Hi. SafeGDocs appears to use a unsafe implementation of AES-CTR mode from here: http://www.movable-type.co.uk/scripts/aes.html
Two problems with this library: - It generates a predictable CTR mode IV using time of day. - There is apparently no authentication of the ciphertext, which in CTR mode means you can trivially modify messages. The SafeGDocs overlay.js that calls the Movable Type AES library has been minified for no apparent reason. I didn't bother to unminify it to look at it. This similar project, SecureDocs, happens to use the same library, but only for a key derivation function. They're using Stanford's JS Crypto for the actual encryption: http://www.mightbeevil.com/securedocs/ I haven't looked at SecureDocs in depth, but Nate Lawson gave it a thumbs up: http://rdist.root.org/2011/05/09/encrypted-google-docs-done-well/ On Sat, Apr 13, 2013 at 8:12 AM, Michael Rogers <mich...@briarproject.org>wrote: > -------- Original Message -------- > Date: Mon, 08 Apr 2013 11:03:51 +0200 > From: Carmela Troncoso <ctronc...@gradiant.org> > To: p...@lists.links.org > > Hello everybody, > > in the last year we have been developing at Gradiant > (http://www.gradiant.org/en.html) a Firefox addon that allows users to > easily encrypt and share documents in Google Drive in such a way that > data is not accessible to the service provider. We are now releasing a > version and would love to have the feedback of the community both about > its usability and security. > > You can download the addon here: > http://www.safegdocs.com/en/home.html > > and find the associated academic papers here: > > http://www.gradiant.org/images/stories/2010_cloudviews_googledocsprivacy.pdf > > http://www.gradiant.org/images/stories/sharing_secure_documents_in_the_cloud.pdf > >
-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
