At Bitcasa, we take security very seriously. When we first started to build our web platform, we spent a lot of time thinking about how to secure our users' data as much as possible. The first step was deciding whether it was going to be feasible to continue with client side encryption on our web app. It became clear that while we were able to still build an extremely secure browser platform, client side encryption from a browser just wasn't option. Here's why -
Browser client side encryption significantly restricts the features we can offer that our users have come to appreciate. We wouldn't be able to thumbnail images for optimized mobile experiences. Transcoding your videos so you are able to watch from from any device wouldn't be an option. It would also mean a noticeably slower experience, intensive memory & CPU usage, along with a string of other issues.
So, coming to terms with the fact client side encryption wasn't available for our web app, we began exploring other options that would ensure user data would remain secure.
The first level of protection is password hashing. We chose bcrypt, a hashing algorithm based on the Blowfish encryption algorithm. Bcrypt is an excellent choice for password hashing because it's slower to calculate hashes (about half a second per hash on the typical consumer's hardware) and has salting built right.
Right when a user signs up we generate a unique, random key for that user which will be used to secure high level user metadata. Essentially this key is the gateway to the user's account; we call this the "user key". Next, a differently salted, hashed version of the password, that we call the "user key key" (bear with us, here) is used to encrypt the "user key". The encrypted "user key" is then stored in the database.
You may be wondering how user data is still accessible during a session. Are we storing a password, or "user key" or even the "user key key" somewhere? Well, yes we do, but we did a lot of work to also ensure that the live session data is secured from prying eyes.
Upon login, we generate a unique session key. This session key is then used to encrypt your "user key", along with all other session information in our session cache. At this point, that session key is set as a cookie in your browser and sent on every request, allowing Bitcasa to only access as you make requests to us.
Your data, user key, password and all other sensitive information that would provide access to your account data is obscured from attackers via industry standard AES encryption, only being decrypted and held in memory for the duration of a request.
When a file is accessed, it's streamed in realtime, decrypting (and sometimes manipulating in the case of thumbnails and transcoding) the data as it is sent to your browser. Similarly for uploads, Bitcasa reads the incoming stream of data, chunking and encrypting it before it's written to anywhere persistent.
As always, security is of the utmost importance to Bitcasa and we take your privacy very seriously. We really hope this alleviates some confusion regarding how encryption works for our web app!
- David Lawrence, Bitcasa Infrastructure Engineering Manager