The problem Cipher Box solves

Cipher Box is an innovative TOTP (Time-Based One-Time Password) generator and Password Manager application, designed to address the concerns of cloud storage for sensitive user data. Unlike traditional systems such as Google Authenticator, which store backups on the cloud, Cipher Box takes a different approach to ensure the utmost security and privacy of your data.

The primary concern with cloud storage is the lack of transparency and control. Users often don't know where their data is stored or who has access to it. Cipher Box eliminates these concerns by providing an end-to-end encrypted password manager built on the Internet Computer.

Cipher Box leverages VETKeys, a feature on the Internet Computer for onchain encryption and privacy, to encrypt passwords and secret keys on the client side before storing them on backend canisters. This ensures that the user remains in control of their data at all times. The encrypted symmetric key for user is generated by VETKeys system api with transport public key and is decrypted on the client side using the user's principal, transport secret key and VETKeys system api public key. This decrypted symmetric key is then used to encrypt the user's passwords and TOTP secret keys. And also this symmetric key is used to decrypt encrypted passwords and TOTP keys that are stored in backend. Encryption and decryption occurs only on the user device.

The result is a system where users can securely store their encrypted passwords and TOTP secret keys on canisters, of which they are the controller. Users can also decrypt their passwords and TOTP secret keys from the frontend using the decryption key.

With Cipher Box, you can rest assured that your sensitive data is secure, private, and under your control.

Challenges we ran into

While building Cipher Box, one significant hurdle we encountered was ensuring the security and integrity of the encryption process, particularly with the use of VETKeys for on-chain encryption. We had to carefully navigate the intricacies of the VETKeys system API to ensure that the encryption and decryption processes were robust and reliable.

One specific challenge was implementing the encryption and decryption logic securely on the client-side while integrating it seamlessly with the backend canisters. Ensuring that the symmetric key generation, encryption, and decryption processes were performed correctly and securely posed a considerable challenge.

To overcome this hurdle, we conducted extensive testing and validation of the encryption and decryption processes at each step. Additionally, we continuously monitored updates and improvements in the VETKeys system API to incorporate any enhancements or fixes that could enhance the security of Cipher Box.