notesum.ai

Published at November 21

Designing a Secure Device-to-Device File Transfer Mechanism

cs.CR

Released Date: November 21, 2024

Authors: Chaitanya Rahalkar¹, Anushka Virgaonkar

Aff.: ¹Georgia Institute of Technology

Arxiv: http://arxiv.org/abs/2411.13827v1

Refer to caption

	Overall Security	End-to-End Encryption	Source	Intermediary Involved	Eavesdroppers
Google Drive	Account-based	No, keys held by Google	Closed Source	Yes (Google Servers)	Google, CAs
WebRTC	DTLS	Yes	Open protocol design, FOSS libs	No (STUN Server to get Public IP)	None. Peer-to-peer design
Our Implementation	sPAKE, NaCl Crypto	Yes	Open protocol design	Yes (Relay server)	None, property of PAKE
FTP	Password-based access to servers	No	Open protocol design, FOSS libs	Yes (FTP server)	FTP server host
Email	TLS	Only in PGP/S-MIME	Open protocol design, FOSS libs	Yes (Mail server)	Mail servers (None in PGP/S-MIME)
SCP	AES, RSA/ ECC, HMAC	Yes	Open protocol design, FOSS libs	No	None