10:21 < karli> i think we should start now. i think the topic is encryption. 10:22 < maerchenonkel> interesting. sqlite3 3.5.9 on server fails, but sqlite 3.7.4 on local machine works.. downloading the db file from the server to the local machine and it can't be opened 10:22 < maerchenonkel> sorry, 3.7.4 on local machine works with db file created on local machine 10:23 < maerchenonkel> but ok, let's forget that :) 10:23 < karli> i can give a short overview about the current state of the encryption. 10:23 < maerchenonkel> yes please 10:24 < karli> we had a lot of discussion about proper encryption in the past year. and i think that we all agree the the data should be encryptend on the client to have perfect security 10:24 < MTGap> JanCBorchardt: about the single/double quotes. There are some files that use both like files/index.php. Look at the addScripts and assigns 10:24 < karli> but this is difficult because the webinterface and normal webdav would no longerwork 10:25 < karli> so i think we should go with a 90% solution for now. this means encryption on the server with blowfish and the password of the user as key 10:25 < rom1dep> [hs]JanCBorchardt: I'm reading that in germany the "I like" button of facebook is illequal :) 10:26 < karli> this is quite secure. the only problem is that the server admin could change the ownCloud code and put a backdoor into it which logs the password of the user. but i think we have to ignore this for now 10:26 < maerchenonkel> needs the file to be completely transferred to the server, before it can by encrypted? or is the file encryption possible while it is sent? 10:26 < karli> i started a first library "lib/crypt.php" which provides functions for encyption and decryption. 10:27 < karli> encyption and decryption on the fly should be possible. we use 4k blocks which are encypted independently. 10:28 < JanCBorchardt> MTGap: yeah, then you use single quotes for the PHP parts and double quotes for the HTML. Or do PHP and JS get mixed? 10:28 < JanCBorchardt> rom1dep: yes. And rightfully so. 10:28 < karli> we don´t use the password directly as the key. we generate a keyfile in the data directory which is uses as the key. and this keyfile is encrypted with the user password. the benefit is that we don't have to reencypt all the data if the user changes the password 10:29 < MTGap> JanCBorchardt: I'm just saying that it isn't just me that's confused or accidently not following the coding style. Is there a quick way to fix these style issues with a script? 10:29 < JanCBorchardt> MTGap: (we’ll do that gradually. I know of that issue. Let’s not discuss this while there’s a meeting. :) 10:31 < karli> the idea is that files can be encrypted or unencrypted. encypted have a ".encypted" extension. the access to the files and decryption/encryption should be completely transparent for the webinterface or webdav because crypt.php should be integrated in the filesystem library 10:32 < maerchenonkel> i reckon that putting the password into _SESSION might be a leak (cookie on user's hard disk or tmp file on server or wherever the session is stored) 10:32 < karli> i´m not completely sure about the userinterface. perhaps jan can help with that :-) do we need a "encrypt" "decrypt" button for every file and folder? do we need a "encrypt everything by default" setting? do we need a "don´t encrypt files larger than xxMB" setting? :-) 10:33 < icewind> karli: I recently added a class to the filesystem stack that would allow the encryption stuff to hook into the filesystem in the right place and en/decrypt the data on the fly 10:33 < karli> icewind. cool. so we can integrate it easily :-) 10:33 < icewind> maerchenonkel: we would only need to store the decrypted keyfile in $_SESSION 10:34 < karli> icewind: exactly. 10:35 < maerchenonkel> oh, i think there is a typo in changekeypasscode, lib/crypt.php:80 newpassword -> newpasscode 10:35 < karli> if someone want´s to access foo.txt the filesystem library should check if there is an foo.txt.encypted file. if yes it should call the function in crypt.txt to decrypt it on the fly 10:35 < DeBot> [rss] Revision 3cb07254: allday bug fixed - http://z.pist0s.ca/x5z 10:35 < icewind> I agree that that is also not 100% secure, but as long as encryption is done server side, an evil server admin can always get your data 10:35 < icewind> but that is the best we can do atm 10:35 < JanCBorchardt> karli: I just read that in the TODOs – I’m highly wary of any encryption "frontend" since I think that people will just decrypt stuff and leave it decrypted because it’s easier. 10:36 < karli> maerchenonkel: absolutely possible. this is untested code :-) 10:36 < JanCBorchardt> the thing is that I don’t know what exactly the backend entails and how difficult it is. 10:36 < icewind> JanCBorchardt: an encrypted file is dectypted on the fly is a user wants to open it 10:36 < icewind> all transparently 10:37 < JanCBorchardt> icewind: then there is no need for a "decrypt" option as it’s decrypted anyway for opening, right? 10:37 < karli> JanCBorchardt: I agree. but encryption of everything be default might be slow. so I don´t really know what the right approach is 10:37 < JanCBorchardt> Only an "encrypt" options for files larger than XX MB 10:37 < maerchenonkel> although i like the idea that a maximum filesize can be specified. maybe an option only for the admin? 10:38 < icewind> we'll have to test out some encryption rules when everything is implemented, then we can see how it actually works in real life cases 10:38 < karli> icewind: good idea 10:38 < JanCBorchardt> It probably makes sense to choose which files to encrypt based both on file size and type (e. g. don’t bother with mp3s but very much encrypt presentations bigger than 10 MB) 10:38 < JanCBorchardt> For ownCloud to automate that I mean. 10:38 < karli> true 10:39 < maerchenonkel> encrypting whle uploading to the cloud might not be that much of an issue, as the network might be the bottleneck. but that remains to be seen... 10:39 < karli> so perhaps we should ignore the userinterface for now and just try to ignore everything. than we can see how good it works 10:39 < maerchenonkel> agreed 10:39 < karli> ignore-> encrypt 10:40 -!- georg [~georg@p5797A1D5.dip.t-dialin.net] has quit [Read error: Connection reset by peer] 10:41 < maerchenonkel> and for a later stage, i think it would be good to have a sha1 hash instead of the real name for the encrypted files (which needs another encrypted meta file to retrieve the original name, i guess) 10:41 < maerchenonkel> or meta file entry in db 10:42 < JanCBorchardt> karli: yeah, I agree. 10:42 < karli> maerchenonkel. not sure about that. if you really want to encrypt the filename use blowfish for that. using a hash which you have to lookuop in the database and also has to be encrypted doesn´t make sense 10:42 -!- georg [~georg@p5797A1D5.dip.t-dialin.net] has joined #owncloud 10:43 -!- areichman [~quassel@cpe-76-166-183-163.socal.res.rr.com] has joined #owncloud 10:45 < karli> there is still a problem with blowfish were someone has to look into 10:45 < maerchenonkel> i agree, encrypting the filename with blowfish might be good enough, as long as this is the only meta data... 10:46 < karli> we can´t load the complete files into memory to encrypt it with blowfish. we don´t have enough ram 10:46 < karli> so the idea is to load the files in 4k blocks and encrypt the separately. 10:47 < karli> the problem is that the encrypted data is bigger than the original one. so if we store it again in the encrypted file we don´t know where one block starts and one block ends 10:48 < karli> to decrypt it block by block 10:48 < karli> we have to look into this problem and read some crpto texts to find a solution :-) 10:49 < karli> if this is solved the integration in filesysstem.php should be really easy 10:49 < maerchenonkel> the blocks that blowfish creates are not always the same size (like 4k input always yields 5k output)? can some padding be applied? 10:50 < maerchenonkel> http://www.di-mgt.com.au/cryptopad.html#examplecbc (just found this0 10:50 < DeBot> [URL] Using padding in encryption 10:50 < karli> possibly. but we have to check 10:51 < karli> this might be solution :-) 10:53 < karli> does someone want to help with that? I think it should be straight forward 10:53 < karli> :-) 10:55 < JanCBorchardt> karli: just regarding the encryption + user interaction: I’d say start encrypting the smalles files, prioritize documents, photos etc. over media (music, video). Does that make sense? Is encryption going to run in the background while using ownCloud? Does it need to be kicked off once like music collection scanning? 10:56 < karli> i can also finish the feature of course. but I´m not sure I have a lot of time in the next 2 weeks. so it might take some time till it´s done 10:57 < karli> Jan: that´s possible. we don´t have cronjobs so we can always do stuff when the user is using owncloud. 10:58 < maerchenonkel> i would only have time for another hour or two, but might have a look at the padding bit 10:59 < karli> cool stuff :-) 11:00 < maerchenonkel> but i have no expereicne in that, so bear with me :) 11:00 < karli> hehe. sure 11:01 -!- raignarok [~raignarok@p5DD267B5.dip.t-dialin.net] has quit [Ping timeout: 252 seconds] 11:03 < JanCBorchardt> karli: so I think the only interface for encryption which would be unobtrusive and make sense is a section in Personal saying how many percent of files are encrypted. Also acting as a progress bar if it’s not 100% yet. 11:03 < JanCBorchardt> then you can just leave that page open for a while until it’s "100 % MAXIMUM SECURITY" or something ;) 11:03 < karli> good idea 11:04 < karli> it´s possible that read performance is bad. we have to test this 11:13 < JanCBorchardt> yeah. 11:14 < karli> JanCBorchardt: interested in meeting lydia, jeff and me from KDE this evening at the Stuttgart Biergarten? :-) 11:14 -!- MrZYX|off is now known as MrZYX 11:14 < maerchenonkel> another typo in lib/crypt.php:113 contents -> content 11:15 < JanCBorchardt> karli: oh btw, do you have time to check out the htaccess issue of test.owncloud.org – and set the owncloud group as owner for the ownCloud project? I’d then start transferring all content over to the website, use the Gitorious wiki for the rest and give aqu and matthew a gitorious repo. 11:15 < maerchenonkel> (can't commit a fix myself)# 11:15 < karli> maerchenonkel: ups. sorry :-) 11:15 < karli> JanCBorchardt: working on it :-) 11:15 < JanCBorchardt> karli: oh, that would be cool! I have time later. 11:15 < karli> great :-) 11:15 < JanCBorchardt> where is that exactly and when? 11:16 < maerchenonkel> no worries, i will send a diff/patch once this padding is working 11:17 < karli> not 100% sure yet. probably at the Biergarten im Schlosspark http://www.biergarten-schlossgarten.de/ around 19:00 11:17 < DeBot> [URL] Willkommen im Biergarten im Schlossgarten in Stuttgart. Frühschoppen und Veranstaltungen unter freiem Himmel 11:22 < karli> JanCBorchardt: I will be there at 19:00. See you later hopefully. :-) 11:23 < DeBot> [rss] Revision d15673f1: removed single quotes around publicly linked download file - http://z.pist0s.ca/x60 11:26 < JanCBorchardt> karli: yeah, I don’t know yet when I’ll be there and how long I can stay, I’ll give you a call. :) 11:26 < karli> cool. you have my number, right? 0176 201….. 11:28 < karli> i will also bring you tablet. ;-) 11:28 < karli> see you all. :-) 11:31 -!- karli [~karli@e180015124.adsl.alicedsl.de] has quit [Quit: karli]