Categories
Insights @en

Security Comparison: TeamDrive vs. ownCloud

Dropbox polarized within the IT departments. From the executive board up to the ordinary employees, people rely on the popular cloud storage service. This is mainly due to the ease of use that is not provided by internal IT departments today. In particular two in Germany developed solutions attack here, which allow companies to implement their own DropBox similar functions within a self-managed IT infrastructure, TeamDrive and ownCloud. TeamDrive represents a fully commercial and proprietary approach. ownCloud an open source approach, but also offers a commercial version. Both claim the title of “Dropbox for the Enterprise”. However, if we are moving exactly in this environment, the issue of security plays a very important role.

Background: TeamDrive and ownCloud

TeamDrive and ownCloud have two different business models. TeamDrive positioned itself as a fully commercial product for companies in the market. ownCloud uses the open source community in order to gain market share. With a commercial version, ownCloud also addresses the market for professional business solutions.

About TeamDrive

TeamDrive is a file sharing and synchronization solution for companies that do not want to store their sensitive data on external cloud services and would also enable their teams to synchronize data or documents. Therefore TeamDrive monitors any folder on a PC or laptop that can be used and edit together with invited users. With that data is available at any time, also offline. The automatic synchronization, backup and versioning of documents protect users from data loss. With the possibility of TeamDrive to operate the registration and hosting server in the own data center, TeamDrive can be integrated into existing IT infrastructures. For this TeamDrive provides all the necessary APIs.

About ownCloud

ownCloud is an open source file sync and sharing solution for companies and organizations that want to continue to retain control of their data and do not want to rely on external cloud storages. The core of the application consists of the ownCloud server on which the software seamlessly integrates with the ownCloud clients into the existing IT infrastructure and enables the continued use of existing IT management tools. ownCloud serves as a local directory and can be mounted with different local storages. Thus, files are available to all employees on all devices. In addition to a local storage directories can also be connected via NFS and CIFS.

TeamDrive and ownCloud: Security Architecture

In this comparison it is about the security architecture behind TeamDrive and ownCloud. The other functions of both solutions are not considered. So it is about the consideration of encryption techniques, data management, data processing and the user authorization, if information is available. It is assumed that basic knowledge on security exists.

TeamDrive: End-to-End Encryption

Despite its commercial approach TeamDrive is quite informative and provides some security information publicly available. Including on the topic of encryption. They also advertise with the data protection seal of the “Independent Centre for Privacy Protection Schleswig-Holstein”. After a request extensive information has been readily made available, whereby some underlie a NDA (Non-Disclosure Agreement).

Ciphering Method

TeamDrive sets on the following encryption mechanisms:

  • Advanced Encryption Standard – AES 256
    To encrypt the data TeamDrive uses the Advanced Encryption Standard (AES) encryption system with a 256-bit key and sets on the C code implementation of the OpenSSL library.
  • Diffie-Hellman and RSA 3072
    For key exchange TeamDrive sets on the Diffie-Hellman algorithm for its older clients. New clients using RSA 3072. The Diffie-Hellman implementation is based on the C code implementation as it is provided by the OpenSSL library.
  • Message Digest 5/6 – MD5/MD6
    The TeamDrive hash function is based on the MD5/ MD6 algorithm, where the hash value is stored as a random string (salt).
  • PrimeBase Privacy Guard – PBPG
    The PrimeBase Privacy Guard (PBPG) is a proprietary public/ private key system that sets on the Diffie-Hellman key exchange and AES encryption. For the user the behavior of PBPG is similar to the known public/ private key systems of PGP or GnuPG. The PBPG encryption generates random changes and verifies the files during the exchange, so PBPG can detect whether a message or keys have been tampered or altered otherwise. Two messages are never the same. Here, a key pair is generated not only for each user, but also for each installation. The PBPG implementation is open and can be verified by partners and other interested parties, if required.

System Architecture

In TeamDrive data is stored in a so-called Space which determined the number of users who can access. The exchange takes place on a Space Depot, which lies on a TeamDrive Enterprise Hosting Server, a TeamDrive Personal Server or WebDAV.

Each Space has its own 256-bit AES key used to encrypt the data in this Space, if the data leaves the user’s device. Only the TeamDrive software, which is installed on the device of the other users of a Space, has knowledge of the key.

Each server on which a Space Depot is available, is responsible for storing, forwarding and adapting to changes within the Space. So the clients can also exchange data even if not all are online at the same time. Any data that is stored on the server is encrypted by using the 256 bit AES key of the Space.

User Authorization

The registration of a user is done with the TeamDrive client software that checks him against the TeamDrive registration server. This is basically done by entering an email address or a username and a password.

The authorization between the TeamDrive client and the TeamDrive registration server is based on the public key of the registration server. Information such as the e-mail address and the registration password plus other data of the user are transferred in an encrypted form to the registration server using the public key of the registration server.

Only the activation code is sent unencrypted over an unencrypted e-mail to the user. In addition, an encrypted response with the device ID is sent to the TeamDrive client. After the activation by the user, the client software will generate a PBPG key and a matching public key. Following the client software sends the registration password and the public key encrypted back to the registration server using the public key of the server. The activation code is verified and the public key of the user stored. All of the following messages that are sent to the registration server are encrypted with the PBPG public key of the user and need the device ID and the registration password for authorization.

Data Storage and Processing

To generate a Space, the user needs a Space Depot and its password. This tells the TeamDrive client which server it needs to contact in order to create the Space. Subsequently the client software asks for the public key of the TeamDrive Hosting Server. The client software sends the device ID, the Space Depot id, username, user ID, the user’s public key and the name of the Space as an encrypted message to the TeamDrive server. The message is encrypted with the public key of the server. The Space Depot ID and password are checked. For the encrypted transmission of the response the user’s public key is used. The TeamDrive server creates a new Space on the specified Space Depot. A 128-bit “authorization code” is randomly generated for the new Space and sent back to the client.

To access a Space the URL, an authorization code and a Space data key is required. The URL contains the address of the server which is addressed to the Space Depot that includes the contents of the Space, and the Space ID. Changes in the Space are uploaded or downloaded to the Space in the Space Depot. For this purpose, HTTP PUT and POST methods are used. Before a file leaves the client, it is compressed and encrypted with a 256-bit AES key.

To access a Space, the TeamDrive client opens a session with the server. First therein the ID of the Space, to be accessed, is transmitted. After successful testing the server generates a new session ID with a 128-bit random number (RND) and sends it back to the client which stores it locally. For uploading and deleting data, the client uses the RND and the authorization code of the Space and links these in a xor operation including a MD5 operation on the result. The result will be sent along with the session ID and the encrypted data to the server.

The security of a Space Depot is ensured that after each request a random RND value is returned that must be recalculated to a local value each time by the client. In addition a MD5 hash guarantees that the authorization code of the Space cannot be derived. Even if the RND and the local value are known on the client side. This will also prevent that an attacker can infiltrate into a session to upload data to the server.

Summary

The data security in a TeamDrive Space is ensured by encrypting the data with a 256-bit AES key. For this, the key is only known by the TeamDrive clients, which are member of a Space. Provider of storage services based on TeamDrive or system administrators do not have access to the data. The exchange of Space authorization keys between TeamDrive users follows with a secure public/ private key method, which uses a 256-bit AES encryption itself. The access to a Space Depot or a Space is protected with a 128-bit authorization code. The authorization code prevents that the storage of a Space Depot or a Space cannot be used by unauthorized third parties.

In addition to the encrypted data storage on the servers and the clients the data is also always fully encrypted during transmission, whereby TeamDrive delivers a complete end-to-end encryption of the data.

It should also be noted that TeamDrive has received the data protection seal of the “Independent Centre for Privacy Protection Schleswig Holstein”. The official approval number is 2-3/2005. In addition, TeamDrive was named as a “Cool Vendor in Privacy” 2013 in May by Gartner.

ownCloud: Server-side Encryption

At ownCloud one looks in vain for public security information, provided by ownCloud itself. This is a little surprising, since there are apparently many open questions even in the ownCloud community [1], [2] regarding the server-side encryption and encryption in general. Only a blog post can be found in which the fundamental understanding of ownCloud on security is displayed publicly. However, questions on direct demand ownCloud answered without hesitation and made more information available.

Ciphering Method

For data encryption ownCloud 5.0 sets on the Advanced Encryption Standard (AES) with a 256-bit key.

Security blogger Pascal Junod had dealt with the encryption of ownCloud 4.0 in early 2012. The necessary information can be found in the OC_Crypt class. Junod has analyzed the PHP file in this context and published relevant information. Thus, the key is generated in the mt_rand() PHP routine. That implemented the Mersenne Twister, a pseudo-random number generator. Junod commented that this is not a cryptographically good quality. The generated key is encrypted with the user password in conjunction with the symmetric block encryption algorithm Blowfish in ECB mode and then stored in the encryption.key. Junod comes to the conclusion that an attacker who owned this file could get the password using the brute-force method. He also aware, that this key is used for encryption of all the data of a user and the data to be encrypted on the server side. He describes other ways to steal the encryption.key. The password, which is responsible for the encryption of the file is transmitted in clear text (plain HTTP) from the client to the server. If the connection is not secured with HTTPS, everyone is able to intercept the communication, steal the password and could therefore access the ownCloud account and all data. Furthermore, the encryption.key is stored in plain text in the session data on the server side. Most of the time in the /tmp directory. This means that a malicious ownCloud server administrator would be able to decipher the data. Junod also indicates that the encryption is done on the server side, so a system administrator could intentionally manipulate the ownCloud installation. He therefore recommends never use ownCloud 4.0 to store confidential information.

ownCloud confirmed in the inquiry that ownCloud 5.0 itself does not implement a fully integrated end-to-end encryption in the software. However, this can be implemented with third-party tools. Furthermore, encryption is done “at rest“. This means that the data will be physically stored in encrypted form. The connection between the devices and the server is secured with SSL. The key exchange is authorized via the Provisioning API. A comprehensive key management follows in the future.

System Architecture

ownCloud has a plugin for server-side encryption administrators can use to store data encrypted on the server. Users get access to the data and can share them as if they are unencrypted. The new plugin in ownCloud 5.0 replaces the vulnerability in ownCloud 4.0, in which a malicious system administrator could bypass the security architecture by making adjustments to the ownCloud source code to integrate a backdoor or a password sniffer. For data encryption during transmission from the server to the device SSL is used. The password can be changed by a user at any time. All files are encrypted with the new password afterwards.

For server-side security, the administrator must enable the encryption app in the ownCloud management console and set the hook “encryption” in the admin interface. Then a key pair (public/ private) will be created for all users. For this purpose, the user password is used to protect the private key. In addition, for each file uploaded to the server, a symmetric key pair is created. The uploaded user data is encrypted and stored with the symmetric key. As algorithm the Advanced Encryption Standard (AES 256) is used. The symmetric key is encrypted with the private key of the user and stored on the server. If the data is retrieved from the server, it is first decoded and then sent via an SSL connection to the client. The encryption routine behaves with other applications connected to ownCloud, such as the web interface, the versioning and the algorithm for synchronization, exactly the same. If a user changes his password, the private key is decrypted with the old password, and re-encrypted with the new password.

For the user an uploaded and encrypted file on the ownCloud server resembles as a non-encrypted file. The encryption is completely transparent to him. If a file is shared with other users, the public keys of each of these users are stored in the encrypted file. These users can use it to access the file and make changes to it, as it is an unencrypted file. It’s the same with a folder. Users can not open files that are not intended for them. Should a malicious user try to obtain access to the storage backend, files and keys are unreadable.

If the appropriate plug-in is enabled, a system administrator is able to see all files that are stored on ownCloud over the command line. However, the content of the files is encrypted. Regular backups can still be made, but all the files remain encrypted. Even if the data is copied outside the system. An administrator can also configure additional settings to exclude certain file sizes and formats for the encryption.

Summary

With version 5.0 ownCloud now offers server-side data encryption. However, an administrator must explicitly activate a plug-in to encrypt files with AES 256. If a file leaves the ownCloud server it is first decrypted and transmitted over an SSL connection to the ownCloud client. This means that a complete end-to-end encryption is currently not available with simple on-board tools, what ownCloud confirms.

The ownCloud encryption module has been developed for the use within an enterprise data center on the company’s own servers, administered by trusted administrators.

Management Advisory: TeamDrive vs. ownCloud

The comparison of TeamDrive with ownCloud virtually also confronts a commercial with an open source approach. However, what here a little irritates is the openness of the commercial vendor TeamDrive towards ownCloud. Commercial vendors are often criticized for talk little about their security architecture. In this case, we see exactly the opposite. This is probably because ownCloud have not much security respectively encryption implemented to talk about. First with the ownCloud version 5.0, a module for server-side encryption is implemented. However, that there is a need for information and in particular for security, show the questions from the ownCloud community. Here the ownCloud community is still claimed to demand for more public information and security.

In this context the content of the above-mentioned blog article by ownCloud makes sense, which reflects the basic safety philosophy of ownCloud. For ownCloud encryption is an important point. But the focus should rather be on the control of the data.

Security vs. Flexibility

TeamDrive sets on a fully integrated approach and also provides an end-to-end encryption of all data that is transferred from the server to the client of the respective device. Thus, TeamDrive allows despite of a very high claim to the uncomfortable topic of security, the convenient use of a cloud storage service. ownCloud decodes the data first after they are loaded from the server and transfers it over an SSL connection. The lack of on-board tools for an end-to-end encryption can be achieved with external third-party solutions. However, it should be considered that the integration is costlier with it and whether an open source approach provides a cost advantages especially in this case.

But, it should be noted that ownCloud, due to its open source approach, offers more flexibility as TeamDrive and thereby can be completely adapted to the own IT infrastructure according to the own needs. In terms of security ownCloud still need to catch up. This has the consequence that the solution per se does not meet the current safety standards of businesses and is therefore only conditionally recommended.

At the end of the day, the decision must be made whether a company expects a commercial and integrated approach including security mechanisms based on on-board tools and an open source software that requires additional external security solutions which must be integrated themselves. Who is looking for an all-in-one solution, including complete end-to-end encryption and at the same time more security, should decide for TeamDrive.