View
40
Download
3
Category
Preview:
Citation preview
LavernaA tangential explanation of Laverna
You are Here Laverna
Markdown
Crypto Pbkdf2Unnecesssary Visualization
PBKDF2 For Blue
Synchronization RemoteStorage.io
Markdown.md
Installation
Conclusions
Remotestorage.0wn.su
What are these words
• Laverna and Etherpad are note taking services• I won’t talk about Etherpad because• Self-hosted alternatives to cloud apps like Evernote• Security and encryption are the focus here
Laverna
• Node.js based local web page• HTML + JavaScript = no server required• Information is stored in the client you’re using• Encryptomagic• Remote storage options:
• RemoteStorage.io (self-hosted)• Dropbox
• Installation:• git clone git@github.com/laverna-static• Done
Markdown
Why?
• Easy to convert into:• HTML• LaTeX• PDF• RTF…
• Who supports MD?• Github (GFM)• Notepad++• SublimeText• Everything on the Internet
Encryption
• All encryption happens client side (there is no server)• PBKDF2• Manually entered salt (random)• Manually entered password• Can adjust iterations (1000 default)• AES 128 or 256
• Generated ciphers are stored in the browser local storage
Crypto/Sync JSON
• {"id":"0cc9da4f-a47f-c9fd-e1ba-55cb0ddb14e7",
• "title":"{\• "iv\":\"uSrC4YzSxgvjueOBn+kb3A==\",\
“• v\":1,\“• iter\":\"1000\",\“• ks\":128,\“• ts\":64,\“• mode\":\"ccm\",\"adata\":\"\",\“• cipher\":\"aes\",\“• salt\":\"ZwuH03ajWY0=\",\“• ct\":\"WvpHRh50YbhdGeWFORR5b1xUu
iRb
• UID of the app
• This is the title of my note• This is the IV for the note• Supports versioning of your note• PDKDF2 iterations• Key size is 128• Something else size is 64• Mode is CCM stream cipher• AES• Salt that you set• The cipher text of the title itself
• DK = Derived Key• PRF = HMAC - pseudorandom function like HMAC-
SHA256• c = Salt
DK = PBKDF2(PRF, P, Salt, c, dkLen)
DK = PBKDF2(PRF, P, Salt, c, dkLen)
Password
Salt
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHA
Derived Key
What this defends against
“monkey”
Salt
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHAHMAC-SHA
HMAC-SHA
Different Derived key
JustBlue Takeaway
* This is from the Internet. Based on font, this is probably way off now
Laverna Crypto
• PBKDF2• Server never knows your key• Server never knows your keys• Fuck the cloud
• Client side Crypto
Javascript Based Crypto
• Not a big deal - it’ll be fine, what could go wrong• Relying on client side crypto with a
server authenticator• Relying on client side crypto to
protect client side information
Well Actuall
y
Back to Laverna
Syncing
• Supports Dropbox
Syncing
• Support RemoteStorage.io• Self-hosted remote storage similar to dropbox
Laverna Installation
• Clone repository:git clone git@github.com:Laverna/laverna.git• Switch to stable versiongit checkout 0.5.0• Install dependencies:npm install && bower install• Build minified version:grunt build• Build Dependencies: node.js, bower, grunt.
Operating Environment
• Can host on any web server because crypto is on the client• Does not require PHP or programming environment• If remotely hosted, should be done over HTTPS• Github provides easy hosting over https for free• Can also run on your own computer
Wait have I done a demo yet?
https://laverna.cc/index.html#notes
Here’s a diagram of something
Laverna Etherpad Evernote
License GPL GPL No
Storage RemoteStorage, Dropbox
None Sync with evernote
Encryption PBKDF2 (AES) None (SSL with plugin)
SSL + magic?
Software JavaScript: Node.js, bower, grunt
JavaScript
Collaboration Not Realtime Yes Supports sharing
Subfolders Infinite None Only 1 subfolder allowed
Stored Format Json Export supports PDF, Word, and many other formats
Conclusion
• Fuck the cloud• Use laverna• Use markdown• Use PBKDF2• Use RemoteStorage.io (remotestorage.0wn.su?)
Recommended