No need for a server, P2P is here:
Or, upload an archive to one of the many file hosting services using TOR.
Of course always encrypt your archives.
Yes.
Post quantum RSA: for optimistic assumptions (meaning assuming some limitations on quantum computers' peak performance), you use the standard RSA algorithm with keysizes of gigabytes. Pessimistic assumptions (assuming no engineering limits on quantum computers, hitting theoretical max performance) would require terabyte sized keys. Keep in mind that the PQ-RSA proposal isn't entirely serious - decryption times can be a full day per message on beefy hardware, it's purpose was to investigate the limits.
Tahoe-LAFS has this; https://tahoe-lafs.org/trac/tahoe-lafs/wiki/OneHundredYearCryptography
There's is "security by obesity" protocols with symmetric keys, where the key material is gigabytes or more (related to proof of storage schemes, used for things like authentication).
> . I'm staying with dropbox + Gdrive + Box.
These aren't much, if any, better.
Far better solutions are Tahoe-LAFS, OwnCloud, and Spideroak.
Hey /r/tor! Lead dev (and today, marketer) here.
You all seemed to like LG when it was released as beta 2 months ago - hope this isn't considered spam. We've come a long way.
I have a laundry list of things (besides smashing bugs) that are being requested as next features:
Cast your vote or LMK if there's something specific you'd like to see!
Most are using a 256 bit key nowadays in anticipation of a future quantum computer. 128 bits might be secure today only if a quantum computer does not currently exist at one of the spy agencies but broken as soon as they get one. If you need to protect data for 5, 10 or 20 years then 256 bits is better. For 100 year crypto then you need to protect against algorithm attacks or advances in cryptanalysis. The current propsal is using two or more ciphers in a cascade e.g. AES-CTR combined with XSalsa20 by XOR and independent 256 bit keys for each algorithm.
I'd also recommend tahoe-lafs, it's going to be big. A group of people are working on integrating it with Tor, when that's done the only way to track what you're downloading is if there's a security flaw in the system. tahoe-lafs is offering a prize if anybody can hack it but so far nobodys been able to.
Lead dev (and today, marketer) here.
I have a laundry list of things (besides smashing bugs) that are being requested as next features:
Cast your vote or LMK if there's something specific you'd like to see!
Hey /r/privacy! Lead dev (and today, marketer) here.
You all seemed to like LG when it was released as beta 2 months ago - hope this isn't considered spam. We've come a long way.
I'll be in and out of this thread, please feel free to AMA.
I have a laundry list of things (besides smashing bugs) that are being requested as next features:
Cast your vote or LMK if there's something specific you'd like to see!
I want some kind of rent-a-Tahoe-LAFS-drive service. Tahoe-LAFS stores everything encrypted so there's no need to trust who stores the data, and there's redundancy built in
Luckily Tahoe has amazing documentation. All of the documentation is https://tahoe-lafs.org/trac/tahoe-lafs/wiki/Doc .
I have two recommendations:
I also recommend running Tor. The network is large and healthy: http://torstatus.blutmagie.de/
Another promising application (it's actually a file system) is Tahoe LAFS
http://en.wikipedia.org/wiki/Tahoe_Least-Authority_Filesystem
I'm not aware of any projects that really fit your use case (most of the ones getting press in this area right now are all blockchain stuff).
Maybe the open source project you were remembering was Tahoe Lafs? https://tahoe-lafs.org/trac/tahoe-lafs
What’s your goal here?
Typically it comes down to rolling your own cloud or using a cloud sync/and or backup service with secure end-to-end encryption , encryption at rest with the keys always in your possession. Your data is client side encrypted.
Ideal, but I have neither the time or patience to mess with my own server.
So...my go to is Least Authority ‘s “S4” back up service. Open source, client side encryption with a decentralized cloud storage system called Tahoe-LAFS.
https://leastauthority.com/ https://tahoe-lafs.org/trac/tahoe-lafs
Runner up is Sync.com for file syncing and storage.
Now, there are other “vault” type services that you could put together pretty well, but on my Apple centric system these two work very well and meet my security and privacy requirements.
I tried Tresorit and SpiderOak years ago but found them buggy and slow. They may be worth trying again.
In any case, my threat model is matched well enough with what I’ve chosen.
Tahoe-LAFS is the only FS I know that has tunable FEC: https://tahoe-lafs.org/trac/tahoe-lafs/wiki/FAQ#Q2_what_is_erasure_coding
Edit: here's some discussion on adding it to Ceph: https://tracker.ceph.com/projects/ceph/wiki/Erasure_encoding_as_a_storage_backend
Tahoe-LAFS (though software only). There are multiple companies beyond them that consider even the manufacturer as an adversary in their threat model.
https://tahoe-lafs.org/trac/tahoe-lafs (cloud hosting by them using that same software: https://leastauthority.com/)
> What is "provider-independent security"?
> Every seller of cloud storage services will tell you that their service is "secure". But what they mean by that is something fundamentally different from what we mean. What they mean by "secure" is that after you've given them the power to read and modify your data, they try really hard not to let this power be abused. This turns out to be difficult! Bugs, misconfigurations, or operator error can accidentally expose your data to another customer or to the public, or can corrupt your data. Criminals routinely gain illicit access to corporate servers. Even more insidious is the fact that the employees themselves sometimes violate customer privacy out of carelessness, avarice, or mere curiosity. The most conscientious of these service providers spend considerable effort and expense trying to mitigate these risks.
> What we mean by "security" is something different. The service provider never has the ability to read or modify your data in the first place: never. If you use Tahoe-LAFS, then all of the threats described above are non-issues to you. Not only is it easy and inexpensive for the service provider to maintain the security of your data, but in fact they couldn't violate its security if they tried. This is what we call provider-independent security.
Tahoe-LAFS can provide encrypted peer-to-peer distributed storage. If that single layer isn't enough, once it supports IPv6, you could run this over CJDNS or some other p2p encrypted layer.
Yes, some archive programs support Parchive recovery files, the most commonly used form of file-by-file redundant storage. http://google.com/search?q=parchive
The most widely used redundant distributed backup system is Tahoe. https://tahoe-lafs.org/trac/tahoe-lafs/wiki/FAQ
> When did you last log into bittorrent and recover your private data ?
http://www.bittorrent.com/sync/ is an example of how it can be done. The only thing it doesn't have is an easy way to get others to store it.
> No trust networking fully distributed and simple click and you are providing resources.
Just like bittorrent, except the usage emphasis is on heterogeneous data with less replication.
Or like freenet except you can store private data in a more permanent fashion.
Am I wrong?
> There is a ton more.
Except I went through the entirety of their website including the use case section and I can't find a use case that isn't essentially "store stuff on other machines". Don't get me wrong, that's pretty cool, but like I said, a very large chunk of the internet is more than just static websites.
EDIT: I'm a dev, don't worry about getting technical in your explanation.
EDIT2: Actually, https://tahoe-lafs.org/trac/tahoe-lafs is the closest thing conceptually, except you turn every client into a server and gateway at the same time.
The source of LAFS is already available at GitHub. Also there are apt packages for some distributions already