Skip to content

Security framework for building multi-user end-to-end encrypted data storage and sharing/processing with zero leakage risks from storage and transport infrastructure.

License

Notifications You must be signed in to change notification settings

cossacklabs/hermes-core

Repository files navigation

End-to-end secure data storage, processing, and sharing framework with zero trust to storage/exchange infrastructure.


End-to-end secure data storage, processing, and sharing framework with zero trust to storage/exchange infrastructure.


GitHub release Circle CI Platforms


What is Hermes

Hermes — cryptographic framework for building multi-user end-to-end encrypted data storage and sharing/processing with zero leakage risks from storage and transport infrastructure (so called end-to-end encrypted zero knowledge architectures).

Hermes acts as a protected data circulation layer with cryptographic access control for your distributed application, with zero security risk of data exposure from servers and storage.

Hermes allows deploying end-to-end encrypted data exchange, sharing, and collaboration in your apps. Hermes is platform-agnostic: it works for mobile, web, or server applications storing data in any database/datastore.

What is Hermes-core

Hermes is a proprietary framework licensed by Cossack Labs.

Hermes-core is an open source (AGPL 3.0) repository for developers and security community that illustrates proof of concept of Hermes, which should be used for studying and verification of the methodology and cryptographic backend. Hermes-core is not a production version of Hermes but more of a sneak peek of its core layer.

Drop us an email to [email protected] if you are interested in commercial license or support.

Features

  • End-to-end data security
  • Client apps are responsible for data encryption and access control through using Hermes, while the server-side knows nothing about the nature of data.
  • Data model-agnostic
  • Hermes imposes no limitations on data structure and database choice.
  • Bulletproof cryptographically
  • The ACL in Hermes relies completely on cryptography, where trust is bound to client’s keys. As long as the keys are safe – the system is safe.
  • Security cornerstone
  • With a solid security foundation on the data layer, building other security controls gets easier, the risk model becomes precise, and the overall security cost goes down considerably.
  • Defence in depth
  • Hermes provides a foundation layer of data protection, Hermes is fully compatible with the following layers of security controls: TLS, firewalls, WAFs, SIEM, IDS, etc.
  • Searchable encryption ᵉ
  • available for enterprise customers in a separate license.
  • Provides pseudonymisation ᵉ
  • Audit log protected cryptographically ᵉ
  • Use cases and industries

    Perfect Hermes-compatible applications and industries
    HealthcareShare FHIR and other medical records safely and distribute granular access to personnel in a secure way. Cut HIPAA costs by pushing many security controls to the encryption layer.
    FinanceStore and process customer payment data securely, minimise insider threats and enable secure, accountable cross-organisation data exchange.
    EnterpriseProtect commercially sensitive data and enforce access control, integrate with existing PKI and IAM stack, enforce group policies and efficient key/storage management – while keeping the data end-to-end encrypted.
    B2C: Customer appsInstill greater trust in your product by implementing end-to-end encryption of customer data. It’s not only E2EE messengers that deserve the right to use user trust as competitive advantage.

    Data model

    Hermes operates with data that is subdivided into records that represent the hierarchy of recordsets and groups of recordsets. Each blob of data is encrypted using a symmetric key, from which a set of hashes is generated. Possession of a symmetric key by a user allows reading and carrying out other processes on hashes (including with writing data).

    In Hermes-core a document equals a block and is not subdivided further as it is a basic building block for the hierarchic infrastructure of Hermes.

    Hermes entities

    There are 3 storage entities in Hermes (and, consequently, in Hermes-core) that constitute the Server side:

    • Data store contains the hierarchy of encrypted objects.
    • Credential store stores keys and hashes, asymmetrically encrypted in such a way that can only be decrypted by authorised user’s private key. Those can contain access control key which grants READ access and Update Tag which allows performing WRITE operations.
    • Keystore contains the symmetric keys (for READ and UPDATE), with as many copies of these keys as there are users authorised to access to the record, where every copy is wrapped (asymmetrically encrypted) with a public credential of the respective authorised user. If the permissions to READ and to WRITE extend to not just blocks, but to the list of blocks, they turn into permissions to DELETE/ADD elements.

    The 4th entity of Hermes is Client:

    • Client (or clients) is the active entity in the Hermes architecture, the one that actually produces or consumes the data. Client only possesses the keypair that allows decrypting the asymmetrically encrypted data from the Server. The READ permissions are always checked on Client. The absence of the key for performing READ operations will not allow Client to decrypt the downloaded piece of data. The WRITE permissions are checked both on Client and Server so they cannot “fool” each other.

    Documentation and papers

    Installation

    You can build Hermes-core manually from source or install it from the available package manager.

    Languages

    Hermes-core is available on C, however, client side applications are implemented on C, Python and Go:

    Platform Tutorial Code example
    C core / C client Local CLI tutorial docs/examples/c/mid_hermes_low_level
    C core / C client C tutorial docs/examples/c
    C core / Python client Python tutorial docs/examples/python
    C core / Go client Go tutorial docs/examples/go

    Moreover, Hermes natively supports:

    Server side Client side (language)
    Docker, VMs, GCP, AWS,
    Ubuntu, Debian, CentOS, macOS
    iOS, Android, Java, Ruby, PHP,
    Python, Node.js, Go, Rust, C/C++

    Availability

    Hermes itself supports the following architectures: x86/x64, armv*, various Android architectures:

    • Debian (8, 9), CentOS 7, Ubuntu (14.04, 16.04, 18.04),
    • macOS (10.12 - 10.15, 11),
    • Android (4 - 12) / CyanogenMod 11+,
    • iOS (10 - 15),
    • Docker-containers, VMs.

    Hermes-core has limited support, only x86/x64 platforms.

    Examples and tutorials

    Consider checking full tutorials to understand how to add and update blocks, grant READ and UPDATE access rights to users, revoke access rights.

    • Usage examples describe how examples work and what are the possible usages for Hermes-core.
    • C tutorial, where both Hermes and client app are written in C.
    • Python tutorial, where the Hermes app is C-based, but client code runs on Python.
    • Go tutorial, where Hermes app is C-based, but client code runs on Go.

    GDPR, HIPAA, CCPA

    Hermes can help you reach better compliance with the current privacy regulations, such as:

    Configuring and using Hermes in a designated form will cover most of the demands described in articles 25, 32, 33, and 34 of GDPR and the PII data protection demands of HIPAA, allowing you to cut the costs by pushing the security controls to the cryptography layer.

    Licensing and commercial support

    Hermes-core license is GNU Affero General Public License v3.0.

    There is a separate, commercial licensed Hermes version for industrial use (its core crypto code is similar to this repository, yet it holds additional convenience interfaces and services). Commercial license can include custom cryptographic engineering (building cryptographic scheme based on Hermes for your use-case) and engineering support.

    Drop us an email to [email protected] if you are interested.

    Contacts

    If you want to ask a technical question, feel free to raise an issue or write to [email protected].

    To talk to the business wing of Cossack Labs Limited, drop us an email to [email protected].

    Blog Twitter CossackLabs Medium CossackLabs