Open Source App Development Platform Aims to Ensure Privacy in the Cloud

Thanks to the revelations of Edward Snowden about the activities of the U.S. National Security Agency and the U.K. Government Communications Headquarters, data privacy makes life a lot more complicated for anyone who wants to develop cloud-based applications. If users can’t be confident that the privacy of their data is assured, then they’re likely to think twice before ever using your applications.

But there’s an opportunity here, too: If your apps do keep user data private, then they’ll be far more appealing than apps that don’t. Developers will soon be able to exploit this opportunity using an open-source secure cloud application development platform called Crypton.

Applications that perform heavy data processing in the cloud often pose a problem, as data needs to be decrypted in the cloud before it can be processed. On the other hand, apps that carry out data processing in a browser on the client side, leveraging the cloud for the storage of encrypted data only, are a different prospect.

Using this type of architecture, user data is always encrypted when it’s in the cloud. Even if an intelligence agency or hacker gets access to it in the cloud, or during its journey to or from the cloud, it’s unusable.

Analysis: U.S. Spy Budget Reveals Investments in ‘Groundbreaking’ Cryptanalysis

The problem developers face is building this type of application while ensuring the cryptography component is implemented securely. That’s what Crypton aims to address.

Customers Want Cloud, Developers Want Platform for Cloud Apps

Crypton is sponsored by a cloud storage and backup company called SpiderOak. CEO Ethan Oberman says Crypton came from the company’s software client, which encrypted data before sending it to SpiderOak for storage.

“When customers discovered that they had to download and install our client software, more and more of them were abandoning,” he says. “The world is moving toward cloud-based software and people who care about privacy.”

Once the company decided to supply a Web-based application instead, it made sense to create an open source platform that other developers could use to build “zero knowledge” applications, Oberman says. This means the cloud provider stores encrypted data and has no information about the data it’s storing or where to find the decryption keys.

Related: 5 Elements Your Cloud Infrastructure Needs to Enable Application Agility

Of course there is some self-interest behind SpiderOak’s decision to sponsor this open source platform, as applications built on Crypton can use storage supplied by SpiderOak. But these apps aren’t tied to SpiderOak, and developers can choose another cloud resource for storage. (There is one important caveat: If the target storage service isn’t free and open source, then developers have to purchase a commercial license to use Crypton.)

Crypton Makes Cloud ‘Dumb Storage Medium,’ Doesn’t Read Data

Crypton applications run on the client side and use JavaScript as opposed to the more server-oriented C++, Objective C or Rails. JavaScript also enjoys a large developer community, especially for Android and iOS, Oberman says. The actual cryptographic work is done on the client side using a standard JavaScript encryption library — no untried, untested cryptographic code or ciphers here.

The server-side software running in the cloud is built on PostgreSQL and node.js, Oberman explains. “Typically, you would have the indexing and searching done in the cloud. With Crypton, this is all happening on the client. The data structures we use make this happen fast,” he says. “The cloud is just used as a dumb storage medium, storing and retrieving data it can’t read.”

This works by dividing information into data and metadata and taking advantage of the fact that metadata in data-intensive applications such as photo storage is typically less than 1 percent of the underlying data. “Our browser-based client can retrieve metadata very quickly. Then, when you want the real file, it can download it,” Oberman says.

Analysis: Ignore Cloud Security Assessment at Your Own Risk

Using this approach, a hacker or government agency can’t do a mass compromise of user data. Accessing a given user’s data would involve compromising that individual’s client device. Even if that’s possible, it’s not an approach that can be easily scaled to compromise a large numbers of users.

Is Browser Secure Enough for Running Apps?

Ramon Krikken, a security researcher at Gartner, says that, done properly, a privacy-oriented Web application platform such as Crypton will be highly attractive to developers. They want an easy-to-use framework with standardized, validated code.

This is what has been missing until now, and this is what Crypton appears to be offering,” Krikken says. “If you’re a developer, you won’t have to do all the work to find out how to do encryption properly in JavaScript. You can just download Crypton.”

The key question, then, is whether Crypton is really as secure as Oberman hopes. As an open-source project, the code base is open to scrutiny from any eyeballs that care to look at it — including the NSA’s, of course. That, in itself, doesn’t guarantee that the code is not flawed. For this reason, Oberman says SpiderOak plans to pay an as-yet-unnamed security outfit to review the code.

To that extent, Krikken says Crypton’s prospects are promising. “SpiderOak seem to be doing all the things that you would hope [it] would do: making the code open source, getting it validated and using standardized components,” he says.

Case Study: How NASA Helped Open-Source Cloud Take Off

That said, there are other considerations, Krikken says. If an application written using Crypton runs in JavaScript, then the runtime environment may not as secure as it should be, he warns. “A cross site scripting vulnerability could make it possible to mess around with the execution flow of JavaScript,” he says. “A browser is not the ideal environment for running secure applications.”

It’s too early to say if Crypton will succeed, as the platform is still at version 0.0.1. The security audit is due to take place this October, though, and more stable code may be available as early as the end of the year, Oberman says.

Krikken remains optimistic about its prospects as a useful open source tool. “The creation of a platform like this is good. It drives privacy forward,” he concludes. “Projects like Crypton are definitely helpful for developers and anyone concerned about privacy.”

Paul Rubens is a technology journalist based in England. Contact him at paul@rubens.org. Follow everything from CIO.com on Twitter @CIOonline, Facebook, Google + and LinkedIn.