The Problem
Sending a file from one computer to another is common and should be simple, but it can be surprisingly complicated, even in 2020. This simple-yet-complicated user story is illustrated in xkcd comic #949.
How should you send a file from your computer to someone else’s computer? What security and privacy concerns should be considered?
Let’s review some of the more common options:
- Send the file as an attachment via email to the other person (or yourself). This option fails for big files and is not secure, as email is vulnerable to man-in-the-middle attacks, even when encryption is used.
- Host the file on a web server reachable by the other computer. This requires some technical skills and some infrastructure to be set up. One could use third party infrastructure like mediashare, Dropbox or send.firefox.com, however, most of these services are not secure, as the service provider may be able to read these files. Some of these services also have restrictions on the size of the files and the time the file storage is provided before they are deleted.
- Use protocols like File Transfer Protocol (ftp) or secure copy (scp). For a non-tech savvy user, using programs that implement these protocols are difficult.
- Send via instant messenger/irc or a chat application. Many of these programs implement some sort of file transfer protocol, but whether or not they are secure depends on the implementation. Most of the popular ones (such as Facebook Messenger) are largely insecure and the provider of the service can read these files or when using encryption, have access to the metadata.
- Use USB dongles. This is quite a viable option if the two computers are within reachable physical distance or if the time to deliver the dongle from the sender to the receiver is tolerable. Unless one is using an encrypted file system for the USB disks, this method is insecure. Anyone who can lay hands on the disk can read and copy it and there are countless ways it could get lost or damaged in transit.
If we assume one or both of the two computers transferring files is a smart phone, then the options are fewer and the security risks are higher. First, these devices do not expose the concept of a “file” to the user (instead they have “photos”, “documents”, “videos” etc). Then, one needs to rely on unverified, sometimes ad-laden apps available in app stores to transfer files, which may not be secure.
Meeting this common need for simple, secure file transfer is where Magic Wormhole comes in.
Magic Wormhole is a secure protocol to send short messages and files/directories from one computer to another without using the sender’s or receiver’s details, such as IP addresses, hostnames, email addresses, phone numbers etc. Magic Wormhole was designed by Brian Warner, who provides a reference Python implementation which is shipped by a number of GNU/Linux distributions. The goal of Magic Wormhole is to achieve easy, private and ideally also anonymous, file transfer between two consenting devices (desktop-to desktop, desktop-to-mobile device, mobile device-to-mobile device). Magic Wormhole uses SPAKE-2—a PAKE (password authenticated key exchange) —which is a means for two parties to derive a strong shared session-key from a low-entropy password.
Our Work with Magic Wormhole
In 2017, Least Authority was awarded a grant from the NLNet Foundation to work on implementing a Magic Wormhole client in Haskell and Rust. Haskell is a safe, purely functional, strongly/statically typed programming language which is seeing a lot of industry adoption of late, particularly in the financial/banking industry. Rust is a memory safe, strongly typed, low level language, originally from Mozilla, the non-profit makers behind the Firefox browser.
Both the Rust and Haskell implementations are on par with the features available in the Python reference implementation. The Haskell version supports transfer via Tor protocol when a user wants complete anonymity. The Rust implementation can be used as a base for devices with limited memory, like smart phones, embedded routers, etc., but does not yet support Tor. We also have a very basic Android client that uses the Rust library to do basic message transfer.
Magic Wormhole for All
This year, we were awarded funding from the NGI Trust program to explore commercial opportunities for Magic Wormhole. We’ve named this project, MW4ALL—Magic Wormhole for All. Our objective is to investigate how to develop a sustainable product built on Magic Wormhole and to determine how to scale it technically without compromising the security or the important aspects of decentralization. In other words, how do we bring Magic Wormhole to the masses for everyone to enjoy safe and simple file sharing?
Since Magic Wormhole doesn’t require a unique identity per user or personal data (like a phone number, email address, or username) and instead uses a shared secret per transfer, it is more privacy-friendly than existing options, and may be more GDPR compliant—or even exempt.
We think that Magic Wormhole could be a solution to the problem of two computers being unable to easily — let alone privately — exchange a file. Now we are in the process of thinking through the real life use cases that could be best serviced by what we develop in this project.
After we wrap up Phase 1 of this project, we will publish more details about how Magic Wormhole technically works currently, and how we plan to change it for our target use cases. And remember: Magic Wormhole itself is open source, so it will always be available for anyone to use and adapt, regardless of how we adapt it for this particular project.
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under the NGI_TRUST grant agreement no 825618.