SlideShare uma empresa Scribd logo

Security and Privacy in Cloud Computing with Mega

Guy K. Kloss
Guy K. Kloss

Seminar talk given at the Service & Cloud Computing Research Lab of Auckland University of Technology (AUT) on 2014-10-17.

Tecnologia
1 de 26
Baixar para ler offline
About Mega Technical Crypto @ Mega Demo You do it . . . Security and Privacy in Cloud Computing Beta-Testing the New Mega Web Client Guy Kloss gk@mega.co.nz Lead Software Developer Mega Limited Guy Kloss | Security and Privacy in Cloud Computing 1/26
About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 2/26
About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 3/26
About Mega Technical Crypto @ Mega Demo You do it . . . Our Business: “The Privacy Company” SaaS Cloud Software Guy Kloss | Security and Privacy in Cloud Computing 4/26
About Mega Technical Crypto @ Mega Demo You do it . . . Facts Guy Kloss | Security and Privacy in Cloud Computing 5/26
About Mega Technical Crypto @ Mega Demo You do it . . . Products File Storage (now) Chat/Messenger (next) Email (later) Guy Kloss | Security and Privacy in Cloud Computing 6/26
About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 7/26
About Mega Technical Crypto @ Mega Demo You do it . . . File Storage Servers File storage servers (many many . . . ) Meta-data servers (file attributes, user attributes, thumb nails, . . . ) API servers DB servers Servers helping with managing concurrency Guy Kloss | Security and Privacy in Cloud Computing 8/26
About Mega Technical Crypto @ Mega Demo You do it . . . Messenger Servers Cluster of messaging servers for XMPP (using ejabberd) For scalability and load balancing For reliability STUN/TURN servers ! Overcome problem through private IP networks (NAT) Load balancers, HAproxy, redirectors Note: Voice/video normally connects browser’s WebRTC containers directly Guy Kloss | Security and Privacy in Cloud Computing 9/26
About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 10/26
About Mega Technical Crypto @ Mega Demo You do it . . . Concept: Everything is End-to-End Encrypted! Guy Kloss | Security and Privacy in Cloud Computing 11/26
About Mega Technical Crypto @ Mega Demo You do it . . . File and Attribute Protection Keys Involved Master Key Everything private is protected by a master key The master key itself is password protected: PBKDF RSA Key Pair Used for sharing access to files Stored as user attributes Private key is protected with master key Public key is “world readable” Guy Kloss | Security and Privacy in Cloud Computing 12/26
About Mega Technical Crypto @ Mega Demo You do it . . . File and Attribute Protection File Protection File content (segmented into blocks) encrypted with session key (AES-128 CTR mode) Session key is encrypted with the master key All file attributes (incl. file name) encrypted with the session key Access information to shared files encrypted with recipient’s RSA public key Shared folders use a folder’s share key to protect file data and attributes Share keys are protected by own master key or by RSA public key Guy Kloss | Security and Privacy in Cloud Computing 13/26
About Mega Technical Crypto @ Mega Demo You do it . . . File and Attribute Protection User Attributes Private attributes are encrypted with master key Public attributes are “world readable” Guy Kloss | Security and Privacy in Cloud Computing 14/26
About Mega Technical Crypto @ Mega Demo You do it . . . Keys and Authentication Every user has an additional signing key pair (Ed25519) Own RSA public key is signed with it All public keys are “tracked” (fingerprints of RSA and signing keys) Signing keys can be authenticated (comparison of fingerprints) ! “Grounding” of authentication on one single identity key ! Prevention of man-in-the-middle attacks ! Prevention of impostors Guy Kloss | Security and Privacy in Cloud Computing 15/26
About Mega Technical Crypto @ Mega Demo You do it . . . Chat Text Messaging Encrypted via a new group encryption protocol: mpENC Inspired by OTR – Properties: Confidentiality (AES-128 CTR encrypted) Full chat partner authenticity (digital signatures) Plausible deniability (ephemeral signing keys) Multi-party capability (Group Diffie-Hellman for shared key agreement) Reveal as little meta-data as possible (Exponential message padding) Based on elliptic curve cryptography (Curve25519 and Ed25519) ! Not compromised by the NSA! lorem ipsum ... Guy Kloss | Security and Privacy in Cloud Computing 16/26
About Mega Technical Crypto @ Mega Demo You do it . . . Chat Voice & Video Voice/video is also end-to-end encrypted Using SRTP between WebRTC containers Usually directly connecting peers Guy Kloss | Security and Privacy in Cloud Computing 17/26
About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 18/26
About Mega Technical Crypto @ Mega Demo You do it . . . Where/How to get it . . . https://beta.mega.nz Exclude search engins and other externals: Simple Web server authentication Best to use a current/stable Google Chrome or Mozilla Firefox Guy Kloss | Security and Privacy in Cloud Computing 19/26
About Mega Technical Crypto @ Mega Demo You do it . . . Accounts/Contacts Create an account (if you don’t have one, yet) Add your contacts (for now bilaterally) Guy Kloss | Security and Privacy in Cloud Computing 20/26
About Mega Technical Crypto @ Mega Demo You do it . . . File Storage Store files Share files Share folders Guy Kloss | Security and Privacy in Cloud Computing 21/26
About Mega Technical Crypto @ Mega Demo You do it . . . Chat Text chatting Voice/video chat Transfer files (via cloud or direct) Guy Kloss | Security and Privacy in Cloud Computing 22/26
About Mega Technical Crypto @ Mega Demo You do it . . . Early Adopters Guy Kloss | Security and Privacy in Cloud Computing 23/26
About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 24/26
About Mega Technical Crypto @ Mega Demo You do it . . . Provide Feedback Feedback to beta@mega.co.nz Report bugs ! Information to provide Operating system Browser and version Steps to reproduce the problem (if applicable) Maybe a screen shot Possibly exceptions or internal information (see browser debug console) Make suggestions Guy Kloss | Security and Privacy in Cloud Computing 25/26
About Mega Technical Crypto @ Mega Demo You do it . . . Questions? Be Safe! Guy Kloss gk@mega.co.nz Shane Te Pou stp@mega.co.nz Guy Kloss | Security and Privacy in Cloud Computing 26/26

Recomendados

The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingAnkit Singh
 
Security & Privacy In Cloud Computing
Security & Privacy In Cloud ComputingSecurity & Privacy In Cloud Computing
Security & Privacy In Cloud Computingsaurabh soni
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingJohn D. Johnson
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computingragibhasan
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Building a (Really) Secure Cloud Product
Building a (Really) Secure Cloud ProductBuilding a (Really) Secure Cloud Product
Building a (Really) Secure Cloud ProductGuy K. Kloss
 
WTF is Blockchain???
WTF is Blockchain???WTF is Blockchain???
WTF is Blockchain???Guy K. Kloss
 
Cloud Computing Vision or Reality
Cloud Computing Vision or RealityCloud Computing Vision or Reality
Cloud Computing Vision or RealityCarlos Veira Lorenzo
 

Recomendados

The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingAnkit Singh
 
Security & Privacy In Cloud Computing
Security & Privacy In Cloud ComputingSecurity & Privacy In Cloud Computing
Security & Privacy In Cloud Computingsaurabh soni
 
Security & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingSecurity & Privacy in Cloud Computing
Security & Privacy in Cloud ComputingJohn D. Johnson
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computingragibhasan
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Building a (Really) Secure Cloud Product
Building a (Really) Secure Cloud ProductBuilding a (Really) Secure Cloud Product
Building a (Really) Secure Cloud ProductGuy K. Kloss
 
WTF is Blockchain???
WTF is Blockchain???WTF is Blockchain???
WTF is Blockchain???Guy K. Kloss
 
Cloud Computing Vision or Reality
Cloud Computing Vision or RealityCloud Computing Vision or Reality
Cloud Computing Vision or RealityCarlos Veira Lorenzo
 
Data Privacy & Security Update 2012
Data Privacy & Security Update 2012Data Privacy & Security Update 2012
Data Privacy & Security Update 2012Jason Haislmaier
 
走出IT人才荒 研討會
走出IT人才荒 研討會走出IT人才荒 研討會
走出IT人才荒 研討會Charles Mok
 
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCybera Inc.
 
IBM's four key steps to security and privacy for big data
IBM's four key steps to security and privacy for big dataIBM's four key steps to security and privacy for big data
IBM's four key steps to security and privacy for big dataIBM Analytics
 
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...Cybercrime Court Decisions from Latin America - Legal and Policy Developments...
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...Cédric Laurant
 
Outsourcing and transfer of personal data - Titta Penttilä - TeliaSonera
Outsourcing and transfer of personal data - Titta Penttilä - TeliaSoneraOutsourcing and transfer of personal data - Titta Penttilä - TeliaSonera
Outsourcing and transfer of personal data - Titta Penttilä - TeliaSoneraSonera
 
Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Benjamin Ang
 
Qrious about Insights -- Big Data in the Real World
Qrious about Insights -- Big Data in the Real WorldQrious about Insights -- Big Data in the Real World
Qrious about Insights -- Big Data in the Real WorldGuy K. Kloss
 
Privacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposurePrivacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposureredpel dot com
 
Future of Data Storage in the Cloud
Future of Data Storage in the CloudFuture of Data Storage in the Cloud
Future of Data Storage in the CloudBret Piatt
 
Ethics and information security 2
Ethics and information security 2Ethics and information security 2
Ethics and information security 2PT Bank Syariah Mandiri
 
Data Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information SystemData Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information SystemQuotient Consulting
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewragibhasan
 
Towards secure and dependable storage service in cloud
Towards secure and dependable storage service in cloudTowards secure and dependable storage service in cloud
Towards secure and dependable storage service in cloudsibidlegend
 
Personal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochurePersonal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochureJean Luc Creppy
 
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014kevintsmith
 
How Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersHow Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersWSO2
 
Highlights of the Singapore Personal Data Protection Act 2012
Highlights of the Singapore Personal Data Protection Act 2012Highlights of the Singapore Personal Data Protection Act 2012
Highlights of the Singapore Personal Data Protection Act 2012Fuji Xerox Singapore
 
Kauri ID - A Self-Sovereign, Blockchain-based Identity System
Kauri ID - A Self-Sovereign, Blockchain-based Identity SystemKauri ID - A Self-Sovereign, Blockchain-based Identity System
Kauri ID - A Self-Sovereign, Blockchain-based Identity SystemGuy K. Kloss
 
Representational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASRepresentational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASGuy K. Kloss
 
Introduction to LaTeX (For Word users)
Introduction to LaTeX (For Word users) Introduction to LaTeX (For Word users)
Introduction to LaTeX (For Word users)Guy K. Kloss
 
MataNui - Building a Grid Data Infrastructure that "doesn't suck!"
MataNui - Building a Grid Data Infrastructure that "doesn't suck!"MataNui - Building a Grid Data Infrastructure that "doesn't suck!"
MataNui - Building a Grid Data Infrastructure that "doesn't suck!"Guy K. Kloss
 

Mais conteúdo relacionado

Destaque

Data Privacy & Security Update 2012
Data Privacy & Security Update 2012Data Privacy & Security Update 2012
Data Privacy & Security Update 2012Jason Haislmaier
 
走出IT人才荒 研討會
走出IT人才荒 研討會走出IT人才荒 研討會
走出IT人才荒 研討會Charles Mok
 
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCybera Inc.
 
IBM's four key steps to security and privacy for big data
IBM's four key steps to security and privacy for big dataIBM's four key steps to security and privacy for big data
IBM's four key steps to security and privacy for big dataIBM Analytics
 
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...Cybercrime Court Decisions from Latin America - Legal and Policy Developments...
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...Cédric Laurant
 
Outsourcing and transfer of personal data - Titta Penttilä - TeliaSonera
Outsourcing and transfer of personal data - Titta Penttilä - TeliaSoneraOutsourcing and transfer of personal data - Titta Penttilä - TeliaSonera
Outsourcing and transfer of personal data - Titta Penttilä - TeliaSoneraSonera
 
Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Benjamin Ang
 
Qrious about Insights -- Big Data in the Real World
Qrious about Insights -- Big Data in the Real WorldQrious about Insights -- Big Data in the Real World
Qrious about Insights -- Big Data in the Real WorldGuy K. Kloss
 
Privacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposurePrivacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposureredpel dot com
 
Future of Data Storage in the Cloud
Future of Data Storage in the CloudFuture of Data Storage in the Cloud
Future of Data Storage in the CloudBret Piatt
 
Data Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information SystemData Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information SystemQuotient Consulting
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewragibhasan
 
Towards secure and dependable storage service in cloud
Towards secure and dependable storage service in cloudTowards secure and dependable storage service in cloud
Towards secure and dependable storage service in cloudsibidlegend
 
Personal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochurePersonal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochureJean Luc Creppy
 
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014kevintsmith
 
How Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersHow Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersWSO2
 
Highlights of the Singapore Personal Data Protection Act 2012
Highlights of the Singapore Personal Data Protection Act 2012Highlights of the Singapore Personal Data Protection Act 2012
Highlights of the Singapore Personal Data Protection Act 2012Fuji Xerox Singapore
 

Destaque (18)

Data Privacy & Security Update 2012
Data Privacy & Security Update 2012Data Privacy & Security Update 2012
Data Privacy & Security Update 2012
 
走出IT人才荒 研討會
走出IT人才荒 研討會走出IT人才荒 研討會
走出IT人才荒 研討會
 
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
 
IBM's four key steps to security and privacy for big data
IBM's four key steps to security and privacy for big dataIBM's four key steps to security and privacy for big data
IBM's four key steps to security and privacy for big data
 
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...Cybercrime Court Decisions from Latin America - Legal and Policy Developments...
Cybercrime Court Decisions from Latin America - Legal and Policy Developments...
 
Outsourcing and transfer of personal data - Titta Penttilä - TeliaSonera
Outsourcing and transfer of personal data - Titta Penttilä - TeliaSoneraOutsourcing and transfer of personal data - Titta Penttilä - TeliaSonera
Outsourcing and transfer of personal data - Titta Penttilä - TeliaSonera
 
Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)Applying the Personal Data Protection Act (Singapore)
Applying the Personal Data Protection Act (Singapore)
 
Qrious about Insights -- Big Data in the Real World
Qrious about Insights -- Big Data in the Real WorldQrious about Insights -- Big Data in the Real World
Qrious about Insights -- Big Data in the Real World
 
Privacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposurePrivacy preserving detection of sensitive data exposure
Privacy preserving detection of sensitive data exposure
 
Future of Data Storage in the Cloud
Future of Data Storage in the CloudFuture of Data Storage in the Cloud
Future of Data Storage in the Cloud
 
Ethics and information security 2
Ethics and information security 2Ethics and information security 2
Ethics and information security 2
 
Data Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information SystemData Protection & Privacy in Malaysian Total Hospital Information System
Data Protection & Privacy in Malaysian Total Hospital Information System
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level view
 
Towards secure and dependable storage service in cloud
Towards secure and dependable storage service in cloudTowards secure and dependable storage service in cloud
Towards secure and dependable storage service in cloud
 
Personal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochurePersonal Data Protection Singapore - Pdpc corporate-brochure
Personal Data Protection Singapore - Pdpc corporate-brochure
 
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
Big Data Security and Privacy - Presentation to AFCEA Cyber Symposium 2014
 
How Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-UsersHow Privacy in the Cloud Affects End-Users
How Privacy in the Cloud Affects End-Users
 
Highlights of the Singapore Personal Data Protection Act 2012
Highlights of the Singapore Personal Data Protection Act 2012Highlights of the Singapore Personal Data Protection Act 2012
Highlights of the Singapore Personal Data Protection Act 2012
 

Mais de Guy K. Kloss

Kauri ID - A Self-Sovereign, Blockchain-based Identity System
Kauri ID - A Self-Sovereign, Blockchain-based Identity SystemKauri ID - A Self-Sovereign, Blockchain-based Identity System
Kauri ID - A Self-Sovereign, Blockchain-based Identity SystemGuy K. Kloss
 
Representational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASRepresentational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASGuy K. Kloss
 
Introduction to LaTeX (For Word users)
Introduction to LaTeX (For Word users) Introduction to LaTeX (For Word users)
Introduction to LaTeX (For Word users)Guy K. Kloss
 
MataNui - Building a Grid Data Infrastructure that "doesn't suck!"
MataNui - Building a Grid Data Infrastructure that "doesn't suck!"MataNui - Building a Grid Data Infrastructure that "doesn't suck!"
MataNui - Building a Grid Data Infrastructure that "doesn't suck!"Guy K. Kloss
 
Operations Research and Optimization in Python using PuLP
Operations Research and Optimization in Python using PuLPOperations Research and Optimization in Python using PuLP
Operations Research and Optimization in Python using PuLPGuy K. Kloss
 
Python Data Plotting and Visualisation Extravaganza
Python Data Plotting and Visualisation ExtravaganzaPython Data Plotting and Visualisation Extravaganza
Python Data Plotting and Visualisation ExtravaganzaGuy K. Kloss
 
Lecture "Open Source and Open Content"
Lecture "Open Source and Open Content"Lecture "Open Source and Open Content"
Lecture "Open Source and Open Content"Guy K. Kloss
 
Version Control with Subversion
Version Control with SubversionVersion Control with Subversion
Version Control with SubversionGuy K. Kloss
 
Beating the (sh** out of the) GIL - Multithreading vs. Multiprocessing
Beating the (sh** out of the) GIL - Multithreading vs. MultiprocessingBeating the (sh** out of the) GIL - Multithreading vs. Multiprocessing
Beating the (sh** out of the) GIL - Multithreading vs. MultiprocessingGuy K. Kloss
 
Thinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ IntegrationThinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ IntegrationGuy K. Kloss
 
Thinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ IntegrationThinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ IntegrationGuy K. Kloss
 
Gaining Colour Stability in Live Image Capturing
Gaining Colour Stability in Live Image CapturingGaining Colour Stability in Live Image Capturing
Gaining Colour Stability in Live Image CapturingGuy K. Kloss
 
LaTeX Introduction for Word Users
LaTeX Introduction for Word UsersLaTeX Introduction for Word Users
LaTeX Introduction for Word UsersGuy K. Kloss
 
Thinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ IntegrationThinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ IntegrationGuy K. Kloss
 

Mais de Guy K. Kloss (14)

Kauri ID - A Self-Sovereign, Blockchain-based Identity System
Kauri ID - A Self-Sovereign, Blockchain-based Identity SystemKauri ID - A Self-Sovereign, Blockchain-based Identity System
Kauri ID - A Self-Sovereign, Blockchain-based Identity System
 
Representational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASRepresentational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOAS
 
Introduction to LaTeX (For Word users)
Introduction to LaTeX (For Word users) Introduction to LaTeX (For Word users)
Introduction to LaTeX (For Word users)
 
MataNui - Building a Grid Data Infrastructure that "doesn't suck!"
MataNui - Building a Grid Data Infrastructure that "doesn't suck!"MataNui - Building a Grid Data Infrastructure that "doesn't suck!"
MataNui - Building a Grid Data Infrastructure that "doesn't suck!"
 
Operations Research and Optimization in Python using PuLP
Operations Research and Optimization in Python using PuLPOperations Research and Optimization in Python using PuLP
Operations Research and Optimization in Python using PuLP
 
Python Data Plotting and Visualisation Extravaganza
Python Data Plotting and Visualisation ExtravaganzaPython Data Plotting and Visualisation Extravaganza
Python Data Plotting and Visualisation Extravaganza
 
Lecture "Open Source and Open Content"
Lecture "Open Source and Open Content"Lecture "Open Source and Open Content"
Lecture "Open Source and Open Content"
 
Version Control with Subversion
Version Control with SubversionVersion Control with Subversion
Version Control with Subversion
 
Beating the (sh** out of the) GIL - Multithreading vs. Multiprocessing
Beating the (sh** out of the) GIL - Multithreading vs. MultiprocessingBeating the (sh** out of the) GIL - Multithreading vs. Multiprocessing
Beating the (sh** out of the) GIL - Multithreading vs. Multiprocessing
 
Thinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ IntegrationThinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ Integration
 
Thinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ IntegrationThinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ Integration
 
Gaining Colour Stability in Live Image Capturing
Gaining Colour Stability in Live Image CapturingGaining Colour Stability in Live Image Capturing
Gaining Colour Stability in Live Image Capturing
 
LaTeX Introduction for Word Users
LaTeX Introduction for Word UsersLaTeX Introduction for Word Users
LaTeX Introduction for Word Users
 
Thinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ IntegrationThinking Hybrid - Python/C++ Integration
Thinking Hybrid - Python/C++ Integration
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 

Último (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

Security and Privacy in Cloud Computing with Mega

  • 1. About Mega Technical Crypto @ Mega Demo You do it . . . Security and Privacy in Cloud Computing Beta-Testing the New Mega Web Client Guy Kloss gk@mega.co.nz Lead Software Developer Mega Limited Guy Kloss | Security and Privacy in Cloud Computing 1/26
  • 2. About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 2/26
  • 3. About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 3/26
  • 4. About Mega Technical Crypto @ Mega Demo You do it . . . Our Business: “The Privacy Company” SaaS Cloud Software Guy Kloss | Security and Privacy in Cloud Computing 4/26
  • 5. About Mega Technical Crypto @ Mega Demo You do it . . . Facts Guy Kloss | Security and Privacy in Cloud Computing 5/26
  • 6. About Mega Technical Crypto @ Mega Demo You do it . . . Products File Storage (now) Chat/Messenger (next) Email (later) Guy Kloss | Security and Privacy in Cloud Computing 6/26
  • 7. About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 7/26
  • 8. About Mega Technical Crypto @ Mega Demo You do it . . . File Storage Servers File storage servers (many many . . . ) Meta-data servers (file attributes, user attributes, thumb nails, . . . ) API servers DB servers Servers helping with managing concurrency Guy Kloss | Security and Privacy in Cloud Computing 8/26
  • 9. About Mega Technical Crypto @ Mega Demo You do it . . . Messenger Servers Cluster of messaging servers for XMPP (using ejabberd) For scalability and load balancing For reliability STUN/TURN servers ! Overcome problem through private IP networks (NAT) Load balancers, HAproxy, redirectors Note: Voice/video normally connects browser’s WebRTC containers directly Guy Kloss | Security and Privacy in Cloud Computing 9/26
  • 10. About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 10/26
  • 11. About Mega Technical Crypto @ Mega Demo You do it . . . Concept: Everything is End-to-End Encrypted! Guy Kloss | Security and Privacy in Cloud Computing 11/26
  • 12. About Mega Technical Crypto @ Mega Demo You do it . . . File and Attribute Protection Keys Involved Master Key Everything private is protected by a master key The master key itself is password protected: PBKDF RSA Key Pair Used for sharing access to files Stored as user attributes Private key is protected with master key Public key is “world readable” Guy Kloss | Security and Privacy in Cloud Computing 12/26
  • 13. About Mega Technical Crypto @ Mega Demo You do it . . . File and Attribute Protection File Protection File content (segmented into blocks) encrypted with session key (AES-128 CTR mode) Session key is encrypted with the master key All file attributes (incl. file name) encrypted with the session key Access information to shared files encrypted with recipient’s RSA public key Shared folders use a folder’s share key to protect file data and attributes Share keys are protected by own master key or by RSA public key Guy Kloss | Security and Privacy in Cloud Computing 13/26
  • 14. About Mega Technical Crypto @ Mega Demo You do it . . . File and Attribute Protection User Attributes Private attributes are encrypted with master key Public attributes are “world readable” Guy Kloss | Security and Privacy in Cloud Computing 14/26
  • 15. About Mega Technical Crypto @ Mega Demo You do it . . . Keys and Authentication Every user has an additional signing key pair (Ed25519) Own RSA public key is signed with it All public keys are “tracked” (fingerprints of RSA and signing keys) Signing keys can be authenticated (comparison of fingerprints) ! “Grounding” of authentication on one single identity key ! Prevention of man-in-the-middle attacks ! Prevention of impostors Guy Kloss | Security and Privacy in Cloud Computing 15/26
  • 16. About Mega Technical Crypto @ Mega Demo You do it . . . Chat Text Messaging Encrypted via a new group encryption protocol: mpENC Inspired by OTR – Properties: Confidentiality (AES-128 CTR encrypted) Full chat partner authenticity (digital signatures) Plausible deniability (ephemeral signing keys) Multi-party capability (Group Diffie-Hellman for shared key agreement) Reveal as little meta-data as possible (Exponential message padding) Based on elliptic curve cryptography (Curve25519 and Ed25519) ! Not compromised by the NSA! lorem ipsum ... Guy Kloss | Security and Privacy in Cloud Computing 16/26
  • 17. About Mega Technical Crypto @ Mega Demo You do it . . . Chat Voice & Video Voice/video is also end-to-end encrypted Using SRTP between WebRTC containers Usually directly connecting peers Guy Kloss | Security and Privacy in Cloud Computing 17/26
  • 18. About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 18/26
  • 19. About Mega Technical Crypto @ Mega Demo You do it . . . Where/How to get it . . . https://beta.mega.nz Exclude search engins and other externals: Simple Web server authentication Best to use a current/stable Google Chrome or Mozilla Firefox Guy Kloss | Security and Privacy in Cloud Computing 19/26
  • 20. About Mega Technical Crypto @ Mega Demo You do it . . . Accounts/Contacts Create an account (if you don’t have one, yet) Add your contacts (for now bilaterally) Guy Kloss | Security and Privacy in Cloud Computing 20/26
  • 21. About Mega Technical Crypto @ Mega Demo You do it . . . File Storage Store files Share files Share folders Guy Kloss | Security and Privacy in Cloud Computing 21/26
  • 22. About Mega Technical Crypto @ Mega Demo You do it . . . Chat Text chatting Voice/video chat Transfer files (via cloud or direct) Guy Kloss | Security and Privacy in Cloud Computing 22/26
  • 23. About Mega Technical Crypto @ Mega Demo You do it . . . Early Adopters Guy Kloss | Security and Privacy in Cloud Computing 23/26
  • 24. About Mega Technical Crypto @ Mega Demo You do it . . . Outline 1 About Mega 2 Technical (GeekFood) 3 Crypto @ Mega (GeekFood++) 4 Demo Web Client and Chat 5 You do it . . . Guy Kloss | Security and Privacy in Cloud Computing 24/26
  • 25. About Mega Technical Crypto @ Mega Demo You do it . . . Provide Feedback Feedback to beta@mega.co.nz Report bugs ! Information to provide Operating system Browser and version Steps to reproduce the problem (if applicable) Maybe a screen shot Possibly exceptions or internal information (see browser debug console) Make suggestions Guy Kloss | Security and Privacy in Cloud Computing 25/26
  • 26. About Mega Technical Crypto @ Mega Demo You do it . . . Questions? Be Safe! Guy Kloss gk@mega.co.nz Shane Te Pou stp@mega.co.nz Guy Kloss | Security and Privacy in Cloud Computing 26/26