Private Editing
in the Cloud

Documents in the Cloud

Document editing and managing tools are going online, as evidenced from Google Docs, Microsoft OfficeLive, and Mozilla Bespin, etc. These services bring tremendous benefits on document reliability and usability. However, these benefits come somehow at the cost of security, since users have to fully trust the cloud service provider with their data.

There are lots of reasons you might not want to trust the service provider with your confidential data. Even if you trust them to "not be evil", their server could have bugs that make it unintentionally reveal your data (e.g., Google Privacy Blunder Shares Your Docs Without Permission, TechCrunch, March 2009). A cloud provider could also be subjected to a subpoena that requires it to turn over a large amount of information.

Private Documents

We developed an Firefox extension to enable private editing using Google Documents.

This is a proof-of-concept tool enabling a user to use the cloud editing service Google Documents securely (ensuring both data confidentiality and integrity) without totally trusting the service provider.

Document contents submitted by the user are incrementally encrypted.

Paper

Yan Huang and David Evans. Private Editing Using Untrusted Cloud Services. Second International Workshop on Security and Privacy in Cloud Computing. Minneapolis, Minnesota. 24 June 2011. (PDF, 10 pages)

See also: Encrypted Google Docs done well, Nate Lawson's commentary on this paper, Root Labs, 9 May 2011.

Talks

Yan Huang's talk from Second International Workshop on Security and Privacy in Cloud Computing: [PPTX, PDF]

Directions

Installing the Extension

Note: the current extension is not compatible with Firefox 4.0. The code is available here under an open source (MIT) license, but it will not work with current Firefox releases.

1. Download the extension: securedocs.xpi
2. Install the addon on Firefox Browser. You can do this by dragging the file onto your Firefox Browser. The extension has been tested on Firefox 3.5 and Firefox 3.6. As part of the install process, you will need to restart Firefox.
3. On your browser menu, select "Tools -> Secure Google Docs". Now a check mark appear at this menu item. (Select the item again will disable this add-on.)
4. Go to http://docs.google.com, sign in to your google account if necessary.
5. Navigate to Google Docs by clicking the "Documents" link.

Creating a new Private Document

1. Click the "Create new" button and select "Document".
2. A Settings dialog will appear and allow you to set the credentials and encryption schemes to use.
3. Click "OK" to confirm your settings; Or click "Cancel" to choose not to use any encryption for this editing session.

Making Existing Documents Private

1. Open an existing unencrypted document.
2. A Settings dialog should show up. Set the password as you wish, (default is "abc"), and select an appropriate encryption mode. Then click the "Plain Load" button.
3. The document loads as normal. Make your edits as usual, but for all subsequent "save"s, Google only sees encrypted messages.
4. Close the document after you finish your edits.

Opening Encrypted Documents

1. When you want to reopen the document, just make sure you have "Secure Google Docs" add-on enabled and then click to open the document.
2. A similar Settings dialog appears. Enter your password and click the button "Decrypt then Load". Now you get to see your encrypted documents and continue your edits. (If you clicked "Plain Load", or, if you happen to open that document with "Secure Google Docs" add-on disabled, you will see what Google server gets to know. If the password is wrong, the page shouldn't be able to load sucessfully.)

Credits

This extension was developed by Yan Huang in the Security Research Group at the University of Virginia.

Special thanks to jsCrypto, a fast JavaScript implementation of AES block cipher we use, developed by Emily Stark, Mike Hamburg, and Dan Boneh.