F R A U N H O F E R I N S T I T U T e F o R se c ure I N F O R M A T I O N T E C H N O L O G ySIT Technical reportsOn THE Security ofCloud Storage Services03/2012F raunhofer V erlag

On the Security of Cloud Storage ServicesMoritz Borgmann, Tobias Hahn, Michael Herfert, Thomas Kunz,Marcel Richter, Ursula Viebeg, Sven VowéEd. Michael WaidnerSIT Technical ReportsSIT-TR-2012-001March 2012Fraunhofer Institute for SecureInformation Technology SITRheinstraße 7564295 DarmstadtGermany

IMPRINTContactFraunhofer Institute forSecure Information Technology SITRheinstraße 7564295 DarmstadtGermanyPhone 49 (0) 6151 869-213Fax 49 (0) 6151 869-224E-Mail [email protected] Michael WaidnerSIT Technical ReportsSIT-TR-2012-001: On the Security of Cloud Storage ServicesMoritz Borgmann, Tobias Hahn, Michael Herfert, Thomas Kunz, Marcel Richter, Ursula Viebeg,Sven VowéISBN 978-3-8396-0391-8ISSN 2192-8169Printing:Mediendienstleistungen desFraunhofer-Informationszentrum Raum und Bau IRB, StuttgartPrinted on acid-free and chlorine-free bleached paper.All rights reserved; no part of this publication may be translated, reproduced, stored in a retrievalsystem, or transmitted in any form or by any means, electronic, mechanical, photocopying,recording or otherwise, without the written permission of the publisher.Many of the designations used by manufacturers and sellers to distinguish their products areclaimed as trademarks. The quotation of those designations in whatever way does not imply theconclusion that the use of those designations is legal without the consent of the owner of thetrademark. by FRAUNHOFER VERLAG, 2012Fraunhofer Information-Centre for Regional Planning and Building Construction IRBP.O. Box 80 04 69, D-70504 StuttgartNobelstrasse 12, D-70569 StuttgartPhone 49 (0) 7 11/9 70-25 00Fax 49 (0) 7 11/9 70-25 08E-Mail [email protected]://

·On the Security of Cloud Storage Services5CONTENTSExecutive Summary111 Introduction1.1 Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.2 Definition of Cloud Storage Services . . . . . . . . . . . . . . . . . .1.3 Use Cases for Cloud Storage Services . . . . . . . . . . . . . . . . . .15161718Part I:Principles of Cloud Storage Services212 The User’s View2.1 Features . . . . . . . . . . . . . . . . . . . .2.1.1 Copy . . . . . . . . . . . . . . . . . .2.1.2 Backup . . . . . . . . . . . . . . . .2.1.3 Synchronization . . . . . . . . . . .2.1.4 Sharing . . . . . . . . . . . . . . . .2.2 Interfaces . . . . . . . . . . . . . . . . . . .2.2.1 Proprietary Software Clients . . . .2.2.2 Browser Interface . . . . . . . . . . .2.2.3 Application Programming Interface .2.3 Optimization . . . . . . . . . . . . . . . . .2.3.1 Deduplication . . . . . . . . . . . . .2.3.2 Delta Encoding . . . . . . . . . . . .2.3.3 Compression . . . . . . . . . . . . 38394 The Security Engineer’s View4.1 Registration and Login . . . . . . . . . . . . . . . . . . . . . . . . . .41413 The Lawyer’s View3.1 Legal Regulations in Germany . . . .3.1.1 Data Protection . . . . . . . .3.1.2 Further Legal Provisions . . . .3.1.3 Certification and Guidelines . .3.2 Legal Regulations in the EU . . . . . .3.2.1 The Data Protection Directive3.2.2 The Safe Harbor Framework .3.2.3 Recommendations . . . . . . .3.3 Legal Regulations in the USA . . . . .3.3.1 The Patriot Act . . . . . . . .3.3.2 The Fourth Amendment . . . .

6· SITTransport Security . . . . . . . . . . . . .Encryption . . . . . . . . . . . . . . . . .File Sharing . . . . . . . . . . . . . . . . .Deduplication . . . . . . . . . . . . . . . .Multiple Devices . . . . . . . . . . . . . .Update Functionality . . . . . . . . . . . .Server Location . . . . . . . . . . . . . . .Classification of Security Requirements . .Further Threats . . . . . . . . . . . . . . .4.10.1 Time Related Aspects . . . . . . .4.10.2 Advanced Persistent Threats . . .4.10.3 A Note on Client-side Encryption .434445464748494951515253Part II:Analysis of Cloud Storage Services555 Methodology for Analysis5.1 Selection of Products . . . . . . . . . . . . . . . . . . . . . . . . . . .5.2 Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5.3 Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .575758596 CloudMe6.1 Synopsis . .6.2 Availability6.3 Features . .6.4 Security . .6161616264.6969697172.77777777799 Mozy9.1 Synopsis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9.2 Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9.3 Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .838383847 CrashPlan7.1 Synopsis . .7.2 Availability7.3 Features . .7.4 Security . .8 Dropbox8.1 Synopsis . .8.2 Availability8.3 Features . .8.4 Security . .

·7Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85On the Security of Cloud Storage Services9.410 TeamDrive10.1 Synopsis . .10.2 Availability10.3 Features . .10.4 Security . .898989919211 Ubuntu One11.1 Synopsis . .11.2 Availability11.3 Features . .11.4 Security . .9797979910112 Wuala12.1 Synopsis . .12.2 Availability12.3 Features . .12.4 Security . .10510510510610913 Summary of Findings115Part III:Recommendations and Conclusion11714 Local Encryption Methods11914.1 Approaches enhancing security . . . . . . . . . . . . . . . . . . . . . 12014.2 Approaches not enhancing security . . . . . . . . . . . . . . . . . . . 12215 Selecting a Cloud Storage Service12516 ces135A Attack on CloudMe Desktop139B Incrimination attack on CloudMe, Dropbox and Wuala141

8·Fraunhofer SIT

On the Security of Cloud Storage ServicesMoritz Borgmann, Tobias Hahn, Michael Herfert, Thomas Kunz, Marcel Richter,Ursula Viebeg, Sven VowéFraunhofer-Institute for Secure Information Technology SIT, DarmstadtKey Words: Cloud Computing, Cloud Storage, Security, Privacy, Encryption, Confidentiality, OutsourcingThis work was partly funded by CASED ( Technical Reports SIT-TR-2012-001

10·Fraunhofer SITSIT Technical Reports SIT-TR-2012-001

On the Security of Cloud Storage Services·11Executive SummaryThe ever-increasing amount of valuable digital data both at home and in businessneeds to be protected, since its irrevocable loss is unacceptable. Cloud storageservices promise to be a solution for this problem. In recent years, their popularityhas increased dramatically. They offer user-friendly, easily accessible and costsaving ways to store and automatically back up arbitrary data, as well as datasharing between users and synchronization of multiple devices.However, individuals and especially businesses hesitate to entrust their data tocloud storage services since they fear that they will lose control over it. Recentsuccessful attacks on cloud storage providers have exacerbated these concerns. Theproviders are trying to alleviate the situation and have taken measures to keep theircustomers’ data secure.In this study we have examined the security mechanisms of seven cloud storageservices:CloudMe, CrashPlan, Dropbox, Mozy, TeamDrive, Ubuntu One, Wuala.The study may be useful for users of the examined services, but also for usersof other services by checking if these services match the identified security requirements.Approach Each service includes a piece of client software and a server-side software. We examined the client software for PCs, never made a penetration teston the server-side. The observation period started in summer 2011 and ended inJanuary 2012.In a first step, we identifiedCopy Backup Sync. Sharingfour typical features of cloudstorage services. (i) The copy CloudMe33feature. This means a service CrashPlan3just mirrors a part of the local333disk in the cloud. If local hard- Dropbox3ware drops out (e.g. a stolen lap- Mozytop) data can be recovered from TeamDrive3333the cloud. (ii) The backup fea- Ubuntu One333ture which is used to preserveWuala3333any version of a file in the cloud.(iii) The synchronization featureTable I. Features of cloud storage services.which enables a user to synchronize all of his devices (desktop, laptop, tablet, mobile phone). (iv) The file sharingfeature which is used for collaboration with project partners. In addition, we haveidentified optimization features like deduplication (files that are known by the serverare not transfered again) which may be supported by the service. Each service supports one or more of the features above as shown in table I.SIT Technical Reports SIT-TR-2012-001

12·Fraunhofer SITSecond, we identified security requirements. The top five requirements and theirobjectives are: (i) Registration and Login, to protect against incrimination, information gathering and to enforce usage of strong passwords. (ii) Transport Security,to secure communication between client and server. (iii) Encryption, to disablethe provider to examine stored data. (iv) Secure File Sharing, to protect documents shared by a closed group, optionally including non-subscribers. (v) SecureDeduplication, to avoid privacy problems when using deduplication.Results We have applied the security requirements to the selected services, asshown in table II.CloudMeCrashPlanDropboxMozyTeamDriveUbuntu plication Table II. Grades. very good, good, some weaknesses, bad, very bad, not availableRegistration was a problem for CloudMe, Dropbox and Wuala because they missedto verify the email address of a new customer. Hence, an incrimination attack ispossible, that means a person A can register with the email address of anotherperson B. Now, A can upload illegal material using the account of the victim B.After that A can notify authorities, e.g. the police, about the illegal content.Transport Security was a problem for CrashPlan, TeamDrive and Wuala becausethey deny the usage of SSL/TLS. Instead they use unpublished, self-made protocols– a very error-prone approach. CloudMe does not take any measure to protect thesecurity of files during transmission.Encryption was a problem for CloudMe, Dropbox and Ubuntu One because theydo not use client-side encryption, thus the provider is able to read the data. Mozydoes not encrypt filenames. The convergent encryption scheme used by Wualaenables attacks by a server-side attacker.Sharing of data was a problem for CloudMe, Dropbox, TeamDrive and Wuala.Problems occur if files are shared with non-subscribers on the principle of a long,unpredictable URL. CloudMe does not obfuscate this URL adequately. Dropboxgives an unclear description wrt to sharing details, TeamDrive is weak when disinviting a group member and Wuala enables information gathering by including theuser name in public URLs. CloudMe does not prevent search engines from accessingthe workspace.SIT Technical Reports SIT-TR-2012-001

On the Security of Cloud Storage Services·13Deduplication was a problem for Mozy and Wuala, because in some cases it ispossible to ask the cloud storage provider whether a file is already stored or not.Data confidentiality can be improved by users by encrypting their data locallybefore uploading it to the cloud. This can be done using a variety of availableencryption tools, including TrueCrypt, EncFS and GnuPrivacyGuard. Under somecircumstances these tools will interfere with features of the storage service. Usersshould be conscious that in any case they trust the provider by using client softwaresupplied by the provider.Legal Considerations In addition, we considered legal requirements for a compliant usage of cloud storage services. An examination of laws and legal provisionsshows that the cloud user is primarily responsible for his data and its processing.Especially companies have to consider that the legal requirements to which theymust adhere may differ to those for the cloud provider or a potential subcontractor.The absence of international regulations guaranteeing an adequate level of data security and privacy requires that European companies must choose cloud providersbased within the European Economic Area (EEA). Additionally, these providersshould not be subsidiaries of companies based in the United States, otherwise thePatriot Act can be used to gain access to the data stored at the provider, even if itis exclusively stored within the EEA.Summary Individuals or companies considering to use cloud storage services areadvised to check whether a cloud provider meets these security requirements.In addition, it is worthwhile to consider using more than one service to reduce theimpacts of service downtime. Further, calculation of the time to recover all datafrom the cloud is recommended. Depending on the individual amount of data, thismay take several days. Having a plan for a provider change in the future reducesthe dependancy on a particular provider (provider lock-in). This will be relevant,for example, if the chosen provider is getting to expensive or is not longer compliantwith governmental rules.As a major result, the study shows that most of the analyzed cloud storageproviders are aware of the extreme importance of data security and privacy, hencethey have taken protection measures. However, a solution which meets all of themandatory security requirements has not been found with any of the analyzedproviders.We hope that this study helps to enhance the security of cloud storage services.SIT Technical Reports SIT-TR-2012-001

14·Fraunhofer SITSIT Technical Reports SIT-TR-2012-001

On the Security of Cloud Storage Services1.·15INTRODUCTIONIn recent years, the popularity of cloud storage services has increased dramatically.For instance, the popular service Dropbox surpassed 25 million registered users atthe beginning of 20111 . Ubuntu One has reached more than one million registeredusers in July 20112 as well as Mozy3 . These services are used to store the hugeamount of digital data which is accumulated in both private and business sectors.Individuals own ever-increasing collections of digital photographs, videos, music(MP3 files), and e-books. Most business processes have been digitalized, i.e., information such as communication data, accounts, contracts, advertising material,construction or business plans only exists in digital form.The data is often of great value and its irrecoverable loss or damage could be atotal disaster for its owner. For parents, videos of their children growing up maybe very important, PhD students may rely on digital material, e.g., a collection ofInternet references, to be used for a dissertation. For a company, the loss of datacould ruin the basis for business. Additionally, companies are legally obliged topreserve tax records for a certain period (6 or 10 years), and to leave them availableto the fiscal authorities.This requires secure methods of preserving important data in order to preventunrecoverable data loss, whilst constantly keeping up with increasing demands forstorage space. It is necessary to regularly make extra copies of the information, so asto be able to restore it to an earlier version if need be. These copies further escalatethe demand for storage space. Additional requirements arise from the variety ofdevices used to access the data simultaneously. Private and business users demandan easy way to synchronize and access their data independent of both device andlocation. The software providing these features must also be tailored to the needsof the individual with no technical background.In order to meet these demands, companies make large investments into their ITinfrastructure. Additional hardware and software is required, as well as staff for itsoperation and maintenance. Larger companies might have to consider building adedicated data center. These expenses conflict with the continuing need to reducecosts in order to stay competitive.Cloud storage services offer user-friendly, easily accessible and money-saving waysof storing and automatically backing up arbitrary data. These services are availableon-demand on the Internet. A customer simply accesses the website of a cloud storage provider and rents storage space as necessary by selecting one of the provider’spackages.A precondition for using this service is Internet access from the customer’s computers or mobile devices. Depending on the amount of data to be transmitted 0518-01.htm2SIT Technical Reports SIT-TR-2012-001

16·Fraunhofer SITthe cloud, sufficient bandwidth must be available, otherwise the transfer could bevery time-consuming. For individuals — depending on their location — this maybe a problem, but the availability of reasonably-priced broadband is increasing.If the use of cloud storage services carries such great advantages, why are individuals and companies alike still hesitant to entrust their data to the cloud?Usage of a cloud storage provider basically means entrusting data to a third partywhere no prior relationship based on trust has been established. Individuals whoupload personal information to the cloud want to be sure that only certain people areable to access it. This should also exclude the provider, since there is no justifiablereason for it to access the data.Companies may entrust files containing sensitive business data and valuable intellectual property which may be of great interest for industrial espionage. Theunauthorized disclosure of customer information, business secrets or research dataposes a serious threat to a company’s business. In addition, compliance requirements with both internal security guidelines and legal regulations have to be met.The cloud storage provider may be subject to different legal regulations than theuser. The possibility of the cloud provider going out of business needs to be takeninto account, since the data might not be easily transferable to another provider(“vendor lock-in”).Recent incidents (e.g. [MSL 11], [New11]) where the vulnerabilities of cloud storage providers have been exploited show that doubts concerning their usage arejustified.1.1ScopeThe main challenge of cloud storage is guaranteeing control, and the necessaryintegrity and confidentiality of all stored data.This study’s intended readership is those companies and individuals interestedin or planning to use cloud storage services. It aims to sensitize users to existingprivacy, security and legal issues.In Section 2 the features of cloud storage services will be described from a user’spoint of view. Legal aspects and implications for privacy will be discussed in Section 3 from a lawyer’s point of view. Cloud storage providers should meet a set ofsecurity requirements, which will be defined and described within section 4 from asecurity engineer’s point of view.The analysis in part 2 starts in Section 5 with a description of our methodology.The requirements will be used to analyze a few selected cloud storage providers insections 6 to 12. The analysis includes relevant organizational, legal and technicalinformation for each service. Section 13 subsumes the found security weaknesses.Part 3, recommendations and conclusion, begins with an overview on the methodsand tools available for achieving service-independent security of personal data usingSIT Technical Reports SIT-TR-2012-001

On the Security of Cloud Storage Services·17local encryption methods in section 14. After that, Section 15 gives an assistanceto select a cloud storage service. The study closes with a conclusion.The appendices describe attacks made possible through missing security featuresof the cloud storage providers. All service providers have been informed prior topublication of this study.The text assumes some basic knowledge about information technology in generaland, in particular, cloud computing. The National Institute of Standards and Technology (NIST) provides a good definition which introduces all basic terms concerning cloud computing [MG11]. Several technical terms from the field of IT-Securityare explained in the glossary at the end of the study. These entries are set in italicand followed by an up arrow (glossary entry ).The study makes no claim to be complete. It is limited to the analysis of onlya few advanced cloud storage services offering easy to use client interfaces, andexcludes basic cloud storage services like Amazon S3. Furthermore, no ranking isattempted because the user requirements are very different.We make some security assumptions in order to focus on cloud storage services.In particular: We assume, the client’s computer is free of any malware. We assume,correct implementations of cryptographic algorithms on the client’s computer andwe assume, the client is the only one having control of is mail account.Last but not least, the study has been written by computer scientists with the focus on IT security. The legal considerations in this paper are not made to substitutean advisory by a lawyer.1.2Definition of Cloud Storage ServicesBasically, a cloud storage system can be considered to be a network of distributeddata centers which typically uses cloud computing technologies like virtualization,and offers some kind of interface for storing data. To increase the availability of thedata, it may be redundantly stored at different locations. In general, all of this isnot visible to the user.Many cloud storage providers are active on the market, offering various kinds ofservices to their customers. This study distinguishes between two types of cloudstorage services:Basic cloud storage services are generally not designed to be accessed directlyby users but rather incorporated into custom software using application programming interfaces (API). Examples of such basic cloud storage services are AmazonS34 , Rackspace5 and Nirvanix6 /6 Technical Reports SIT-TR-2012-001

·18Fraunhofer SITAdvanced cloud storage services mostly employ basic cloud storage servicesfor the actual storage of data, and provide interfaces such as client or web applications which greatly simplify the use of the service for the customer. Many servicesmay also provide an easy to use API to allow integration of the service’s capabilities into third-party software. Examples of advanced cloud storage services areDropbox7 , and Mozy8 .1.3Use Cases for Cloud Storage ServicesThere are multiple use cases for cloud storage services used by both companies andindividuals. This includes on-demand storage capacities accessible from variouslocations (e.g. from mobile and local devices), backup facilities without the needto maintain hardware devices or appropriate software tools, and synchronizationfeatures allowing the customers to always have access to the latest version of theirdata independent of the device (PC, laptop, smartphone). The following use casesshall present the potential benefits of such storage services.(1) Copy. Bob is a sales representative, working most of the time out of the office.At the moment he is traveling home from a two weeks business trip. He hasvisited many customers, made a lot of notices and sketched some drafts forpotential missions. His trip was very successful, but Bob is depressed. As hewas inattentive while waiting for the plane, the bag including his laptop hasbeen stolen. He does not worry about disclosure of data because he uses anencrypted harddisk, but he is sad when he is thinking about the results of thelast two weeks.Using the copy feature of a cloud storage service Bob would be able to solvethis problem. His laptop continuously copies all changes to existing data andall new files to the cloud service. Back home, it is convenient to recover thisdata to his new laptop.(2) Backup. Charlie, an architect, is the owner of a medium sized and prosperousarchitectural office. This day, he is desperately seeking a building plan which hehad drawn up last year. It is the house plan for a customer who has repeatedlychanged his mind, forcing Charlie to frequently alter it. Yesterday, the customerwas in Charlie’s office and demanded a redesign based on a plan from March 5th,2011. The customer presented a paper copy of this former version. Since thenthe architect has been searching for the digital version. Although he protectshis data by making copies and storing them on external devices, he cannot findthat particular version.Using a reliable cloud backup service, which keeps all versions of all files, wouldhave enabled Charlie to restore the building plan from any particular T Technical Reports SIT-TR-2012-001

On the Security of Cloud Storage Services·19(3) Synchronization of Devices. Diana has worked the first half of the day inthe office on a presentation for tomorrow. At the moment she is travelingto the location of her speech. She has planned to polish her slides in the train.Unfortunately, she worked in the office on her Desktop PC and she forget tocopy the presentation on an USB stick.Using a service that offers a synchronization feature Diana could solve thisproblem. Her desktop PC would permanently copy all data to the cloud, likein the storage scenario above. In addition the synchronization feature allowsthe connection of any number of devices. The service takes care that all deviceshave the same data pool. Even if she creates new files on different devices whileshe is offline the service recognizes that. Even better, if she changes one file ontwo devices, the service is able to detect version conflicts.(4) Sharing Files. Eve is a self-employed photographer. At the moment she iswriting a travel guide, together with Frank, a talented writer. They are workingtogether using email. Both of them are displeased on this scenario because thebook is made of more then 100 files and it is very cumbersome to send themvia email and to hold them in sync.Using a service that offers a file sharing feature working on any number of fileswould be much easier. Eve and Frank could just edit their piece of work andeach computer would copy the results immediately to the cloud. Being there,the other computer would automatically download the file. So both of themare always in sync, without any pain. And if they accidentally edit the samefile at the same time, the service creates a notice and offers alternatives how toproceed.SIT Technical Reports SIT-TR-2012-001

20·Fraunhofer SITSIT Technical Reports SIT-TR-2012-001

On the Security of Cloud Storage Services·21PART I:PRINCIPLES OF CLOUD STORAGE SERVICESSIT Technical Reports SIT-TR-2012-001

22·Fraunhofer SITSIT Technical Reports SIT-TR-2012-001

On the Security of Cloud Storage Services2.·23THE USER’S VIEWThis section introduces the typical features of cloud storage services. A particularservice must offer at least one of these features, and may offer multiple features atthe same time.2.1FeaturesIn the following, an explanation of the features copy, backup, synchronization andsharing will be given (cf. Fig. 1).CopyBob's laptopBob's laptopSync.Bob'scell phoneSharingBob's tabletFigure partnerFeatures of storage services.CopyThe copy feature creates a mirror of current local data in the cloud. The typicaluser wants to assure that data is available even if local hardware drops out ( a hard disk crash or a stolen laptop). Further, he wants to access his data fromany place, even if his own hardware is not available. Therefore, an access via webbrowser is quite usual, for a service providing a copy feature.In contrast to the backup feature where data is stored at certain times the copyfeature usually stores data continuously. A storage service may provide a shortretention period, e.g. 30 days, to recover deleted data but this time is to short tosatisfy the definition of a backup service as given above.Typically, there are different ways to store the data in the cloud. The customermay manually store single files or folders in online storage using his web browser, orhe may use client software provided by the cloud provider. Such client software hasto be locally installed by the customer and may be used for the automatic uploadSIT Technical Reports SIT-TR-2012-001

24·Fraunhofer SITof, for example, all (new) files from a given folder belonging to the client to thecloud storage.2.1.2BackupThe backup feature allows to recover any ver

CloudMe, CrashPlan, Dropbox, Mozy, TeamDrive, Ubuntu One, Wuala. The study may be useful for users of the examined services, but also for users of other services by checking if these services match the identi ed security require-ments. Approach Each service includes a piece of client software and a server-side soft-ware.