On NordLocker file encryption
The ode to cloud insecurity
You sync the endless reel of snaps from your phone to the cloud. You toss your files to the cloud storage to save another precious GB of space on your device. You run projects and collaborate on work docs online. You back up your treasured code. A perpetual data stream cloud-bound.
Cloud storage services are so user-friendly nowadays that the security holes can easily slip unnoticed. But it shouldn't be so.
The moment you upload a file to the cloud, you lose control over it. Your file reaches a cloud server and, and you're no longer the master of your data at this point. Being dependent on a cloud puts you in an odd situation – you have to trust the cloud company to keep your data safe and private. But is it worth the trust?
Even if the cloud service provider says it encrypts your files at rest, the question is: who holds the decryption key? Most cloud companies keep the keys themselves, letting their systems see and process your data. It means that backdoors to your files exist.
And backdoors are always inviting. It may be an unethical employee – an admin who may access your cloud data driven by mischievous intentions. A local government entity may serve a subpoena to the cloud storage provider requesting to open up their servers for examination. The cloud company itself may have secret questionable practices of sharing your data with third parties – not necessarily for sneaky reasons. But your personal files ending up somewhere in an external database without your knowledge is already a privacy nightmare. And how can you be sure that your photos – your most personal moments – won't be secretly used to train AI systems?
See, that's the thing. You can only assume that the cloud provider will take care of your data security and trust them. But we at Nord believe that data security shouldn't be a matter of trust. We aim that you would never have to assume that your data is safe in the cloud. We want you to be sure. And we're bringing a solution to make it happen.
The solution: end-to-end file encryption
Encryption is the remedy that can solve cloud insecurity and your data privacy problems. The critical point here: you must do it on your own. Instead of relying on your cloud storage provider, you need to encrypt files on your computer before you move them to the cloud. This way, you're in charge.
But you don't have to fight this security battle solo. You need a tool that will make the process of securing your files easy and quick and empower you to distribute data in an ultimately confidential way. You need a tool that will ensure end-to-end encryption while you move files around. A tool that will keep your documents secure no matter where you decide to keep them.
That's why we're introducing NordLocker.
NordLocker is not cloud storage. We believe it's better. Think of it as middleware that adds a security layer to your data. NordLocker never stores your files anywhere. Instead it lets you maintain the flexibility of keeping them wherever you're used to, only securely.
Powerful end-to-end encryption packed into a slick app makes data security a matter of seconds. Add the possibility to share encrypted files confidentially with specific recipients and you'll get a versatile file encryption app for your everyday workflow. This is NordLocker.
We are thrilled to tell you more, so read on and let us explain what we did here.
The basic principles
When bringing NordLocker to life, our core goal was to provide you with top-notch security for your files, regardless of where you decide to keep them. These are the principles we've followed along the way.
Cryptography continually evolves to withstand emerging cyber threats. To make our technology as much future-proof as it can be, we take state-of-the-art cryptography solutions and implement them in NordLocker in the most reliable way.
Your data is not our business. Our encryption system is designed this way so that we wouldn't be able to see your file content under any circumstances.
If uploading files to the cloud is as easy as a drag-and-drop, why should securing them with encryption be any different? We aim to make advanced encryption solutions available for everyone, regardless of their computer skills and cryptography expertise. To achieve this we follow the best usability practices and always keep use cases in mind when designing NordLocker.
Being open about our technology
We ask people to entrust us with protecting their most sensitive data. So we believe that putting our security solution under public scrutiny is the right thing to do. We are open about our technology from the very start and will continue behaving this way as NordLocker develops.
In math we trust
Human errors may happen, but math never fails. To ensure the ultimate security of your data, we build our technology on proven algorithms and functions developed by acknowledged mathematicians.
Unboxing NordLocker's encryption design
Spoiler alert: high concentration of geeky terms below
All about the base
NordLocker is based on GoCryptFS. It's a mountable FUSE filesystem that offers a great thing in terms of encryption: it allows encrypting data on a file basis. It means you don't need an ultimate backup file that you would re-encrypt each time you add new items to it.
Because of GoCryptFS, NordLocker can integrate seamlessly into your usual workflow when backing up data to the cloud. As each file is encrypted separately in the NordLocker app, you have the full flexibility to choose which encrypted files you wish to sync with your cloud. Just like you would typically do with the original unencrypted files. This way, backing up your data securely is as easy as it gets.
Here's another cool feature of GoCryptFS: when encrypted files are mounted, other applications can access and modify these files. All changes are reflected in real time. Now let's put this in human language. You can edit an encrypted text document by simply opening it in your word processing app. All changes that you make will be saved in the encrypted document. So you're cutting a corner: there's no need to get back to the original file to edit it and then encrypt it once again. Sweet efficiency.
Since encrypted files are mounted as part of your file system, even their temporary copies are never left unencrypted.
For low-level encryption processes, we were looking for a modern and powerful cryptographic library. Libsodium seemed like a perfect fit. So it powers up password hashing, key derivation, salt generation, and other essential functions in NordLocker's cryptosystem.
Elliptic-curve cryptography (ECC)
Key encryption in NordLocker relies on public-key, or asymmetric, cryptography. Using elliptic-curve cryptographic (ECC) algorithms, the system assigns you a public and a secret key that are mathematically linked to each other. In NordLocker, this happens when you first set up your account.
The next-generation elliptic-curve cryptosystem seemed the best choice for NordLocker. ECC is more resistant to vulnerabilities and offers the same level of security as the commonly used RSA, only with much smaller key sizes. For example, a 256-bit ECC key provides the level of security equivalent to 3072-bit RSA key. Elliptic-curve algorithms are also more friendly for devices with less computational power. With these characteristics, ECC clearly beats RSA in designing a future-proof solution, which is the principle that we follow. RSA may be an easy path when it comes to development. But we believe there are no shortcuts when it comes to security. While some say life's about balance, we say it's all about choosing the right curve.
Now, getting back to the keys. Public and secret keys make a perfect pair. A file encrypted with your public key can only be decrypted with your secret key.
Since the secret key can't be mathematically derived from the public key, the public key doesn't have to stay secret. It can be shared without any security risks.
The secret key, on the other hand, is an ultimate secret. In NordLocker, your secret key never leaves the application in an open form. It's encrypted with the XChaCha20-Poly1305-IETF cipher right on your device.
Now, the cha cha
The XChaCha20-Poly1305 cipher suite is a relatively new but definitely cool kid on the cryptography block (kudos to its creator Daniel J. Bernstein, a respected cryptographer and computer scientist). The combination of a stream cipher ChaCha20 and the code authenticator Poly1305 allows having properties of both encryption and authentication in a single operation.
When deciding how secret keys should be secured in NordLocker, we took the modern approach and went with XChaCha20-Poly1305. The security of this algorithm has been greatly scrutinized and acknowledged by academics and the cryptography community.
How we encrypt your files
First off, let us introduce you to a locker. A locker is an encrypted folder that holds your secrets. Everything you add to it is secured with encryption. You simply drag and drop a file to your locker folder and… magic: the file is encrypted automatically. What happens in the background?
As imposed by GoCryptFS, a locker key is needed to lock and unlock a locker (what a mouthful!). How do we get this key? When creating a locker, we generate a random 256-bit key with Libsodium. Then we encrypt the locker key with XSalsa20-Poly1305 MAC using your secret key – the one that is assigned to you when you first set up your account.
Now that we have the locker key secured, we can encrypt the file. To do so, we use well-known cryptographic primitives: AES-GCM for file content encryption and EME wide-block encryption for filename encryption.
Sharing the encrypted files
One of the NordLocker features is secure file sharing. To share an encrypted file with someone, you need to start by giving file access to the recipient in the NordLocker app. Once done, you can send the locker with your encrypted file in any way that works for you – by email, messaging apps, or upload to the cloud.
Managing your locker access is powered by the ECC key exchange.
Remember the locker key – the one that locks and unlocks a locker? When you give access to a locker to someone, its key is encrypted with your secret key and the recipient's public key. The recipient will decrypt the locker key and access the file with their secret key and your public key.
You, as the file owner, can securely share confidential information without revealing your secret key. That's the beauty of public-key cryptography.
Now, let's put the keys to work:
Episode 1. The one with the confidential code sharing
Alice and Bob are working on this super-secret software project that will take the market by storm one day. After spending the whole night programming, Alice needs to send this precious piece of code for Bob to deploy. Obviously, she needs to do it confidentially (it's a business secret!). She adds the code file to the NordLocker app and gives access to Bob. Now the locker key (the one that lets you access files in a locker) is encrypted with Alice's secret key and Bob's public key.
As for now, a shared folder on Dropbox is home for all their project-related stuff. A gut feeling tells Alice that it might not be the best option, but the two were too excited to think about it when the idea hit. So the locker with the code file is now successfully uploaded to the cloud.
Alice texts Bob at 7 am. Bob downloads the locker. Remember the keys? The locker can be accessed with Bob's secret key and Alice's public key. Now Bob can open the file and read the code lines Alice polished with such care.
Master password, the VIP
One of the most vital steps in starting using NordLocker is creating a master password. It wouldn't be too much to say it's a real VIP – a very important password. Why exactly?
Reason one: you will need to enter your master password each time you wish to access your lockers or, in other words, the encrypted files. You will be using this password often, so make it memorable.
The reason two gives even more importance. Your master password plays a significant role in encrypting your secret key. Well, not directly. This is where Argon2id, the award-winning key derivation function, steps in. By applying Argon2id, a derived password is acquired from your master password and a salt. The derived password will be used to encrypt and decrypt your secret key.
Since the secret key is needed to access the files in lockers, the app will ask you to provide your master password each time you're opening a locker.
You are the only one who knows your master password. We never store it in the application or on our servers, so it can't be hacked in any way.
If you lose your master password, you can reset it with your recovery key – an emergency key we give you when you create your account. You need to copy it and put it in a safe place. Preferably, offline. Believe us, you don't want to forget or lose this one. Losing both your master password and your recovery key will lock you out of your files.
So what do we know?
To be honest, almost nothing.
As for the content of your files, we have zero knowledge about it. We don't store any content in our backend. We don't even know the names of your files and lockers.
We know your public key because it's meant to be public. All other keys are encrypted on your computer.
It is impossible to access your encrypted files without your secret key. We secure it with a key derived from your master password, which is known to a single person – you. So that's why the application asks you to enter your master password whenever you wish to access your encrypted files. Even for us, accessing your encrypted files without knowing your master password would mean breaking the entire cryptosystem. No, thanks.
On a final note
We at NordLocker hope that our solution will help people to take back control of their data – both personal and work-related. Health professionals, researchers, scientists, programmers, lawyers, and other specialists hold confidential and sensitive data that needs protection, especially when stored in the cloud. Securing your files shouldn't be difficult. NordLocker brings leading-edge encryption technology to your fingertips.