Security is at the heart of everything we do at AeroFS. This page briefly describes AeroFS’s security and cryptography considerations and protocols.

Account Creation

During sign up, we take your password and apply the scrypt key-derivation algorithm with a per-user salt to produce a hard-to-compute shared secret.

We never store your password in plaintext, ever — neither on your machine nor on the AeroFS Appliance.

Lost or Stolen Devices

We use certificate revocation lists to revoke the certificates for deleted devices. When you unlink or erase a device, we mark the certificate associated with that device as revoked.

We then notify each of your clients–either immediately, or as soon as they come online and reconnect to our push notification service–that the revoked device is no longer to be trusted.

Device-to-Server/Appliance Communication

While many actions on AeroFS are purely device-to-device, some actions require talking to the central AeroFS Appliance. These mostly relate to account preferences, administration of shared folders, and information to help us improve AeroFS.

For these communications, we use connections secured with TLS.

Where possible, we use the same client certificate signed by the AeroFS root CA as used in the peer-to-peer communications to verify identity, but we also have some services where the client identifies itself by presenting a username and password (after verifying the service’s identity, of course).

We use strong ciphers and follow best practices for SSL/TLS usage.

Device Setup

When you set up a new client, that client creates a 2048-bit RSA key which never leaves that machine. The key is stored in that user’s AeroFS configuration folder (location varies by platform) and is set to be only accessible by the user setting up AeroFS. The client generates a certificate signing request, which connects to your AeroFS Appliance over TLS and verifies that the appliance’s certificate is signed by the AeroFS Appliance root CA (this CA is unique per AeroFS Appliance deployment and is generated on first boot).

The AeroFS client then provides your username, the certificate signing request, and the scrypt-derived password to the Appliance, which verifies that the username and scrypt-derived password match. The Appliance signs the certificate signing request and returns the freshly-minted certificate to the authorized device. This certificate will then be used in various communications.

Security Libraries Used

Our implementation uses OpenSSL. We are subscribed to the OpenSSL security advisory mailing list and we update our OpenSSL version promptly when upstream releases security fixes.

Responsible Disclosure

We take all security issues and concerns seriously. If you believe you’ve found a security problem relating to AeroFS, please get in touch with us at security@aerofs.com

When disclosing security issues to us, we ask that you:

  • Share the security issue with us in detail.
  • Give us a reasonable opportunity to address the issue before making any information about it public.
  • Act in good faith not to degrade the performance of our services (including Denial of Service attacks).
  • Not violate the privacy of other users.

Check out Amium, our new collaboration product that turns any file into a real-time activity feed and conversation.

Go