New threats, new security, new solution: meet the new ONLYOFFICE fortified by blockchain

21 May 2018By Ksenija

ONLYOFFICE is about to launch a blockchain-based solution to change the means of protecting documents and editing once and forever. Read more details in the article below.

blockchain-edition

In the age of internet-related threats concerning nearly every second individual, data security becomes a hot topic for every business. The reason is simple: information comes as an asset more and more valuable than before, while tech and knowledge used for illegal gathering of this information develop as rapidly.

Sadly, the growing industry of data security solutions triggers massive speculation and drive huge flows of money spent on unreliable and costly protection methods. However, this industry has given birth to an ultimate flagman of the digital era: blockchain, a technology which is simple to understand, yet very hard to fool.

Problems of aging document protection methods

1. Protecting storage, not data

Most of the modern cloud solutions offer only data center security, leaving the protection of the data itself under responsibilities of its owners. Centrally stored under the surveillance of a single company, your data is exposed to monitoring, third-party access, and hacking.

2. Inability to keep strong passwords

Using hundreds of services on a daily basis, individuals tend to use simple and/or similar passwords to avoid forgetting them and doing frequent password resets. Consequently, these passwords are easily cracked with brute force attacks. Moreover, most websites store them as a plain text, which gives unwanted access to any information once the server is hacked.

If someone still uses strong passwords, the problem lays in the ways of storing these passwords. With as many documents as we are working with in the modern reality, we need to remember thousands of these passwords or keep them in some password database which, again, can be hacked or abused by those whom it is entrusted to.

3. Insecure sharing of credentials for encrypted documents

Another security issue related to classic encryption is sharing these passwords with others while giving access to documents. The password needs to be sent, and normally is sent as a text, to another person, which endangers the data if the transfer method is insecure (e.g. an email).

Blockchain as a gateway to next-generation document security

As a reminder, a blockchain is a decentralized network that stores data in blocks, each connected to the other in a natural sequence and distributed among several machines. Every record created in blockchain stays there forever and presumably cannot be erased or altered. Blockchain can be (and already is) used for an unimaginable variety of purposes, from executing financial transactions to marketing digital toys.

This technology offers wide opportunities for developers to create solutions for transparent, anonymous, and highly secure data transfer and storage. Realizing that the security of business documents can be enhanced too, using blockchain, we decided to offer more than just common security tools to our users:

  • End-to-end document encryption with auto-generated complex passwords: we can generate strong passwords automatically and encrypt them with keys stored in blockchain;
  • Encrypted collaborative editing in real time: with transparent user identification that blockchain technology offers, we can reach the seamless level of collaboration while keeping data transfer encrypted with an above-mentioned method;
  • Decentralized storage of sensitive data: user credentials (e.g. encryption keys) can be stored in blockchain with no chance of losing it since this data is stored on multiple machines simultaneously.

ONLYOFFICE Blockchain Edition will use end-to-end encryption of documents and generate very complex passwords impossible to crack for each document, making sure no-one can ever access them without authorization in the network. When authorized, users will be able to share files and collaborate with other network participants, while there’s no need to manually transfer these passwords.

We believe that the key to a good night’s sleep is excluding the human factor from the risks, which today is reachable only with blockchain. Protecting the sensitive information itself, not focusing only on the server security is the first step. And as blockchain is distributed among multiple servers, it will not be necessary to store security data on a single machine vulnerable to hacking, malicious actions, outages and mechanical damage. And may a file go into the wrong hands by mistake, it can never be read. Isn’t it great?

How it works

Ethereum as a base blockchain network

We chose Ethereum as a core blockchain technology for ONLYOFFICE Blockchain Edition, as it allows the most opportunities for developing various solutions employing the flexibility of smart contract technology (smart contracts are special algorithms that allow determining how various operations through blockchain are organized).

Desktop Editors as a user client

An access to ONLYOFFICE Blockchain Edition features will be given through Desktop Editors with own Ethereum light client integrated. We are already preparing the interface of the app, introducing the tabbed toolbar, digital signatures, and encryption plugin very soon. You can download the latest version of ONLYOFFICE Desktop Editors from our website. It’s free.

Each user, when registered in our blockchain, will receive a personal address and a pair of keys (private and public) that will be used for document encryption.

Encryption in ONLYOFFICE Blockchain Edition

Let’s assume that Alice and Bob are users of ONLYOFFICE Blockchain Edition, and Alice wants to give Bob secure access to her new document.

access-rights-bc

  1. Alice creates the document and encrypts it using symmetric encryption with a generated strong password.
  2. Alice selects the type of access rights for Bob and ONLYOFFICE creates a message with information about the level of access and the password.
  3. ONLYOFFICE encrypts the message, using asymmetric encryption, with Bob’s public key.
  4. This message is then transferred to blockchain.
  5. Bob receives the message and decrypts it with his private key. Now Bob has the password for opening the document with the access rights that Alice has set for him.

Same old collaboration, fully rethought

Never before there has been a solution that combines co-authoring and encryption. When you casually co-edit a document with your colleague, raw changes proceed through a server and are received on their side in real time. If the change transfer is hacked, the intruders can collect them and restore the document fully or partially. In ONLYOFFICE Blockchain Edition we will interweave the split-second encryption into the change transfer. Let’s go back to our example and take a look:

At the moment Alice is co-editing a document with Charlie and David.

coediting-bc

  1. Alice makes a change in the document.
  2. It is immediately encrypted with public keys of Charlie and David and sent to the server.
  3. Charlie and David receive Alice’s inputs which are decrypted on their machines in real time.

On user’s side, there’s no difference from normal co-editing but the certainty that their collaboration is impossible to track.

Be the first to know about the release

In a nutshell, we are trying to revise the classic approach to data security, mixing the best of what is already invented with a unique model of encryption. This, in our understanding, will originate the new document protection technology that is transparent but impossible to trick.

As the first stage of the solution launch, we are going to establish a test network on Ethereum to carry out alpha- and beta-testing of a full-fledged prototype, using a private blockchain. Stay updated to catch ONLYOFFICE Blockchain Edition release.
 

SUBSCRIBE

 
If you have any questions or thoughts, please use the comment section below. Today we especially crave your feedback.