Request for code review and support
The Crypto Bone software has first been released in December 2014 and has been licensed under a BSD license. It may contain bugs and may have undetected security issues in its current version 1.1.0, released in November 2016.
So it is essential that the Crypto Bone software and design gets serious code review from independent researchers. I hope you'll find the project promising and will spend some time to scrutinize the source code and publish your comments on the project.
Together we can make the Crypto Bone a success in 2016!
Over the past few months the project has changed in its design. Now you will be able to run a local software-based Crypto Bone on your main Linux machine without the need to use an external device. The storage of secrets on the main Linux machine has improved with the introduction of the cryptobone daemon process.
There are also three different ways to use external devices to further secure the message key data base. You can use a separate Linux computer, a Beagle Bone or a Raspberry Pi 3 as a separate hardware to protect your database in an isolated environment. The software for the external device is now part of the main cryptobone RPM package, which is the same on all tree different hardware platforms.
In addition to the RPM package, that can be installed to the hard drive, the Crypto Stick offers a complete graphical installation on a USB drive. See the download section for details. There is also a single downloadable image for an external Crypto Bone or an external Crypto Pi, ready to be written to a micro SD card.
The external device also has its own daemon process (cryptoboneexternd) that protects access to the encrypted data base. In contrast to the normal cryptobone daemon on the main machine, this daemon waits for the arrival of the masterkey which is sent from the main machine via the secure ssh tunnel. So the external Crypto Bone daemon gets its decryption key from outside while the normal Crypto Bone daemon will read the decryption key during a small time frame from a protected part of the local file system, directly after the boot process starts. This separation of the decryption key (master key) and the encrypted data base is the foundation of additional security you can achieve by using an external device.
The Crypto Bone has changed substantially during the year 2015 and 2016, as I tried to reduce the complexity of the system to a bare minimum. Eventually I got rid of the GnuPG binary that was formerly used to create OpenPGP messages.
This last improvement is most notable, because the cryptographic core functions will now be located in one single library, cryptlib-3.4.3, a masterpiece written and maintained by Peter Gutmann. All peer-review, that went into scrutinizing cryptlib will now benefit the Crypto Bone project. Because of the fact that the Crypto Bone uses only a tiny fraction of Cryptlib's functionality, the symmetric AES encryption and the high-level interface, it was possible to reduce the effective source code considerably, and to create a shared library of substantially reduced size (libclr-3.4.3).
In order to secure the keys stored on the main Linux machine, the local Crypto Bone software has been improved by introducing a daemon process from version 0.99e. This deamon process stores the master key and the ssh private key in memory, so that all operations that make use of these keys will find them in memory only.
With the introduction of the external Crypto Bone daemon in version 1.1.0, the master key will now be stored in main memory on the external device directly on arrival via the ssh link. Thus leaking into the filesystem is impossible.
Code ReviewHow can you help?
The most important help would be peer-review of the Crypto Bone's core source code. Any comment in relation to the code and the message protocol is valuable and will be considered to improve the Crypto Bone. If you wish to contribute, I'd like to hear from you and you can send me confidential messages through this link.
But if you are not a crypto expert, there are a number of support options to help improving the Crypto Bone:
- Check the latest working Crypto Bone image for functionality and report bugs and usability issues. It's important that many people figure out whether or not the Crypto Bone is working as expected, with a fresh and independent view on the results.
- Help to write parts of the documentation that you feel are still missing or are incomplete.
- Spread the word and tell your friends and colleagues about the Crypto Bone project - and ask them to support it, too.