Cryptum
In a world where data is the most valuable commodity, a person's information is constantly at risk. Commercial solutions often sacrifice security in the name of profit, and this negligence trickles down to users in negative ways. We wanted to create Cryptum, a file storage app that does better by utilizing the Tillitis TKey technology to ensure that a user's data is secure.
The Tillitis TKey contains a chip that can run secure firmware. This means that cryptographic protocols can be implemented in such a way that requires the possession of a specific TKey. The website provides an easy-to-use UI to securely log in and handle the encryption/decryption of all files. Users can store and retrieve files while being sure that their data is safe.
We used many different technologies in the development of Cryptum. For the frontend and backend of the website, we used node, svelte and typescript. To store user information, we used CockroachDB, and to store the files themselves, we used Google Cloud Object Storage Buckets. We also interfaced with the Tillitis TKey with C code, using WebUSB to flash a binary file and allow for file encryption/decryption. For the domain, we used domain.com to gain access to a fitting hostname.
Due to the complexity of our project, there were numerous problems with each component and their interoperability. On the hardware side, interfacing with the TKey was quite difficult, given that WebUSB is a relatively new technology. We were also forced to learn about implementations of cryptographic protocols and their best practices, which were quite new to us. CockroachDB, which we used for our general information database, also had TLS certificate issues, and we both lost time and had to find a way around those.
