Blockchain enthusiast developer and writer. My telegram: ksshilov
Do you care about the security of your messages, emails, and the files that you send online? That’s great if you do, because the Internet is full of dangers and leaks can damage anyone’s reputation. Good examples are Hillary Clinton or the celebrities whose private photos were leaked, both situations showing us that security is nothing to joke about.
The majority of popular data transfer methods can be secure, if used properly and with precautions. But in this article we're going to review most of them from a technical standpoint to find out where they stop being as secure as they claim to be. In this context, we’ll also cover the advanced blockchain technologies that solve the problem of security in digital transfers to understand if decentralization covers the shortcomings of the current solutions.
The most common channel of communication we use is the ordinary email. It's plain text sent by an SMTP server to the POP server. Its biggest vulnerability is to sniffing – when you suddenly get a middleman spying on your traffic and reading everything you send. The problem can be fixed by using a P2P-encrypted email service, such as ProtonMail and many others. These email providers allow the encryption of all outgoing mail messages with your own unique password. Recipients can read your mail by also using that password, and those who don’t know the password will only see the meaningless, jumbled text. This is one way to send emails securely, but still you can’t get a certain confirmation that the receiving party actually received it, and you can’t send large files via email either.
Another channel of communication we use everyday is messengers, the most popular of them being Telegram and WhatsApp. These apps are more secure than email by default, as they include end-to-end encryption right from the start. Telegram has its own encryption protocol, MTProto, which is open sourced, so everyone can check the code and its security, and WhatsApp uses Signal, another popular encryption protocol that is free-to-use. This protocol, however, is more inconsistent in its performance. A security site, the Electronic Frontier Foundation, made a series of detailed reviews regarding the flaws of both messengers, and they came to the conclusion that WhatsApp might be more flawed than its competitor, Telegram:
Another solution for data transfer is cloud storage. There are many competing services, such as Dropbox, Google Drive, Microsoft OneDrive. Generally, they are secure. Every large storage platform, at least these three, have advanced external firewalls, internal firewalls, intrusion detection, event logging, and encryption. Also, all data centers where the files are stored are protected - armed guards, fingerprints, access levels. However, many users are still susceptible to phishing attacks; they still give passwords to hackers. In addition, security-oriented people may be concerned by the fact that all data in public clouds is stored together and they don’t have any control over its storage. And let’s not forget about the fact that’s it’s always hard to download a large file (over 4 GB) via a slow HTTPS connection.
The above examples serve us well in everyday life. They are convenient to use, as we typically don’t need high security when sending our cat’s photo to our parents. As an alternative, you can use specialized software designed especially for handling a high volume of transactional data, such as Microsoft Azure or BitTorrent.
Gartner, a global research and advisory firm, has named Microsoft Azure a leader in enterprise cloud solutions in 2019. The solution by Microsoft offers a wide range of services, from storing files to deploying cloud applications for your business. One of its services, Rights Management System (RMS), is a special security-oriented encryption system for setting permissions to access stored files. Overall, it’s a very large ecosystem that has several advantages, but there are also a few major disadvantages.
Speaking of “free”, there’s also the BitTorrent software, the most popular file-sharing software in the world. The whole file-sharing activity accounts for 3% of global downstream and 22% of upstream traffic, and 97% of that traffic is from BitTorrent, according to a study by Sandvine in 2018. BitTorrent can be used not only to illegally download games and movies, but also as a genuine peer-to-peer service. Its decentralized protocol allows users to directly share various files between two parties without the need for any middle man. Simply create a magnet link to your file, and send it to another user - that’s enough to transfer a file.
In some special situations (for example, sending an NDA document or an unreleased movie) you would probably want to control who is downloading your files and how well it is protected. In this case we would need a decentralized encrypted blockchain solution that would only give you full control over your files.
Why would you need a blockchain service to transfer your files? Don’t forget, our privacy is shrinking. The Snowden scandal revealed that all our actions are under global surveillance, so it would be wise to try to keep at least some part of our activities from the eyes of the curious government, hackers, and other prying eyes. Blockchain technology was created as a response to this surveillance, which is why they continue to be perfected in the sense of security and privacy.
Over the past three years, a few prominent blockchain solutions for secure data transfer and storage were created, such as Authpaper Delivery, Filecoin, and Storj. All of them offer a distributed network of nodes that can be used to store encrypted data, which can be read only by having a special cryptographic key. All of them have similar features, but the most advanced is Authpaper Delivery, as it allows for the storage and transfer of data alongside the ability to control the delivery. It even uses an already existing BitTorrent network instead of building its own from scratch. But now let’s check out the finer details.
As we’ve said before, Authpaper Delivery is based on the BitTorrent protocol but with very important tweaks. Their solution allows users to send encrypted files over the network as easily as the regular torrent files. The recipients who have the download link can get it and decrypt the file using two private keys. Those who don’t have the keys can download the file, but they can’t read its content. The platform allows users to send very large files as well, as it’s supported by the underlying BitTorrent protocol, so it can be used to transfer any types of files, from classified documents to unreleased movies, without the fear of making a Wolverine-sized leak.
Every action related to the sent file is documented, being written to the Authpaper Delivery ledger. The BitTorrent network nodes, who take on an extra role of file keepers in Authpaper’s ecosystem, also verify and record all operations on data and its delivery. Additionally, they verify the consistency of the file. To keep them motivated in storing the data without the ability to read it, they are paid with the platform’s tokens, Authpaper coins (AUPC). It works like this:
This whole cycle is secure; it divides file to many pieces, it divides QR codes with private keys into many pieces, and it ensures that the confidential file won’t stay uploaded after the delivery, as the seeds will almost immediately delete it to clear up hard drive space. At the same time, the record of the delivery will stay in the Authpaper Delivery blockchain forever. So it’s a great solution, as anyone can use it to send files without having to be concerned about the integrity of the process.
Everyday we face the inevitable necessity to protect our private data from curious eyes. It's a non-stop game where two parties try to outsmart each other. One party tries to get your data for some benefit, and you don't want them to. Any method of sending information via the Internet can be very secure if some precautions are made. Also, anyone can be hacked, it depends only on the effort put into finding a breach. That's why the decentralized solutions for transferring files privately and verifying them have become far more popular.
Create your free account to unlock your custom reading experience.