small size will not have the that much of an because we try to keep it up to 10 per cent so the cryptographically not ideas so this kind of a compromise between the of perfect random numbers and deterministic approach to the keep it to some good extent of the amount of additional but innovation the think the small number of the without
Offene Menge
Sensitivitätsanalyse
Dienst <Informatik>
Computer
Gesetz <Physik>
Computeranimation
Eins
Metropolitan area network
Festplattenlaufwerk
Freeware
Nichtunterscheidbarkeit
Tropfen
Speicher <Informatik>
Informatik
Grundraum
Gerade
Schreib-Lese-Kopf
Videospiel
Datenmissbrauch
Computersicherheit
Open Source
Ruhmasse
Elektronische Publikation
Chipkarte
Software
Dienst <Informatik>
Datenfeld
Chiffrierung
Gamecontroller
Datenspeicherung
Projektive Ebene
Information
Smartphone
Streuungsdiagramm
Instantiierung
Offene Menge
Punkt
Freeware
Gruppenkeim
Synchronisierung
Raum-Zeit
Computeranimation
Homepage
Metropolitan area network
Freeware
Font
Dateiverwaltung
Lineares Funktional
Dokumentenserver
Computersicherheit
Güte der Anpassung
Systemaufruf
Biprodukt
Chiffrierung
Rechter Winkel
Projektive Ebene
Verzeichnisdienst
Subtraktion
Klasse <Mathematik>
Hierarchische Struktur
Sprachsynthese
Dienst <Informatik>
Service provider
Variable
Verzeichnisdienst
Digitale Photographie
Perspektive
Datentyp
Datenspeicherung
Elastische Deformation
Inhalt <Mathematik>
Maßerweiterung
Stochastische Abhängigkeit
Soundverarbeitung
Datenmissbrauch
Elektronische Publikation
Open Source
Relativitätstheorie
Sprachsynthese
Vektorraum
Elektronische Publikation
Fokalpunkt
Zustandsdichte
Softwareschwachstelle
Mereologie
Gamecontroller
Datenspeicherung
Kantenfärbung
Streuungsdiagramm
Momentenproblem
Program Slicing
Social Engineering <Sicherheit>
Gesetz <Physik>
Computeranimation
Homepage
Algorithmus
Skript <Programm>
E-Mail
Auswahlaxiom
Schnittstelle
Addition
Extremwert
Hardware
Schlüsselverwaltung
Kategorie <Mathematik>
Computersicherheit
Ruhmasse
Knoten <Statik>
Rechnen
Hoax
Konzentrizität
Dienst <Informatik>
Menge
Forcing
Rechter Winkel
Client
Derivation <Algebra>
Subtraktion
Systemzusammenbruch
Ordinalzahl
Data Envelopment Analysis
Mathematische Logik
Konsistenz <Informatik>
Virtuelle Maschine
Bildschirmmaske
Informationsmodellierung
Perspektive
Dateisystem
Netzbetriebssystem
Endogene Variable
Datentyp
Hash-Algorithmus
Skript <Programm>
Inhalt <Mathematik>
Cluster <Rechnernetz>
Attributierte Grammatik
Analysis
Radius
Protokoll <Datenverarbeitungssystem>
Elektronische Publikation
Binder <Informatik>
Datenspeicherung
Wort <Informatik>
Kantenfärbung
Bit
Prozess <Physik>
Punkt
Gruppenkeim
Chiffre
Kartesische Koordinaten
Gradient
Computer
Komplex <Algebra>
Synchronisierung
Videokonferenz
Metropolitan area network
Bit
Exakter Test
Kryptologie
Bildschirmfenster
Figurierte Zahl
Nichtlinearer Operator
ATM
Lineares Funktional
Approximation
Synchronisierung
Nummerung
Quellcode
Speicherbereichsnetzwerk
Rechenschieber
Arithmetisches Mittel
Chiffrierung
Twitter <Softwareplattform>
Verschlingung
Kommunalität
Projektive Ebene
Schlüsselverwaltung
Aggregatzustand
Public-Key-Kryptosystem
Telekommunikation
Rückkopplung
Web Site
Ortsoperator
Schaltnetz
Implementierung
Zahlenbereich
Division
Wiederherstellung <Informatik>
W3C-Standard
Magnettrommelspeicher
Polarkoordinaten
Arbeitsplatzcomputer
Zusammenhängender Graph
Passwort
Passwort
Hardware
Gammafunktion
Leistung <Physik>
Autorisierung
Datenmissbrauch
Benutzeroberfläche
Physikalisches System
Paarvergleich
Quick-Sort
Energiedichte
Differenzkern
Mereologie
Notebook-Computer
Speicherabzug
Verkehrsinformation
Klon <Mathematik>
Distributionstheorie
Punkt
Freeware
Desintegration <Mathematik>
Kartesische Koordinaten
Computer
Service provider
Raum-Zeit
Computeranimation
Eins
Übergang
Internetworking
Metropolitan area network
Festplattenlaufwerk
Dämpfung
Kryptologie
Bildschirmfenster
Dateiverwaltung
Skript <Programm>
Vorlesung/Konferenz
Tropfen
Gerade
Lineares Funktional
App <Programm>
Datennetz
Gebäude <Mathematik>
p-Block
Dienst <Informatik>
Rechter Winkel
Schlüsselverwaltung
Smartphone
Subtraktion
Quader
Ortsoperator
Automatische Handlungsplanung
Dienst <Informatik>
Maßerweiterung
Service provider
Netzbetriebssystem
Zusammenhängender Graph
Speicher <Informatik>
Maßerweiterung
Softwareentwickler
Hilfesystem
Demo <Programm>
Implementierung
Dateiverwaltung
Einfach zusammenhängender Raum
Videospiel
Benutzeroberfläche
Open Source
Mailing-Liste
Physikalisches System
Elektronische Publikation
Integral
Softwareschwachstelle
Mereologie
Datenspeicherung
Speicherabzug
Streuungsdiagramm
Mailing-Liste
Physikalisches System
Datenfluss
Speicherbereichsnetzwerk
Metropolitan area network
Programmfehler
Chatten <Kommunikation>
Betafunktion
Bildschirmfenster
Vorlesung/Konferenz
Projektive Ebene
Bildschirmsymbol
Gammafunktion
Spezialrechner
Metropolitan area network
Datenerfassung
Gravitationsgesetz
Kombinatorische Gruppentheorie
Mikroblog
Chi-Quadrat-Verteilung
Speicherbereichsnetzwerk
Quick-Sort
Übergang
App <Programm>
Subtraktion
Fächer <Mathematik>
Elektronische Publikation
Extrempunkt
Computeranimation
Sturmsche Kette
Metropolitan area network
Reverse Engineering
Chatten <Kommunikation>
Datenerfassung
Vorlesung/Konferenz
Passwort
Bildschirmsymbol
Gammafunktion
Touchscreen
Haar-Integral
Metropolitan area network
Lineares Funktional
Elektronische Publikation
Prozess <Physik>
Quader
Elektronische Publikation
Chi-Quadrat-Verteilung
Computeranimation
Einfach zusammenhängender Raum
Euler-Winkel
Gemeinsamer Speicher
Kartesische Koordinaten
Extrempunkt
Computeranimation
Digitale Photographie
Metropolitan area network
Programmfehler
Menge
Kryptologie
Minimum
Bildschirmfenster
Maßerweiterung
Default
Gammafunktion
Freeware
Gemeinsamer Speicher
Kartesische Koordinaten
Datensicherung
Gesetz <Physik>
Synchronisierung
Computeranimation
Eins
Internetworking
Kryptologie
Vorlesung/Konferenz
Tropfen
Auswahlaxiom
Metropolitan area network
Schnittstelle
Softwaretest
Ereignisdatenanalyse
ATM
App <Programm>
Sichtenkonzept
Rechter Winkel
Automatische Indexierung
Chatten <Kommunikation>
Projektive Ebene
Schlüsselverwaltung
Ebene
Subtraktion
Wasserdampftafel
Schaltnetz
Mathematisierung
Automatische Handlungsplanung
Zahlenbereich
Whiteboard
Code
Bildschirmmaske
Informationsmodellierung
Netzbetriebssystem
Mini-Disc
Passwort
Zusammenhängender Graph
Maßerweiterung
Einfach zusammenhängender Raum
Datenmissbrauch
Benutzeroberfläche
Physikalisches System
Vektorraum
Elektronische Publikation
Cloud Computing
Office-Paket
Mereologie
Sensitivitätsanalyse
Bit
Punkt
Freeware
Extrempunkt
Gruppenkeim
Element <Mathematik>
Komplex <Algebra>
Gesetz <Physik>
Synchronisierung
Raum-Zeit
Übergang
Perfekte Gruppe
Font
Prozess <Informatik>
Bildschirmfenster
Mustersprache
Randomisierung
Vorlesung/Konferenz
Wurzel <Mathematik>
Kraftfahrzeugmechatroniker
ATM
Addition
Dicke
Sichtenkonzept
Krümmung
Computersicherheit
Güte der Anpassung
Mobiles Internet
Profil <Aerodynamik>
Entscheidungstheorie
Menge
Decodierung
Overhead <Kommunikationstechnik>
Verzeichnisdienst
Message-Passing
Subtraktion
Mathematisierung
Hierarchische Struktur
Zahlenbereich
Digitale Photographie
Netzbetriebssystem
Determiniertheit <Informatik>
Inverser Limes
Passwort
Datenspeicherung
Speicher <Informatik>
Datenstruktur
Maßerweiterung
Leistung <Physik>
Einfach zusammenhängender Raum
Physikalisches System
Elektronische Publikation
Zufallsgenerator
Flächeninhalt
Bandmatrix
Offene Menge
Freeware
Software
Computeranimation

Metadaten

Formale Metadaten

Titel Cloud Storage Encryption with Cryptomator
Serientitel FrOSCon 2015
Teil 66
Anzahl der Teile 80
Autor Stenzel, Sebastian
Hagemann, Tobias
Lizenz CC-Namensnennung 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
DOI 10.5446/19610
Herausgeber Free and Open Source software Conference (FrOSCon) e.V.
Erscheinungsjahr 2015
Sprache Englisch

Inhaltliche Metadaten

Fachgebiet Informatik
Abstract Cryptomator is the first ever open source application specifically developed to transparently encrypt files before they are sync'ed with your personal cloud storage space. Sebastian Stenzel, Tobias Hagemann

Ähnliche Filme

Loading...