During sign up, we take your password and apply the scrypt key-derivation algorithm with a per-user salt to produce a hard-to-compute shared secret.
We never store your password in plaintext, ever — neither on your machine nor on the AeroFS Appliance.
When you set up a new client, that client creates a 2048-bit RSA key which never leaves that machine. The key is stored in that user's AeroFS configuration folder (location varies by platform) and is set to be only accessible by the user setting up AeroFS. The client generates a certificate signing request, which connects to your AeroFS Appliance over TLS and verifies that the appliance's certificate is signed by the AeroFS Appliance root CA (this CA is unique per AeroFS Appliance deployment and is generated on first boot).
The AeroFS client then provides your username, the certificate signing request, and the scrypt-derived password to the Appliance, which verifies that the username and scrypt-derived password match. The Appliance signs the certificate signing request and returns the freshly-minted certificate to the authorized device. This certificate will then be used in various communications.
The clients communicate amongst themselves through TLS atop a variety of other transports, including direct TCP over a LAN, and a relay server on your AeroFS Appliance when direct network connectivity is impossible.
Each client has a 2048-bit RSA key and a certificate signed by the AeroFS root CA, as described above in Device Setup. We currently use the DHE-RSA-AES256-SHA ciphersuite, which establishes an AES-256-CBC session between the two peers.
Each client verifies that the other client it is communicating with is:
certified by the AeroFS CA to represent the device and user claimed,
not listed as using a certificate with a serial number revoked by the AeroFS root CA, and
authorized to send and receive information about the relevant shared folder.
All file data and metadata sent between peers is encrypted end-to-end through this TLS channel, so neither network sniffers nor our relay server can see your data.
While many actions on AeroFS are purely device-to-device, some actions require talking to the central AeroFS Appliance. These mostly relate to account preferences, administration of shared folders, and information to help us improve AeroFS.
For these communications, we use connections secured with TLS.
Where possible, we use the same client certificate signed by the AeroFS root CA as used in the peer-to-peer communications to verify identity, but we also have some services where the client identifies itself by presenting a username and password (after verifying the service's identity, of course).
We use strong ciphers and follow best practices for SSL/TLS usage.
We use certificate revocation lists to revoke the certificates for deleted devices. When you unlink or erase a device, we mark the certificate associated with that device as revoked.
We then notify each of your clients–either immediately, or as soon as they come online and reconnect to our push notification service–that the revoked device is no longer to be trusted.
Our implementation uses OpenSSL. We are subscribed to the OpenSSL security advisory mailing list and we update our OpenSSL version promptly when upstream releases security fixes.
We take all security issues and concerns seriously. If you believe you've found a security problem relating to AeroFS, please get in touch with us at firstname.lastname@example.org
When disclosing security issues to us, we ask that you:
Share the security issue with us in detail.
Give us a reasonable opportunity to address the issue before making any information about it public.
Act in good faith not to degrade the performance of our services (including Denial of Service attacks).
Not violate the privacy of other users.
All security-related emails from AeroFS will be signed with this PGP key. You're also welcome to use this key to encrypt security related communication emails to us.
|Key Size||4096 bit|
1224 692E 7E32 9664
1324 0BFB A3D2 4EC3
|User ID||AeroFS <email@example.com>|
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: SKS 1.1.0 mQINBFE2SKsBEAC91DjtMEV2mgyB02N69L0eaaCbdS5IGT22Pgijkm26XAH/It4IVLn76t2k AZS2tV5R7PDfFU3WJqZclseWkoxp+KrSeCOllx0+X4VyP5HX2MDQPOW6fjYcFXep9DvJ+R94 z6Ho6gnvewCxUTswHTw5T0oku8ag8Frobdj9DmnV/B8G4nBnJXGyP9n3eAFdPcGAsfrwAoDa yeutjqsapPTxF5WSpxY1UIcqI8hBvOAdDsszYjXC3AZdEt7xdm8m9M44L1fWA4iG/DS6frWG uNQOn6smZUx+RRn40negGwcI3RP871tAFfNkDxhgt+F3gnK9Nqkqrsub4Jyyit4CggJn9x3J oJjfIkC1rYLqzpaqNngOquZPLxOwpIzjl48Q2xoF3ca8pK4PcxxXae0m+eTu/VShHvvlear2 caHYDRUZzZjv4MdC4ZNg4V3FtOFp6efgN7p5sPTm9eOhG2sHz6/FURCcshBExk7MBi1IBfSB JMcgic2ksk5wml4B0cs9EFABYOtjphW9gsv4cq/Vj2K/K1JZfm/4JhcsFGbnDLH2dow+Mtvq oN9oinQfTbKbqkwT83lVHK3t/7Q5zBlLzYuXoV0/0RAgxbpr0xlH1pQJEE9jnoN5gm9KXfnX XvGV30/BTJVoa4pkxVOdnWlVu7Q6UL5G6JEGiiGMOkExgmmXswARAQABtBxBZXJvRlMgPHNl Y3VyaXR5QGFlcm9mcy5jb20+iQI4BBMBAgAiBQJRNkirAhsDBgsJCAcDAgYVCAIJCgsEFgID AQIeAQIXgAAKCRCj0k7Dbh3J+W8PD/9UwGLZIpQcZ6zWzMNeDXH626WpBRb8rw0/2h4Rm55V 9lD7PV/71QVzcdCT0leTVbXkt0952oGc1wxQBUcymJwcEzNWX5nkdWGPWTIJuvXqGBQZaGuo TYHOhC8c8azJT6L20n3IUiyE3yV1PjyLIV43x0nOvlCcpAQIqkNjkkjoIE/W0XRiQez7hc14 Rg05/3RLUgvC/ZTsQ2rb4pkjc+9Yoarqf6JiLfL2eyLyVmb/hQhh0tOtohpYQFjGju2UbTR7 0ATbP/TZg66bULvrkLRZC0W5DrShIkJ9RPKpA7jd9c5V3sLIhnU4W4ylF1DMYn0wqx/9UwBx Onx1MqbxRi6fwL13w4LQrc7McnfI0gUJUsZha6qcZ0aROgfdRVoG28Ro7xEAxp4HE85DLqxZ fN9Q/HcJHFw+Rejc1FTaO3Thf7WWIPOii31vm/7QyNnZA9tLwNqpKGVsPMs6nIdY3LXUjLIr xS8cfHWBID69beuJtyP3CFulQNk3XBpu4Hgh4eZVCOUyXTUz3PFl2xdE+Y+Cy5U+NVeEfKrv Xg8FE33oqVYsLsCo2t1q35ENV+Ft7dQZfs11kCpYEiAPKJuhgdTjhMVIYqbXgwL0/dq7d2SP y76Sr+lmZYSpfDrksKS4TR1O82qYe/3XzHp8tyY5H7/1BP2wl2r+qdw94mxvDjyJdLkCDQRR NkirARAAv3f88zpVrMky9eHfqamQG8yNh6QWPGONxhGua+FwpN23DFPOzBadTCennQSA/C05 1VBUcbjJivQXsiMiCduSA89uisA5Ez2g1+zMGCMZnOnJIVV8QajG/+QRK3YjZhdV6JtKOSTe nSJui6Xc+E7fHxbcEIxpNb/FsfkcmG2N86gTvP82DcO3FkTTj8pialS6I/lq7uFKW9Yyh75D 3LQqOADqx9VLgkgvfhihVfuqQtS86Xc8qkZ8V/r0JeEAEO950xsOjCdToOZVQGviOHtlYY1q StBbi6GjhiPQ74jT7nKn7bWU7NeITZCnUPxabcds/lO1zhwd20SEKxV0KIFW2uNhUxmXOFcY HNVIn91HiMDy6J335pk5vnUVwPeuVQwhzFX8OXz79wAVlNFZQrlfVmyDxWVTUSnocttLJFAM M6v2vpHy/7+0FB9bBgcTPSiap5dSAfNhb0gWFfe5SSbjPbcqH0qWOQQlVw/DcXHyaWTBEiJ/ v8aJHF8ZC7kMe3MecIEEjkG6yAoE/1ZXrV/CMVlBUsbBVjL9gFy2AfllJvKGLKODxkPsaSy0 tibuA7U5an0bsNHJyQekaebJEFzZhVOwC1jNZKdWCXcaBTxirXyb+xKLn4rbZKdG3vP++Gi7 7tYaaSKXQ3li4h0DEHnGcPPCjZru9ZqB80jqr2iG3KMAEQEAAYkCHwQYAQIACQUCUTZIqwIb DAAKCRCj0k7Dbh3J+TGMD/9SnUO9Owozb7fbZG7OYefYPo9My7/hAa06B+7IZiw0p9VHx3ND ZFK7dDQWRrqLQAhCH7Y7z0eL2wmDf0gVKsSvObkllPVn9QhwW/T/HKpX6eBbbiwJDtmq2pTH 0r7z/LAgcAv1dkQmGoo2aJj0rG122k79ybHyJvqV+v4RHJpqSxnLbYCKa1y3COV2Uqdqpo5Z TX8j431edNmMXwEStMkCVWfTtbWX0FupZ7ruFtTcOBKjFvQdxGb7M68sCfOlG1M29hP6swpt AeNpRqHEL+jrJWHCuDjKFvEVsZnahLliNa1gFWNtCY50GBALP26mfcTE+b5u5uUuJ/LRUCH3 y5BfGq5OqhID+6bcZbSYqR2GVWybd3zNydFU8K4qia788Ff9dOuo07OvQGtyvtJK5drWKt+/ oF+8iUIlrs5o86Tvvag/6ZkBG5MNHfcpllBjC4p40uBDrUkD8sQEJZEG04gcluVjKCPO+ilv es0wbObLnI4yYrsabDCQIPRj65ZEcGkBtEJP3ShcSVt2Xvt/e5SMp02pmCUFIM3KhxEdlEO+ dYTbZFrdD7q/oC5LtSGjbeMN+D/RtBdyMkVdAfO8f/Jd+6GplvMPxmxEQeVCRGHyUAsgclQ7 eMCtixwIrHQsE2I4h7OHvfII0YgYCW6mkyznFbgikhDoWfNcWUEvsJtOCA== =j1ZP -----END PGP PUBLIC KEY BLOCK-----
minutes to deploy