Security

At AssetPass, securing your digital assets is our top priority, so we have taken a zero knowledge approach to our architecture. You will see this with our simple registration where we minimise the amount of personal information from you.

Your Multi-part encryption keys are used to encrypt your archives on your device before they are uploaded to the cloud. This ensures security in transit and also zero-knowledge of what is stored. The keys are then stored on separate, hardened servers with your trustees only receiving one part of the key. This ensures that the trustees releasing your archive will never know what is being transferred. Here are the measures and processes we have in place to keep your data safe and secure:

1. Backup

Our backup system is designed to protect your content from data loss or infrastructure failures. We take the following measures to ensure high durability and availability:

1. Primary Storage: Content is initially uploaded to an Amazon S3 bucket.

2. First Level Backup: Content is replicated across different S3 regions (e.g., USA, Europe, Asia) to ensure redundancy.

3. Second Level Backup: Content is also copied to S3 Glacier, a cold storage service.

4. Daily Backups: A daily cron job creates copies of the S3 Glacier content and database backups to an external service, such as Google Cloud cold storage.

2. Content Location

AssetPass stores assets by the archive id. This is to ensure that in the unlikely event a rogue actor gains access, they are unable to ascertain who the archives belong to.

3. Encryption

We employ military-grade encryption strategies to protect your digital assets:

1. On-Device Encryption: Archives and encryption keys are encrypted on your device using AES-256-GCM before uploading to our servers. Once archives are encrypted, they are only decrypted if the owner wants to make changes to it or when it has been released.

2. Server-Side Encryption: Once uploaded, the content is automatically encrypted with server encryption using the Amazon S3 (SSE-S3) service (internally using AES-256-GCM encryption).

3.1. Key Transfer

When you create an archive, a multi-part encryption key is used to encrypt your archives. This archive key is then transferred through your trustees to your beneficiaries through the following process:

1. The archive keys are first decrypted with the owner’s master key. Then the archive keys are re-encrypted using the RSA (4096 bits) public keys of your trustees before uploading to our server.

2. When the trustee accepts the archive, the encrypted archive keys from 1 are downloaded, decrypted with the user’s private key, re-encrypted with the trustee’s master key using AES-256-GCM before being uploaded to our servers for storage.

3. In a similar fashion, when the archive is transferred to the beneficiaries, the encrypted archive keys are downloaded to the relevant trustee’s and owner’s devices, decrypted and re-encrypted with the beneficierie’s RSA (4096 bits) public keys. These keys are then transferred to the beneficiaries device on acceptance and used to decrypt the archibe.

4. Password Security

Assetpass ensures password strength by requiring the password to meet specific criteria, such as:

1. Minimum length

2. Inclusion of mixed case characters (at least one lowercase letter and one uppercase letter)

3. At least one number

4. At least one symbol

5. Cannot include parts of the email address, name, or phone number (case insensitive)

The app will check the password locally against a list of common passwords included in the app’s binary and disallow any matches. During the registration process, the app will query the HaveIBeenPwned API to ensure the chosen password hasn’t been compromised in the past.

The same validation process will be applied when users want to change their password.

5. Database Security

Database content in AssetPass is encrypted using Amazon RDS’s automatic encryption services.

The PostgreSQL database stores the following metadata for archives, archive items, and archive keys:

Archive Items

Filename
Type of file
Thumbnail (base64 encoded)
Path in Amazon S3, where it is located
Expected MD5 checksum of file

Archive Keys

Encrypted archive keys for each archive/user pair (these keys are encrypted with users’ master keys, which are only available to them in the apps).

6. Protection Against Man-in-the-Middle Attacks

To prevent man-in-the-middle attacks, AssetPass uses Certificate Pinning to secure API calls by pinning to the “Leaf public key,” the first certificate in the chain. This enhances security but requires app updates whenever the SSL certificate is renewed.

To manage this, the apps will include a “force-update” feature. This feature ensures that old apps become unusable if an SSL certificate is compromised and needs to be updated.