File
Because the security of your data must be intrinsic.
File
Encrypt
Compartmentalize
Decentralize
Encryption
The digital security of your files is our highest priority. That is why Storro uses the highest standards of encryption protocols.
Our encryption is used on three levels:
The fundamental cryptographic algorithms used by Storro are:
The algorithms have no known weaknesses. They have relatively simple specifications without unexplained constants. The algorithms all run in constant time and have fixed memory access patterns. This makes them immune to e.g. side-channel attacks, a vulnerability for regular AES implementations.
Encryption keys
With Storro all keys are generated locally, stored only locally, and solely in possession of the file owner(s). No one else has the keys – in any form – not even the Storro company.
There is no central key storage system in Storro, preventing related vulnerabilities.
Storro’s decentralized approach to key management is unique and in sharp contrast to many of the currently available cloud applications and cloud services offered for (online) collaboration. In those cases, encryption keys are in the hands of the file owner(s), as well as an external party: the cloud provider. As a result this third party is able to go through your “encrypted” data.
Furthermore the keys at third party providers are stored centralized on their premises making it a very interesting target for hackers and malicious actors: a single hack could give a hacker access to countless documents and files.
For a further in-depth example of how Storro’s decentralized key management is used in the application, please read this article on ‘Flexible Decentralized Access using Invitation-Response Dialogue’ by our CTO.
Location
All data stored in Storro is ‘cut’ into small – encrypted – data chunks, which are stored spread out over one or multiple locations.
Compartmentalized data and distributed storage greatly increase resilience and availability, compared to storing all data at one place/provider. Furthermore, this means Storro does not rely on encryption alone; even if a location were to be compromised or the encryption algorithm here broken, no readable information is obtained – only a few encrypted shreds of a file or database.
The result is that out of all the alternatives in the market only Storro can guarantee full security and privacy, ensuring the user’s files only come into the hands of those for whom they are intended.
Audit trail
Storro features proprietary private blockchain technology: every change to a project (e.g. modifying a file, inviting a new member, creating a new subfolder, etc.) is recorded in a blockchain based audit trail.
On top, thanks to Storro’s built-in Revision Control feature, one can easily return to every previous state of every file of entire project based on this crypto chain.
Each Storro project encompasses its own private blockchain. The private aspect here pertains to the people across whom the data (the ledger) is distributed, and thus have access to the information; in this case only the members of a specific Storro project. Outside of this group, no other party has insight in the project and its contents – including the Storro company.
Storro’s crypto based Audit Trail and Revision Control is not just very convenient in case of unintentional accidents, but also prevents abuse.
Please read our CTO’s article on ‘Design Requirements for a Branched Blockchain Merging Algorithm’ for more information on the blockchain technology used in Storro.
Never worry about the security of your files again