Can You Trust Your Encrypted Cloud?: An Assessment of SpiderOakONE's Security

This paper presents an independent security review of a popular encrypted cloud storage service (ECS) SpiderOakONE. Contrary to previous work analyzing similar programs, we formally define a minimal security requirements for confidentiality in ECS which takes into account the possibility that the ECS actively turns against its users in an attempt to break the confidentiality of the users» data. Our analysis uncovered several serious issues, which either directly or indirectly damage the confidentiality of a user»s files, therefore breaking the claimed Zero- or No-Knowledge property (i.e., the claim that even the ECS itself cannot access the users» data). After responsibly disclosing the issues we found to SpiderOak, most have been fixed.

[1]  Giuseppe Ateniese,et al.  "To Share or not to Share" in Client-Side Encrypted Clouds , 2014, ISC.

[2]  Jesper Madsen,et al.  ZKBoo: Faster Zero-Knowledge for Boolean Circuits , 2016, USENIX Security Symposium.

[3]  David Mazières,et al.  A future-adaptive password scheme , 1999 .

[4]  Darrell D. E. Long,et al.  Secure data deduplication , 2008, StorageSS '08.

[5]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[6]  Karthikeyan Bhargavan,et al.  Keys to the Cloud: Formal Analysis and Concrete Attacks on Encrypted Web Storage , 2013, POST.

[7]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[8]  Mihir Bellare,et al.  Message-Locked Encryption and Secure Deduplication , 2013, EUROCRYPT.

[9]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[10]  Dawn Xiaodong Song,et al.  The Emperor's New Password Manager: Security Analysis of Web-based Password Managers , 2014, USENIX Security Symposium.

[11]  Mihir Bellare,et al.  Multi-instance Security and Its Application to Password-Based Cryptography , 2012, CRYPTO.

[12]  Andreas Peter,et al.  A Survey of Provably Secure Searchable Encryption , 2014, ACM Comput. Surv..

[13]  Yehuda Lindell,et al.  Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series) , 2007 .

[14]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[15]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[16]  Hovav Shacham,et al.  A Systematic Analysis of the Juniper Dual EC Incident , 2016, IACR Cryptol. ePrint Arch..

[17]  Ling Ren,et al.  Path ORAM , 2012, J. ACM.

[18]  Morris J. Dworkin,et al.  Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality [including updates through 7/20/2007] , 2004 .

[19]  Benny Pinkas,et al.  Proofs of ownership in remote storage systems , 2011, CCS '11.

[20]  Edgar R. Weippl,et al.  Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space , 2011, USENIX Security Symposium.

[21]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[22]  Burton S. Kaliski,et al.  PKCS #5: Password-Based Cryptography Specification Version 2.0 , 2000, RFC.

[23]  Joseph Bonneau,et al.  The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords , 2012, 2012 IEEE Symposium on Security and Privacy.

[24]  Juan Luis,et al.  On the security of cloud storage , 2015 .

[25]  Yehuda Lindell,et al.  Introduction to Modern Cryptography, Second Edition , 2014 .

[26]  Marvin Theimer,et al.  Reclaiming space from duplicate files in a serverless distributed file system , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[27]  F. Frances Yao,et al.  Design and analysis of password-based key derivation functions , 2005, IEEE Transactions on Information Theory.

[28]  David Mazières,et al.  The Advanced Computing Systems Association a Future-adaptable Password Scheme a Future-adaptable Password Scheme , 2022 .

[29]  Mihir Bellare,et al.  DupLESS: Server-Aided Encryption for Deduplicated Storage , 2013, USENIX Security Symposium.

[30]  Dimitris Gritzalis,et al.  Secure Cloud Storage: Available Infrastructures and Architectures Review and Evaluation , 2011, TrustBus.

[31]  Tom Chothia,et al.  Why Banker Bob (Still) Can't Get TLS Right: A Security Analysis of TLS in Leading UK Banking Apps , 2017, Financial Cryptography.

[32]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[33]  Karthikeyan Bhargavan,et al.  Web-based Attacks on Host-Proof Encrypted Storage , 2012, WOOT.

[34]  Daniel L. McDonald A Convention for Human-Readable 128-bit Keys , 1994, RFC.

[35]  Dhiru Kholia,et al.  Looking Inside the (Drop) Box , 2013, WOOT.