On NordLocker file encryption
Unboxing NordLocker's encryption design
Spoiler alert: high concentration of geeky terms below
All about the base
NordLocker is based on GoCryptFS. It's a mountable FUSE filesystem for Macs that offers a great thing in terms of encryption: it allows encrypting data on a file basis. For PCs, we use NordLocker FS, a GoCryptFS alternative that runs a customized fork of Dokan. But for both Mac and PC users, it means the same: you don't need an ultimate backup file that you would re-encrypt each time you add new items to it.
Because of GoCryptFS and NordLocker FS, NordLocker integrates into your usual workflow when backing up data to the cloud. As each file is encrypted separately in the NordLocker app, you have the full flexibility to choose which encrypted files you wish to sync with your cloud. Just like you would do with the original unencrypted files. This way, backing up your data securely is as easy as it gets.
Here's another cool feature of these filesystems: when encrypted files are mounted, other applications can access and modify them. All changes are reflected in real time. Now let's put this in human language. You can edit an encrypted text document by simply opening it in your word processing app. All changes that you make will be saved in the encrypted document. So you're cutting a corner: there's no need to get back to the original file to edit it and then encrypt it once again. Sweet efficiency.
Since encrypted files are mounted as part of your file system, even their temporary copies are never left unencrypted.
For low-level encryption processes, we were looking for a modern and powerful cryptographic library. Libsodium seemed like a perfect fit. So it powers up password hashing, key derivation, salt generation, and other essential functions in NordLocker's cryptosystem.
Elliptic-curve cryptography (ECC)
Key encryption in NordLocker relies on public-key, or asymmetric, cryptography. Using elliptic-curve cryptographic (ECC) algorithms, the system assigns you a public and a secret key that are mathematically linked to each other. In NordLocker, this happens when you first set up your account.
The next-generation elliptic-curve cryptosystem seemed the best choice for NordLocker. ECC is more resistant to vulnerabilities and offers the same level of security as the commonly used RSA, only with much smaller key sizes. For example, a 256-bit ECC key provides the level of security equivalent to 3072-bit RSA key. Elliptic-curve algorithms are also more friendly for devices with less computational power. With these characteristics, ECC clearly beats RSA in designing a future-proof solution, which is the principle that we follow. RSA may be an easy path when it comes to development. But we believe there are no shortcuts when it comes to security. While some say life's about balance, we say it's all about choosing the right curve.
Now, getting back to the keys. Public and secret keys make a perfect pair. A file encrypted with your public key can only be decrypted with your secret key.
Since the secret key can't be mathematically derived from the public key, the public key doesn't have to stay secret. It can be shared without any security risks.
The secret key, on the other hand, is an ultimate secret. In NordLocker, your secret key never leaves the application in an open form. It's encrypted with the XChaCha20-Poly1305-IETF cipher right on your device.
Now, the cha cha
The XChaCha20-Poly1305 cipher suite is a relatively new but definitely cool kid on the cryptography block (kudos to its creator Daniel J. Bernstein, a respected cryptographer and computer scientist). The combination of a stream cipher ChaCha20 and the code authenticator Poly1305 allows having properties of both encryption and authentication in a single operation.
When deciding how secret keys should be secured in NordLocker, we took the modern approach and went with XChaCha20-Poly1305. The security of this algorithm has been greatly scrutinized and acknowledged by academics and the cryptography community.
How we encrypt your files
First off, let us introduce you to a locker. A locker is an encrypted folder that holds your secrets. Everything you add to it is secured with encryption. You simply drag and drop a file to your locker folder and… magic: the file is encrypted automatically. What happens in the background?
As imposed by the filesystems used, a locker key is needed to lock and unlock a locker (what a mouthful!). How do we get this key? When creating a locker, we generate a random 256-bit key with Libsodium. Then we encrypt the locker key with XSalsa20-Poly1305 MAC using your secret key – the one assigned to you when you first set up your account.
Now that we have the locker key secured, we can encrypt the file. To do so, we use well-known cryptographic primitives: AES-GCM for file content encryption and EME wide-block encryption for filename encryption.
Sharing the encrypted files
One of the NordLocker features is secure file sharing. To share an encrypted file with someone, you need to start by giving file access to the recipient in the NordLocker app. Once done, you can send the locker with your encrypted file in any way that works for you – by email, messaging apps, or upload to the cloud.
Managing your locker access is powered by the ECC key exchange.
Remember the locker key – the one that locks and unlocks a locker? When you give access to a locker to someone, its key is encrypted with your secret key and the recipient's public key. The recipient will decrypt the locker key and access the file with their secret key and your public key.
You, as the file owner, can securely share confidential information without revealing your secret key. That's the beauty of public-key cryptography.
Now, let's put the keys to work:
Episode 1. The one with the confidential code sharing
Alice and Bob are working on this super-secret software project that will take the market by storm one day. After spending the whole night programming, Alice needs to send this precious piece of code for Bob to deploy. Obviously, she needs to do it confidentially (it's a business secret!). She adds the code file to the NordLocker app and gives access to Bob. Now the locker key (the one that lets you access files in a locker) is encrypted with Alice's secret key and Bob's public key.
As for now, a shared folder on Dropbox is home for all their project-related stuff. A gut feeling tells Alice that it might not be the best option, but the two were too excited to think about it when the idea hit. So the locker with the code file is now successfully uploaded to the cloud.
Alice texts Bob at 7 am. Bob downloads the locker. Remember the keys? The locker can be accessed with Bob's secret key and Alice's public key. Now Bob can open the file and read the code lines Alice polished with such care.
Master password, the VIP
One of the most vital steps in starting using NordLocker is creating a master password. It wouldn't be too much to say it's a real VIP – a very important password. Why exactly?
Reason one: you will need to enter your master password each time you wish to access your lockers or, in other words, the encrypted files. You will be using this password often, so make it memorable.
The reason two gives even more importance. Your master password plays a significant role in encrypting your secret key. Well, not directly. This is where Argon2id, the award-winning key derivation function, steps in. By applying Argon2id, a derived password is acquired from your master password and a salt. The derived password will be used to encrypt and decrypt your secret key.
Since the secret key is needed to access the files in lockers, the app will ask you to provide your master password each time you're opening a locker.
You are the only one who knows your master password. We never store it in the application or on our servers, so it can't be hacked in any way.
If you lose your master password, you can reset it with your recovery key – an emergency key we give you when you create your account. You need to copy it and put it in a safe place. Preferably, offline. Believe us, you don't want to forget or lose this one. Losing both your master password and your recovery key will lock you out of your files.
So what do we know?
To be honest, almost nothing.
As for the content of your files, we have zero knowledge about it. We don't store any content in our backend. We don't even know the names of your files and lockers.
We know your public key because it's meant to be public. All other keys are encrypted on your computer.
It is impossible to access your encrypted files without your secret key. We secure it with a key derived from your master password, which is known to a single person – you. So that's why the application asks you to enter your master password whenever you wish to access your encrypted files. Even for us, accessing your encrypted files without knowing your master password would mean breaking the entire cryptosystem. No, thanks.
On a final note
We at NordLocker hope that our solution will help people to take back control of their data – both personal and work-related. Health professionals, researchers, scientists, programmers, lawyers, and other specialists hold confidential and sensitive data that needs protection, especially when stored in the cloud. Securing your files shouldn't be difficult. NordLocker brings leading-edge encryption technology to your fingertips.