Custos: Increasing Security with Secret Storage as a Service

In the age of cloud computing, securely storing, tracking, and controlling access to digital “secrets” (e.g. private cryptographic keys, hashed passwords, etc) is a major challenge for developers, administrators, and end-users alike. Yet, the ability to securely store such secrets is critical to the security of the web-connected applications on which we rely. We believe many of the traditional challenges to the secure storage of digital secrets can be overcome through the creation of a dedicated “Secret Storage as a Service” (SSaaS) interface. Such an interface allows us to separate secure secret storage and access control from the applications that require such services. We present Custos: an SSaaS prototype. We describe the Custos design principles and architecture. We also discuss a range of applications in which Custos can be leveraged to store secrets such as cryptographic keys. We compare Custos-backed versions of such applications to the existing alternatives and discuss how Custos and the SSaaS model can improve the security of such applications while still supporting the wide range of features (e.g. multidevice syncing, multi-user sharing, etc) we have come to expect in the age of the Cloud.