-3

My first question:

Our new app will work with files that contains sensitive data (e.g. finances). These files will be stored on the client first than synchronized to our server.
I need a method for ...

  • prevent phishing malwares may be exist on client PC to gather these infos
  • making user data untraceable - preventing anybody to know what data belong to what person.

So, what are the well-established methods to do this?

My second question:

I heard about some crypto algorithms like AES but I don't know if it's enough to use this (I mean AES256 at least).

Is AES good for encrypting files or could you suggest me better?

NagyDani
  • 7
  • 3

3 Answers3

1

fight against phishing malwares may be exist on client PC

Fundamentally this is impossible. If the client machine is compromised at a point where code can be run either as root or the user you intend to access your application then you should assume a determined enough actor will be able to read anything your application can.

making user data untraceable - preventing anybody to know what data belong to what person.

Then how will your application know which data to give to the user? You can have users sign in with an alias - but that is the case with any username / password system that does not verify the users identity.

Is AES good for encrypting files or could you suggest me better?

AES-256 (in the correct modes for the usage) is viewed as secure. "More Secure" and "Less Secure" aren't really a thing. Either something is viewed as "unlikely to be breakable any time soon with expected technology progression" or not.

But you also need to decide where you will encrypt this data (client or server), where you will store the keys for the encryption and whether you will encrypt communication with the server. What is the communication system between the client and server? You almost certainly want to use some form of SSL.

If data is encrypted with user provided keys or passwords (assuming you do not store these) then it will be entirely unrecoverable should they forget their password. If you use server stored then should your server architecture become compromised it is likely they will get the keys as well as the data and be able to recover it.

I would suggest you need substantially more reading / learning until you fully understand these topics and the respective consequences in decisions before you proceed further.

Hector
  • 10,893
  • 3
  • 41
  • 44
  • "Then how will your application know which data to give to the user?" @Hector, i have a framework that the service providers cant discover directly with data belongs to each user, by the use of pseudonyms. The system just need to know how to compute the pseydonym, in safe way. Other way is have a Identity provider, to make the association user-pseudonym. – rew1nd Oct 19 '17 at 10:55
  • How are you going to map the pseudonym to the user? I see no sane way to do this that is better than just storing the pseudonym next to the user in a table somewhere. If you're doing that then you may as well just use a 256bit value generated by a cryptographically secure RNG. The only other option is a hash function. But what are the input values? - the username is public so makes no sense. – Hector Oct 19 '17 at 11:21
  • Is exactly that im doing. The inputs are username, salt, and card number. Makes more sense that just put the name directly associated with data! – rew1nd Oct 19 '17 at 11:26
  • Only if the salt is stored in a different system. Username and card number should be viewed as public. – Hector Oct 19 '17 at 11:44
  • Why not instead encrypt the data with a user specific key? That way anyone obtaining the data may know who it belongs to but they don't know what it is. – Hector Oct 19 '17 at 11:45
  • Same problem with the key, you need to store it elsewhere. In the way i suggest for the pseudonym, they also dont know what it is, just a 256bit random string. – rew1nd Oct 19 '17 at 12:39
  • 1
    If the string is generated from a username, salt and card number it is not secure. If its truly random then it needs to be mapped to the username somewhere - which again means its not really any more secure. – Hector Oct 19 '17 at 13:49
0

My advice's:

ESSENTIAL -Use a server TLS certificate to protect the connection (confidentiality, integrity and server authenticity)!

FIRST QUESTION: - Use multifactor authentication, at authentication or when a crucial operation happens.

  • Use pseudonyms to associate users to data, instead direct associations. Must be unpredictable and size long secure ( use hash values)

SECOND:

  • Yes AES is a good option. Although depend of your system, the cipher mode you use (ECB, CBC, ...), how you generate and store the symmetric key. the better option in this case is to use AES- GCM (authenticated encrypted with associated data (AEAD).

  • You can use also RSA, that works as asymmetric cryptography. Search for it.

Hope that helps

rew1nd
  • 124
  • 7
0

I suggest you do not write your own encryption code. You would most certainly get it wrong. Your users should use some existing encryption software such that GPG (and whatever graphical front-end they like) to encrypt the files. (Or you could just write your own front-end for GPG if you need this to be cleanly integrated within your app.)

Erwan Legrand
  • 401
  • 2
  • 13