Servers can't be trusted, and thanks to tamper-proof Servers can't - - PowerPoint PPT Presentation

servers can t be trusted and thanks to tamper proof
SMART_READER_LITE
LIVE PREVIEW

Servers can't be trusted, and thanks to tamper-proof Servers can't - - PowerPoint PPT Presentation

Nov 29, 2022 185 likes •499 views

Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to tamper-proof journals EteSync doesn't need to! journals EteSync doesn't need to! stosb.com/talks Tom Hacohen tom@stosb.com FOSDEM 2018 @TomHacohen

slide-1
SLIDE 1

Tom Hacohen FOSDEM 2018

Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to tamper-proof journals EteSync doesn't need to! journals EteSync doesn't need to!

stosb.com/talks tom@stosb.com @TomHacohen

slide-2
SLIDE 2

Simple Server Communication Simple Server Communication

slide-3
SLIDE 3

What Are We Leaking? What Are We Leaking?

Data Data

Emails Calendars Personal notes Secret business information

Metadata Metadata

IP address Social graph Time of access What data is used and how

  • en

When specific data is accessed

slide-4
SLIDE 4

Metadata Is Data! Metadata Is Data!

Exploiting Social Graphs Exploiting Social Graphs

slide-5
SLIDE 5

Metadata Is Data! Metadata Is Data!

Exploiting Access Patterns Exploiting Access Patterns

slide-6
SLIDE 6

Real Example: CardDAV Real Example: CardDAV

slide-7
SLIDE 7

Information Leaked Information Leaked

Address Book Information IP address Social graph Time of access What data is used and how

  • en

When specific data is accessed

slide-8
SLIDE 8

Potential Solutions Potential Solutions

Using Tor to hide origin Controlling access patterns Trusting the server: Using a trusted provider Hosting on our own server ("self host")

slide-9
SLIDE 9

Should We Trust The Server? Should We Trust The Server?

It could get hacked (remote or physical access) Could get stolen (literally someone picking it up and taking it) Hosted: a rogue employee could access your data Hosted: could be compelled to provide access Self-hosted: a lot of work and hard to maintain

slide-10
SLIDE 10

Reducing Server Trust Reducing Server Trust

End-to-end encryption Mostly offline operation (if possible) Fake access patterns?

slide-11
SLIDE 11

Hardened CardDAV Hardened CardDAV

slide-12
SLIDE 12

That's It, We Are Safe! That's It, We Are Safe!

Questions? Well, actually...

slide-13
SLIDE 13

Our Data Can Be Manipulated! Our Data Can Be Manipulated!

slide-14
SLIDE 14

Bit Flipping Bit Flipping

Imagine the access level is stored encrypted Original Modified Encrypted 0x4a 0x4b Decrypted 0x00 0x19

slide-15
SLIDE 15

Data Omission Data Omission

slide-16
SLIDE 16

Data Omission: Solution Data Omission: Solution

Verify the state Verify the state

slide-17
SLIDE 17

Data Rollback Data Rollback

slide-18
SLIDE 18

The Solution: The Solution:

Tamer-proof journals! Tamer-proof journals!

slide-19
SLIDE 19

What Is It? What Is It?

Change Journal Change Journal

slide-20
SLIDE 20

What Is It? What Is It?

Immutable And Tamper-Proof Immutable And Tamper-Proof UID is a HMAC of content + previous UID

slide-21
SLIDE 21

Protections Against Tampering Protections Against Tampering

Immutable, so data can only be appended Signed, so data can't be manipulated or faked Prev UID is signed, no omission or reordering Verified on each client

slide-22
SLIDE 22

Previously Unsolved Attacks Previously Unsolved Attacks

Which data is accessed and modified Data Omission Data Rollback

slide-23
SLIDE 23

Secure, end-to-end encrypted and journaled personal information cloud synchronization for Android, the desktop and the web. A real-life example.

slide-24
SLIDE 24

Journal Format Journal Format

UID "7ecda2139a45a1674c1b991760f4ae56718b06c0d0b9ed459eea86f709c6d02b" CONTENT {"action": "CHANGE", "content": "BEGIN:VCALENDAR\r\n VERSION:2.0\r\n PRODID:-//EteSync//com.etesync.syncadapter 0.16.0//ical4androi BEGIN:VEVENT\r\n SUMMARY:Feed cats\r\n ... snip ... END:VEVENT\r\n END:VCALENDAR\r\n" } UID "513da45c2d6562c511b898f6f191631c56dfa33d789a399000e99df9b6b8e480" CONTENT {"action":"DELETE","content":"BEGIN:VCALENDAR\r\nVERSION:2.0\r\nPRODID:-//E

slide-25
SLIDE 25

Having A Change History Having A Change History

Auditing changes Recovering lost data Finding entries based on date

slide-26
SLIDE 26

Signed Pages Signed Pages

Devs PGP sign web pages Users add website config Extension verifies signatures Should be used in conjunction with subresource integrity Future: signature verifying service workers (collaboration with ) airborn.io

slide-27
SLIDE 27

Finishing Notes Finishing Notes

Privacy is a sacred right, don't give it up! You're the weakest link:

slide-28
SLIDE 28

Useful Links Useful Links

My blog: EteSync's website: EteSync's sources: Signed Pages: https://stosb.com https://www.etesync.com https://github.com/etesync https://github.com/tasn/webext-signed- pages

slide-29
SLIDE 29

Tom Hacohen FOSDEM 2018

Questions? Questions?

stosb.com/talks tom@stosb.com @TomHacohen

slide-30
SLIDE 30

Attribution Attribution

Icon by from is licensed under Icon by from is licensed under by Randall Munroe ( ) Freepik flaticon.com CC 3.0 BY Smashicons flaticon.com CC 3.0 BY Security XKCD