Zero Knowledge Architectures for mobile Applications

042b7c0e45c53de46667f07de2fb2614?s=47 vixentael
October 05, 2017

Zero Knowledge Architectures for mobile Applications

#iosdev #security #trust #keys

- why we need ZKA
- what is ZKA, what are parts of ZKA system
- messaging, auth, data: how to use ZKA in these usecases
- ZKA data management example
- implementation details
- other possible usecases
- recap

--------------------------------------

If you can't tap on the link inside slides, please open as pdf (button on the right).

--------------------------------------

With intensifying threat access, snooping governments and insecure-internet-of-everything, the importance of zero-knowledge application architectures and end-to-end trust, for things more complicated than simple messaging, becomes more and more obvious for the app developers.

We will talk about real-world problems that ZKA fights against, learn typical cryptographic designs and progress in different spheres of ZKA. We will find out how to make data sharing, user collaboration on data in the cloud with your app provably secure.

--------------------------------------

text:
https://medium.com/@vixentael/zero-knowledge-architectures-for-mobile-applications-b00a231fda75

--------------------------------------

video from MobiConf17
https://youtu.be/79iqPsPc6ZE

--------------------------------------

Links to follow:

Hermes
https://github.com/cossacklabs/hermes-core

Anatomy of a Zero-Knowledge Web Application, 2007
https://clipperz.is/blog/2007/08/24/anatomy_zero_knowledge_web_application/

Zero Knowledge Protocols Without Magic
https://www.cossacklabs.com/zero-knowledge-protocols-without-magic.html

Why We Develop Zero Knowledge Software
https://brainsware.at/blog/9-zero-knowledge-saas

Keybase launches encrypted git
https://keybase.io/blog/encrypted-git-for-everyone

Why We Will No Longer Use the Phrase Zero Knowledge to Describe Our Software
https://spideroak.com/articles/why-we-will-no-longer-use-the-phrase-zero-
knowledge-to-describe-our-software/

Explain Like I’m 5: End-to-end Encryption
https://medium.com/@cossacklabs/eli5-end-to-end-encryption-ae46821db74f

Explain Like I’m 5: Zero Knowledge Proof
https://hackernoon.com/eli5-zero-knowledge-proof-78a276db9eff

Zero Knowledge Proofs: An illustrated primer
https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/

042b7c0e45c53de46667f07de2fb2614?s=128

vixentael

October 05, 2017
Tweet

Transcript

  1. ZERO KNOWLEDGE ARCHITECTURES for mobile applications

  2. @vixentael Mobile Tech Lead Feel free to reach me with

    any mobile security questions. I do check my inbox :)
  3. Let’s play a game

  4. Sensitive data – ? @vixentael

  5. E2EE – ? @vixentael

  6. GDPR – ? @vixentael

  7. GDPR – ? Equifax – ? @vixentael

  8. #mobiconf @vixentael

  9. Where we are

  10. We have sensitive data @vixentael

  11. We have sensitive data We put it to the “cloud”

    @vixentael
  12. We put it to the “cloud”

  13. We put it to the “cloud” Everything runs on smbd’s

    software, on smbd’s computer, is maintained by someone else @vixentael
  14. We have sensitive data We put it to the “cloud”

    Everything runs on smbd’s software, on smbd’s computer, is maintained by someone else @vixentael
  15. Do we trust them? @vixentael

  16. Do we trust them? Do we want to trust them?

    @vixentael
  17. – NO.

  18. We don’t want. @vixentael

  19. to know how secure cloud is We don’t want @vixentael

  20. to trust other ppl’s software, computers, and maintenance practices -

    to know how secure cloud is We don’t want @vixentael
  21. to think about sensitive data leakage - to trust other

    people’s software, computers, and maintenance practices - to know how secure cloud is We don’t want @vixentael
  22. - to think about sensitive data leakage - to trust

    other people’s software, computers, and maintenance practices - to know how secure cloud is We don’t want @vixentael
  23. None
  24. We don’t want to share sensitive data.

  25. We don’t want to share sensitive data, but we must

  26. medical records credit history ? } @vixentael

  27. your data, managed by someone medical records credit history =

    @vixentael
  28. – Need control.

  29. Control access to the sensitive data during storing and sharing.

    @vixentael
  30. How? Control access to the sensitive data during storing and

    sharing. @vixentael
  31. – Encryption.

  32. Messaging End-to-End Encryption @vixentael

  33. Authentication Zero Knowledge Proof https://www.cossacklabs.com/zero- knowledge-protocols-without-magic.html @vixentael

  34. Data ??? - store encrypted - share with others -

    manage access to parties @vixentael
  35. – Zero Knowledge Architectures

  36. ZKA is a design principle that enables software to provide

    services over protected client data without having an unencrypted access to it. @vixentael
  37. e2ee clients ZKA includes @vixentael

  38. e2ee clients all operations are on encrypted data: – control

    access to data from different users – CRUD – search (in encrypted data) ZKA includes @vixentael
  39. ZKA is already solved for specific use-cases or in a

    naive ways @vixentael
  40. Sharing encrypted data: naive approach – duplications – key management

    problems @vixentael
  41. give access to certain blocks of data to exact users

    https://github.com/cossacklabs/ hermes-core Our take @vixentael
  42. - Why me?

  43. ZKA relies on trust to the client @vixentael

  44. ZKA relies on trust to the client Mobile runs code

    safely* @vixentael
  45. ZKA relies on trust to the client Mobile stores keys

    safely* Mobile runs code safely* @vixentael
  46. Mobile stores keys safely* ZKA relies on trust to the

    client Mobile runs code safely* Mobile is a good client Brent @vixentael
  47. – Meanwhile in the real world…

  48. None
  49. { "personal_data": { "name": "Cat", "surname": "Black", "age": 25, "home_address":

    "large box in living room", "birth_date": "01/04/1992" }, "credit_rating": 8.7, "transactions": [{ "operation": "credit", "bank": "CatBank1", "amount": "2000", "currency": "eur", "date": "02/10/2017" }, { "operation": "credit", "bank": "CatBank2", "amount": "500", "currency": "eur", "date": "14/02/2015" } ] } @vixentael
  50. { "personal_data": { "name": "Cat", "surname": "Black", "age": 25, "home_address":

    "large box in living room", "birth_date": "01/04/1992" }, "credit_rating": 8.7, "transactions": [{ "operation": "credit", "bank": "CatBank1", "amount": "2000", "currency": "eur", "date": "02/10/2017" }, { "operation": "credit", "bank": "CatBank2", "amount": "500", "currency": "eur", "date": "14/02/2015" } ] } personal data @vixentael
  51. protected data { "personal_data": { "name": "Cat", "surname": "Black", "age":

    25, "home_address": "large box in living room", "birth_date": "01/04/1992" }, "credit_rating": 8.7, "transactions": [{ "operation": "credit", "bank": "CatBank1", "amount": "2000", "currency": "eur", "date": "02/10/2017" }, { "operation": "credit", "bank": "CatBank2", "amount": "500", "currency": "eur", "date": "14/02/2015" } ] } @vixentael
  52. { "personal_data": { "name": "Cat", "surname": "Black", "age": 25, "home_address":

    "large box in living room", "birth_date": "01/04/1992" }, "credit_rating": 8.7, "transactions": [{ "operation": "credit", "bank": "CatBank1", "amount": "2000", "currency": "eur", "date": "02/10/2017" }, { "operation": "credit", "bank": "CatBank2", "amount": "500", "currency": "eur", "date": "14/02/2015" } ] } really-really protected data @vixentael
  53. you bank credit bureau @vixentael

  54. you bank credit bureau @vixentael

  55. you bank credit bureau @vixentael

  56. you bank credit bureau @vixentael

  57. you bank credit bureau @vixentael

  58. you bank credit bureau @vixentael

  59. you bank credit bureau what could possibly go wrong? @vixentael

  60. leakage from – your data is available everywhere Risks @vixentael

  61. leakage from – your data is available everywhere Risks encrypt

    data with one shared ? leak one key – leak everything @vixentael
  62. B&B can accumulate extra data about you. Risks @vixentael

  63. B&B can judge you by things you haven’t done. Risks

    @vixentael
  64. B&B can record requests about people they don’t know. Risks

    @vixentael
  65. How ZKA can help?

  66. { "personal_data": { "name": "Cat", "surname": "Black", "age": 25, "home_address":

    "large box in living room", "birth_date": "01/04/1992" }, "credit_rating": 8.7, "transactions": [{ "operation": "credit", "bank": "CatBank1", "amount": "2000", "currency": "eur", "date": "02/10/2017" }, { "operation": "credit", "bank": "CatBank2", "amount": "500", "currency": "eur", "date": "14/02/2015" } ] } RW RO RO, customer verification RW @vixentael
  67. access to data blocks encrypted controlled by owner @vixentael

  68. stores encrypted updates only credit score owns, controls access RW

    only their transactions access revoked @vixentael
  69. - Key wrapping storage keys user keys How to build

    it? @vixentael blocks
  70. - Key wrapping - Manage privileges How to build it?

    @vixentael
  71. - Key wrapping - Manage privileges - Control requests How

    to build it? @vixentael
  72. - Key wrapping - Manage privileges - Control requests -

    Mitigate remaining attacks How to build it? @vixentael
  73. leakage → privileges → replay → other? → Mitigating the

    risks: @vixentael
  74. leakage → it’s encrypted privileges → replay → other? →

    Mitigating the risks: @vixentael
  75. leakage → it’s encrypted privileges → it’s encrypted replay →

    other? → Mitigating the risks: @vixentael
  76. leakage → it’s encrypted privileges → it’s encrypted replay →

    ZKP (it’s encrypted ;) other? → Mitigating the risks: @vixentael
  77. leakage → it’s encrypted privileges → it’s encrypted replay →

    ZKP (it’s encrypted ;) other? → tiny attack surface Mitigating the risks: @vixentael
  78. ZKA elsewhere

  79. shared audit logs complex docs, spreadsheets config files file system

    document store protection @vixentael
  80. Is it difficult to implement?

  81. Signal https://github.com/WhisperSystems/ SignalProtocolKit/blob/master/AxolotlKit/Classes/ Sessions/SessionBuilder.m @vixentael

  82. Swift Alps Demo https://github.com/cossacklabs/theswiftalpsdemo/ blob/master/ios-project/SwiftAlpsSecDemo/ SwiftAlpsSecDemo/SessionDemo.swift github.com/ cossacklabs/themis @vixentael

  83. Hermes github.com/cossacklabs/ hermes-core ODING IN PROGRESS CODING IN PROG @vixentael

  84. Other examples https://tahoe-lafs.org/trac/tahoe-lafs The Least-Authority File Store https://tresorit.com/zerokit ZeroKit from

    Tresorit @vixentael
  85. Recap

  86. 1. We know a lot about data protection and peer-to-peer

    communication. 2. Collaborating on data exposes more advanced risks. One key is not enough. 3. ZKA helps against advanced risks. 4. Sooner or later, everything will be collaborative. 5. Learn ZKA in advance! @vixentael
  87. Links 1 https://clipperz.is/blog/2007/08/24/anatomy_zero_knowledge_web_application/ Anatomy of a Zero-Knowledge Web Application, 2007

    https://www.cossacklabs.com/zero-knowledge-protocols-without-magic.html Zero Knowledge Protocols Without Magic https://brainsware.at/blog/9-zero-knowledge-saas Why We Develop Zero Knowledge Software
  88. Links 2 https://spideroak.com/articles/why-we-will-no-longer-use-the-phrase-zero- knowledge-to-describe-our-software/ Why We Will No Longer Use

    the Phrase Zero Knowledge to Describe Our Software https://medium.com/@cossacklabs/eli5-end-to-end-encryption-ae46821db74f Explain Like I’m 5: End-to-end Encryption https://keybase.io/blog/encrypted-git-for-everyone Keybase launches encrypted git
  89. My other security slides https://github.com/ vixentael/my-talks

  90. @vixentael Mobile Tech Lead Feel free to reach me with

    any mobile security questions. I do check my inbox :)
  91. Image credits www.flaticon.com freepik, linector, switficons, pixelperfect, smashicons Authors: