WebCrypt

From SusoSight

(Redirected from WC)

The sad story of the web cryptographic data store that was not released.

Since the 1990s I had always wanted to make a web based version of Matt Blaze's cryptographic file system. We used this type of filesystem at the ISP I worked for to store passwords and credentials for various needs. In 2005 I finally had the chance to do this as a friend's company wanted a web based version of cryptfs. The timing was great because I had recently finished a Cryptography class as part of my Mathematics major program. I ended up solving several major problems with the design and implementation of cryptographic data stores like this. This included solving caching issues with the major browsers, providing a safe way for users to have data recovery should they forget their password (without storing their password in any way) and other unique features which I won't talk about here. They paid a few thousand dollars for the finished system and I shamelessly called it Webcrypt for lack of a better name.

The application did full end to end encryption and never left the data unencrypted or cached anywhere except for volatile memory. It offered each object to be encrypted using an encryption algorithm and key of the user or administrator's choice if desired or applying keys and algorithms to a group of objects. Consideration was also given towards attacks against small vs. large data and repetition of clear text data. An optional feature was to store a copy of the data using a public key, whose private key would be kept somewhere like a safe deposit box and recovered in the event that all users forgot the passphrase for the normal key. This feature came about because the previously mentioned ISP hired me as a contract employee and the last thing they had me do was change the passphrase for the file system. As soon as I left and destroyed my copy of the passphrase, they promptly forgot it as well and all the data was unrecoverable. :-(

I kept the project a secret for a long time until talking about it here because I wanted to develop it into a more polished product. I even made a proposal to a VC for funding, which went well except that he found later that there were a couple of other similar projects at the time which in my opinion missed the point, were out of date and were not commercial. One of the major reasons I didn't release it was fear of liability of storing lots of sensitive data and knowing that I shouldn't be naive enough to think that I was a good enough programmer to not make some mistake. Had I released it when I made it I could probably claim more credit to the idea than CryptDB does now, although they probably have a better implementation although I think their code base is huge for what it does. By comparison Webcrypt is around 6000 lines of code and less than 1MB. My goal was to keep the implementation as simple and straight forward as possible to avoid bugs from overly complex implementations. We used to own the domain webcrypt.org from 2005 until around 2011, but let it expire and now something else has taken its place.