Omnishare is the overall winner of the “Privacy via IT Security: Innovating Mobile Apps” competition – a European contest to develop mobile apps that leverage security technologies to enhance users' privacy. The top three teams in the competition were invited to demonstrate their apps in exhibition booths at CeBIT 2016. The competition jury selected OmniShare as the overall winner receiving 20.000€ for the award. The app will soon be released as open source software for Windows and Android.
OmniShare is the first system to combine strong client-side file encryption with secure and intuitive key distribution mechanisms. The project is a joint research between two research teams at TU Darmstadt in Germany, led by Professor Ahmad-Reza Sadeghi and Aalto University in Finland, led by Professor N. Asokan. It is supported by the Academy of Finland (via the CloSe project) and the Intel Collaborative Research Institute for Secure Computing (ICRI-SC).
OmniShare offers a secure, efficient and elegant solution to tackle the following problems in an untrusted cloud provider setting: First, how can multiple devices of one user securely and automatically access user’s data that is stored in the cloud? Second, how can a user securely share her data with friends who use different cloud providers?
Regular cloud storage services are vulnerable in various aspects, but especially because providers have access to stored data. One solution is to encrypt files before uploading them. However, one of the main features of cloud storage is the ability to access files from multiple devices. If files are encrypted, the decryption key must be distributed to all devices as well. Existing services sidestep this issue by deriving this key from passwords, but it is well-known that passwords do not provide much security. Other service providers use additional servers to manage and distribute keys, but this ads costs and introduces new vulnerabilities.
OmniShare solves this problem by automatically selecting the best mechanism to transfer the decryption key securely between user’s devices, using an out-of-band (OOB) channel. User only have to scan a QR code or bring devices close enough for them to communicate over an ultrasonic channel.
OmniShare also allows users to share individual encrypted files with others. The file itself is still shared via the cloud, all users need to do is to transfer the decryption key. There are several mechanisms to set up a secure sharing relationship, such as Bluetooth, Near Field Communication and also ultrasonic communication. Once this relationship is established, the devices can share encrypted files wherever they are.
The students and researchers involved were Thien Duc Nguyen and Praveen Kumar Pendyala (CYSEC/TU Darmstadt) and Andrew Paverd (technical lead) and Sandeep Tamrakar, Long Nguyen (University of Aalto).