Providing open and free file storage and sharing for everyone in the world using state of the art encryption techniques.
Castiglione, L.M., & Romano, S.P. (2018, July). Thalos: Secure File Storage in Untrusted Clouds. In International Conference on Future Network Systems and Security (pp. 178-192). Springer, Cham.
Hey you! This is Thalos project speaking, welcome to the dark side! Ops sorry, I did it again! Never mind, welcome! …and thank you for visiting the Thalos repository.
This README is a hub to give you some information about the project. Jump straight to one of the sections below, or just scroll down to find out more.
Thalos shows up as a service that can be easily used, in theory, by any device connected to the internet. People could easily register an account using their email address and choosing an username and a password. Once a user is registered, a master key pair is generated
Master private key: The private key of the pair, it belongs to the user that can unlock it trough a passphrase chosen during the creation process. It’s highly recommended to choose a passphrase different from the account passoword.
Master public key: As it can be guessed by its name, this is the public key of the pair, it is stored on a remote database. It could be also used for secure file sharing in future improvements.
The barely generated Master Key Pair (MKP) will be used to encrypt the user basefile, as we will discuss later. Once the MKP is generated it is possible to add a basket to user own basket list. Baskets are virtual file containers (they can be thought as very simple virtual filesystems), each basket is described by a basket description file which basically stores information about contained files including name, type, size and a pointer to the encrypted static file on the storage (attribute id) as it can be seen. Among with the basket, two new keys are generated, they are:
Basket description files are stored remotely encrypted with the basket private key.
Furthermore, a basefile is associated to each user, it is remotely stored encrypted with the Master Private Key of the user to whom it belongs. A basefile contains the basket private keys of the baskets owned by the user it is associated with.
The diagram below shows how the Thalos system acts when a users uploads a file to the network trough the web interface. Last part of the sequence diagram is a pinch different from the real implementation but it clearly show how encryption system works.
You can check our Roadmap here
|Short term (Mozfest)||REST APIs documentation||Patience|
|Short term (Mozfest)||Build community of users||Good communication|
|Short term (Mozfest)||Build community of contributors||Good communication|
|Short term (Mozfest)||Roadmapping||Patience|
In Greek mythology, Τάλως was a giant automaton made of bronze to protect Crete from pirates and invaders. By adding an ‘h’ you get Thalos, an ambitious project that aims to protect people form (digital) pirates and oppressors.
Founder of this project is ecleipteon, an addicted to privacy and security and enthusiast student of computer science and engineering from Napoli. This project is mentored by edovio within Round 4 of the Mozilla Open Leadership program.
We need expertise full stack developers, user experience, database maintenance, software sustainability, documentation and technical writing and project management.
We need Hardware to deploy Thalos.
We need Security and cryptography expertise - Do Thalos leak informations when deals with cryptography elaborations and keys management? Are files really stored safely?
We need Legal consultants. What would happen if terrorists used Thalos?
We’d love your feedback along the way, and of course, we’d love to keep your secrets as well.
If you think you can help in any of the areas listed above (and we bet you can) or in any of the many areas that we haven’t yet thought of (and here we’re sure you can) then please check out our contributors’ guidelines and our roadmap.
Please note that it’s very important to us that we maintain a positive and supportive environment for everyone who wants to participate. When you join us we ask that you follow our code of conduct in all interactions both on and offline.
Furthermore two mailing list have been created in order to receive feedbacks both from users and contributors about the demos. Please feel free to join them
User community: https://groups.google.com/forum/#!forum/thalosbeta Contributors community: https://groups.google.com/forum/#!forum/thaloscontributors
If you want to report a problem or suggest an enhancement we’d love for you to open an issue at this github repository because then we can get right on it. But you can also contact ecleipteon by email (lucamaria [DOT] castiglione [AT] gmail [DOT] com) or on twitter.
Thank you so much for visiting the project and we do hope that you’ll join us on this amazing journey to support people privacy.