FileSec

The main screen for encrypting and decrypting files
The login screen, which uses a Firebase database
The mobile waiting screen

Inspiration

We wanted to make a data security product that leveraged the safety that 2 factor authentication brings to passwords. We believed that using a mobile phone as the extra layer of file security would be akin to using a padlock to secure property in a locker.

What it does

FileSec allows users to encrypt and decrypt files by using their phone as the private key. Upon attempting to encrypt, the user is given a six-digit code, and is prompted to enter the given code on their mobile device. Once the code is verified to be the same, the phone generates a unique private key for the file which the computer uses to encrypt the file. The same process is repeated for the decryption. This means that in order to ever access the encrypted files, users must have access to both the computer client as well as its associated mobile client.

How we built it

FileSec is built on top of AngularJS for both the mobile and desktop clients, in order to allow easy sharing of libraries and to make each client cross-platform. The desktop client is wrapped in Electron, and the mobile client in Ionic. Both clients connect to the NodeJS Socket.IO server. We use Firebase to authenticate users, but no other information is ever permanently collected.

Challenges we ran into

We had to figure out the most efficient way of organising the network flow, such that we could minimise the number of network messages sent between the clients. This meant that we had to organise all 3 programs to send and receive the correct information at every stage. This took a lot of trial and error in testing to ensure that variable names and structures were all the same.

We also needed to figure out a cryptographically secure way of sending network messages and keys to ensure there was no possibility of man in the middle attacks. In the end we used an SSL socket, so that our connection was secure. However before doing so we ensured no private information about the files or the encryption was ever sent.

Accomplishments that we're proud of

We were able to effectively synchronise three separate networked devices in real time, so that they all knew their part in the encryption and decryption of files. This meant learning how to use socket.io in the most effective manner, such that the server could route all necessary messages to the right clients at the right time.

What we learned

We learned how difficult it can be to cryptographically secure a process. Many times we stumbled over the best way to send information across the network in order to maximise security yet still minimise network overhead. In the end we believe that we've made a relatively strong encryption method, however without proper analysis it is difficult to tell.

What's next for FileSec

Integration into the Windows/Linux/OSX UI, such that specific files/folders are encrypted upon saving them.
Possible NFC communication between devices
Better UI/UX design within the applications

Built With

Submitted to

Cal Hacks 3.0

Created by

I worked on the desktop client that serves as the UI entrypoint for encrypting and decrypting the files. It manages the connection to the socket, does the actual encryption, and interacts with the user.

Nicholas Thomson
I worked on developing the routing server that will serve the computer and mobile devices the keys and handle the requests between each device without losing the secure communication. That routing server does not handle any vital information thus cannot pose as a security vulnerability.

Anooj Patel

Updates

Nicholas Thomson started this project — Nov 13, 2016 11:26 AM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.