Award-winning mobile app OmniShare provides secure and easy-to-use cloud storage
OmniShare is the first system to combine strong client-side file encryption with secure and intuitive key distribution mechanisms.
Omnishare is the overall winner of the "Privacy via IT Security: Innovating Mobile Apps" competition - a European contest to develop mobile apps that leverage security technologies to enhance users' privacy. The top three teams in the competition were invited to demonstrate their apps in exhibition stands at CeBIT 2016. Researchers from Aalto University and TU Darmstadt are demonstrating OmniShare. The competition jury selected OmniShare as the overall winner and it will receive 20 000€ as prize money. OmniShare is open source software and will soon be released for Windows and Android.
– I am very glad that a relatively small project centered around a single Master's thesis research won over much larger and longer projects in the competition. The jury cited open source nature of the project and the clear explanations about the technologies underpinning the system as reasons for selecting OmniShare as the overall winner, says Professor N. Asokan from Aalto University.
Cloud storage services, such as Dropbox and Google Drive, are widely used but security and privacy are often cited as serious concerns. 44% of those who chose not to use the cloud services were concerned about who might have access to their files.
– Cloud providers always have access to the data and that makes the cloud storage vulnerable. There might be for instance a data breach or a malicious insider working as an employee, explains Andrew Paverd, a post-doctoral researcher working in Professor N. Asokan’s Secure Systems research group in the Department of Computer Science.
Long Nguyen, Andrew Paverd and N. Asokan. Photo by Jonathan Stoklas.
One solution is to encrypt your files before uploading them to the cloud, and to keep the decryption key on your own device. However, one of the main features of cloud storage is the ability to access your files from multiple devices. If your files are now encrypted, the decryption key must somehow be distributed to all your devices. Some existing services sidestep this issue by deriving this key from your password, but it is well-known that passwords are relatively easy to guess, so this does not provide much security. Other service providers use additional servers to manage and distribute keys, but this adds costs and introduces new vulnerabilities.
OmniShare solves this problem by automatically selecting the best mechanism to transfer the decryption key securely between your devices.
– OmniShare solves this problem by automatically selecting the best mechanism to transfer the decryption key securely between your devices, using an out-of-band (OOB) channel. All you have to do is scan a QR code or bring your devices close enough for them to communicate over an ultrasonic channel. OmniShare is designed to minimize the required user-interaction, continues Paverd.
Omnishare runs as a client-side app on each of the devices and automatically encrypts the files with a strong key. As the files are encrypted on the device, there are no longer risks related to the cloud provider.
– OmniShare also allows you to share individual encrypted files with other users. The file itself is still shared via the cloud, so all you need to do is transfer the decryption key. There are several mechanisms to set up a secure sharing relationship, such as Bluetooth, Near Field Communication and also ultrasonic communication. Once this relationship is established, the devices can share encrypted files wherever they are, concludes Paverd.
OmniShare began as the Master’s thesis of Long Nguyen under the supervision of Professor Asokan, and is now a joint research effort between Aalto and Technische Universität Darmstadt. It is supported by the Academy of Finland (via the CloSe project) and the Intel Collaborative Research Institute for Secure Computing (ICRI-SC).