The basic user interaction with ResVault consists of:
- GatorLink authentication
- Research Computing authorizes use access after required training has been completed
- ResVault creates for each user a public/private key pair that is used to authorize and secure all operations and log all transactions
- The user’s private key is protected by a strong password (not the GatorLink password).
- The private key must be backed up, because if that key is lost, the data it protects can no longer be decrypted
- In the event of a lost key, you will have to create a new key. Data that was previously shared with another user can be accessed by asking that user to share the data with your new key.
A couple commonly asked questions about the process for using ResVault (click to expand answer):
- Why not use SSH and SFTP for ResVault?In short, both these protocols break the ResVault security model of end-to-end encryption.As an example, consider a case where a user sends interactive commands in a terminal window through an SSH connection to a remote computer like HiPerGator. The command content (the text) is encrypted by the SSH client software packet by packet. Each packet then travels to the destination. Nobody can read the content of these packets while they travel through numerous fibers, cables, routers, and switches. At the endpoint, the SSH daemon to which the client is connected will decrypt the packets and present the content to the shell running on the remote system. Alternatively, consider an SFTP session to transfer a file: the SFTP client reads the file and encrypts the content of each packet worth of data from the files to send it to the destination, just like SSH does. At the destination the packets get decrypted. Even if the file is being written to an encrypted file system, there is a place (in the SFTP daemon) where the file is decrypted before it get encrypted again in the file system.The tiCrypt software in ResVault works differently. It uses the secret key of each user to encrypt any commands and any files before they are sent through an SSH connection. Each packet gets encrypted again for transmission, but the content that is encrypted is already encrypted. When the packet is delivered, it is decrypted with the SSH or SFTP keys, but what is revealed is still encrypted with the tiCrypt key. The file gets written to the file system. At no time can anyone in the server see or reconstruct the content of the file.
The work done by SSH and SFTP is replaced in tiCrypt by tiCryptConnect and tiMover. With tiCryptConnect, users can enter commands into a terminal window on a secure virtual machine; this then ensures that the commands are only visible to the user working remotely with that virtual machine.
- How is the private key password different from my GatorLink password?We all have numerous password to access services and systems. These passwords provide access to a system that is managed by people who are trusted with whatever information you provide to the service or system. Examples are GatorLink credentials for managing access to UF services and systems, credentials to your online bank service, credentials to Dropbox, Google mail, etc.The private key that is created as part of the registration process for working in ResVault is different: This key provides you as the only one with access to your data, unless you explicitly share it with someone. Administrators of the ResVault system, even with all their privileged access to the ResVault system, cannot access your data.
You must encrypt the private part of the key with a strong password and protect it. To make sure you do not forget it, write it down on a piece of paper, and put that paper in a envelope and store it in a safe place you will not forget. For example, in the bank deposit box in which you keep precious family jewels.
The basic actions in the ResVault system are the following: