The Ultra-Simple App That Lets Anyone Encrypt AnythingBy Andy Greenberg
Encryption is hard. When NSA leaker Edward Snowden wanted to communicate with journalist Glenn Greenwald via encrypted email, Greenwald couldn’t figure out the venerable crypto program PGP even after Snowden made a 12-minute tutorial video.
Nadim Kobeissi wants to bulldoze that steep learning curve. At the HOPE hacker conference in New York later this month he’ll release a beta version of an all-purpose file encryption program called miniLock, a free and open-source browser plugin designed to let even Luddites encrypt and decrypt files with practically uncrackable cryptographic protection in seconds.
“The tagline is that this is file encryption that does more with less,” says Kobeissi, a 23-year old coder, activist and security consultant. “It’s super simple, approachable, and it’s almost impossible to be confused using it.”
Kobeissi’s creation, which he says is in an experimental phase and shouldn’t yet be used for high security files, may in fact be the easiest encryption software of its kind. In an early version of the Google Chrome plugin tested by WIRED, we were able to drag and drop a file into the program in seconds, scrambling the data such that no one but the intended recipient—in theory not even law enforcement or intelligence agencies—could unscramble and read it. MiniLock can be used to encrypt anything from video email attachments to photos stored on a USB drive, or to encrypt files for secure storage on Dropbox or Google Drive.
Like the older PGP, miniLock offers so-called “public key” encryption. In public key encryption systems, users have two cryptographic keys, a public key and a private one. They share the public key with anyone who wants to securely send them files; anything encrypted with that public key can only be decrypted with their private key, which the user guards closely.
Kobeissi’s version of public key encryption hides nearly all of that complexity. There’s no need to even register or log in—every time miniLock launches, the user enters only a passphrase, though miniLock requires a strong one with as many as 30 characters or a lot of symbols and numbers. From that passphrase, the program derives a public key, which it calls a miniLock ID, and a private key, which the user never sees and is erased when the program closes. Both are the same every time the user enters the passphrase. That trick of generating the same keys again in every session means anyone can use the program on any computer without worrying about safely storing or moving a sensitive private key.
“No logins, and no private keys to manage. Both are eliminated. That’s what’s special,” says Kobeissi. “Users can have their identity for sending and receiving files on any computer that has miniLock installed, without needing to have an account like a web service does, and without needing to manage key files like PGP.”
In fact, miniLock uses a flavor of encryption that had barely been developed when PGP became popular in the 1990s: elliptic curve cryptography. Kobeissi says that crypto toolset allows for tricks that haven’t been possible before; PGP’s public keys, which users have to share with anyone who wants to send them encrypted files, often fill close to a page with random text. MiniLock IDs are only 44 characters, small enough that they can fit in a tweet with room to spare. And elliptic curve crypto makes possible miniLock’s feature of deriving the user’s keys from his or her passphrase every time it’s entered rather than storing them. Kobeissi says he’s saving the full technical explanation of miniLock’s elliptic curve feats for his HOPE conference talk.
Despite all those clever features, miniLock may not get a warm welcome from the crypto community. Kobeissi’s best-known previous creation is Cryptocat, a secure chat program that, like miniLock, made encryption so easy that a five-year-old could use it. But it also suffered from several serious security flaws that led many in the security community to dismiss it as useless or worse, a trap offering vulnerable users an illusion of privacy.
But the flaws that made Cryptocat into the security community’s whipping boy have been fixed, Kobeissi points out. Today the program been downloaded close to 750,000 times, and in a security ranking of chat programs by the German security firm PSW Group last month it tied for first place.
Despite Cryptocat’s early flaws, miniLock shouldn’t be dismissed, says Matthew Green, a cryptography professor at Johns Hopkins University who highlighted previous bugs in Cryptocat and has now also reviewed Kobeissi’s design spec for miniLock. “Nadim gets a lot of crap,” Green says. “But slighting him over things he did years ago is getting to be pretty unfair.”
Green is cautiously optimistic about miniLock’s security. “I wouldn’t go out and encrypt NSA documents with it right now,” he says. “But it has a nice and simple cryptographic design, with not a lot of places for it to go wrong…This is one that I actually think will take some review, but could be pretty secure.”
Kobeissi says he’s also learned lessons from Cryptocat’s failures: miniLock won’t initially be released in the Chrome Web Store. Instead, he’s making its code available on GitHub for review, and has taken special pains to document how it works in detail for any auditors. “This isn’t my first rodeo,” he says. “[MiniLock's] openness is designed to show sound programming practice, studied cryptographic design decisions, and to make it easy to evaluate miniLock for potential bugs.”
If miniLock becomes the first truly idiot-proof public key encryption program, it could bring sophisticated encryption to a broad new audience. “PGP sucks,” Johns Hopkins’ Green says. “The ability for regular people to encrypt files is actually a valuable thing…[Kobeissi] has stripped away the complexity and made this thing that does what we need it to do.”