During sign up, we take your password and apply the scrypt key-derivation algorithm with a per-user salt to produce a hard-to-compute shared secret.
We never store your password in plaintext, ever — neither on your machine nor on the AeroFS Appliance.
We use certificate revocation lists to revoke the certificates for deleted devices. When you unlink or erase a device, we mark the certificate associated with that device as revoked.
We then notify each of your clients–either immediately, or as soon as they come online and reconnect to our push notification service–that the revoked device is no longer to be trusted.
While many actions on AeroFS are purely device-to-device, some actions require talking to the central AeroFS Appliance. These mostly relate to account preferences, administration of shared folders, and information to help us improve AeroFS.
For these communications, we use connections secured with TLS.
Where possible, we use the same client certificate signed by the AeroFS root CA as used in the peer-to-peer communications to verify identity, but we also have some services where the client identifies itself by presenting a username and password (after verifying the service’s identity, of course).
We use strong ciphers and follow best practices for SSL/TLS usage.
When you set up a new client, that client creates a 2048-bit RSA key which never leaves that machine. The key is stored in that user’s AeroFS configuration folder (location varies by platform) and is set to be only accessible by the user setting up AeroFS. The client generates a certificate signing request, which connects to your AeroFS Appliance over TLS and verifies that the appliance’s certificate is signed by the AeroFS Appliance root CA (this CA is unique per AeroFS Appliance deployment and is generated on first boot).
The AeroFS client then provides your username, the certificate signing request, and the scrypt-derived password to the Appliance, which verifies that the username and scrypt-derived password match. The Appliance signs the certificate signing request and returns the freshly-minted certificate to the authorized device. This certificate will then be used in various communications.
Our implementation uses OpenSSL. We are subscribed to the OpenSSL security advisory mailing list and we update our OpenSSL version promptly when upstream releases security fixes.
We take all security issues and concerns seriously. If you believe you’ve found a security problem relating to AeroFS, please get in touch with us at firstname.lastname@example.org
When disclosing security issues to us, we ask that you: