The SecureSuite is a place to keep your private information private, where you are in control without a need to trust Google, third parties or governments. Want to share with others? Have a contact, calendar event, note, file or photo you want to share with someone, no problem. Encrypt the item with their public key and only they can get it and they can confirm it came from you. Worried that your online provider is compromised by details of their terms and conditions (that they will sell your stuff), or that the on-line provider sells back-door access to others, no problem. They can only see encrypted jibberish, your private key can only be accessed by you and your data is stored in the blockchain, not dependent upon a single service or source.
It is unfortunate but this is the world that we live in, you can’t trust anyone.
The SecureSuite is a set of tools that look and operate much like the cloud-based tools
you use every day. This means that it is familiar and easy to use, no learning curve required.
Currently, the SecureSuite operates off of an encrypted SQLCipher database with a front end using the same look and feel as Google. It has been used around the world but given it was built when blockchain was in its infancy, it does not leverage blockchain’s distribution and security.
The blockchain brings two main advantages. One is it can provide a secure backend to SecureSuite. The app needs deep storage to keep a backup of each contact, each photo, calendar event or file. The second advantage is the blockchain’s distribution. When a user desires to share a secure item with another user, the blockchain can be the vehicle to allow secure access to that item that is not dependent on a single source that can be disrupted.
The key feature is ease of use. If it is complicated, it will not get used. Real users should never need to think about public and private keys. The system makes it easy to use without forcing the user to understand how cryptology works. The user just says I want to share ‘this’ with ‘someone’ and the software does the right thing.
Under the hood, when a user shares a document with another user, SecureSuite
keeps the document in Blockchain deep storage.
It uses a public key to encrypt access details for the receiving user.
The receiving user’s private key is used to expose an access method and confirm the sender.
It is understood that the world of cryptography is in transition. Initially, when there are few users, the system knows when a receiving user has blockchain technology. If they do, great, all their communications and transactions with the receiving are fully secure. But the world we live in is not perfect, some users will need months or years to adopt new blockchain technologies. The system will know if a receiving user has a private key and if they do not, it will provide best effort security. Much like the Signal SMS text app operates, it will inform the sending user the state of security. We want ease of use but will never rely on blind trust, or on assumptions on what security the receiving user may have.
Imagine a world where anybody, anywhere can collaborate,
establish the rules of that collaboration, enforce those rules,
exchange value, and do it all on the blockchain. No government, no banks, no corporation,
just trusting in math.
That is what we want to do with SecureSuite for private information such as contacts, calendar events,
notes, files, and photos.
Wouldn’t it be great if a living will is released to specific parties, only when certain conditions
are met, and to validate documents using math to confirm that the released documents are proper.
Wouldn’t it be great if I send a routing number and account number to someone, and only they can read it, and they can verify that it came from me. There are countless examples.
Why start from SecureSuite? Three reasons:
- Existing user interfaces make it easy to use. SecureSuite has the same use patterns, look and feel as Google. It is specifically formatted to look good on phones, on tablets, and in big screen web browsers.
- Locally all data is encrypted. The SQLCipher database uses military grade encryption. The Virtual File System uses military grade encryption. Access is granted via either YubiKey dongle or the password of your choice. The database password or your personal password can be re-keyed.
- The backend is designed to continuously backup all transactions to a remote device.
To use the blockchain, the backend methods will be modified to use blockchain.
Visit the Wiki for more help and feel free to contact us at any time.
Get the opensource code from Github.
Become a supporter to help make this happen.